RT# 74537 - added checks in MyAccount.pm for config option ach read only

Conflicts: FS/FS/ClientAPI/MyAccount.pm
author: Christopher Burger <burgerc@freeside.biz> 2017-07-26 10:53:18 -0400
committer: Christopher Burger <burgerc@freeside.biz> 2017-08-02 16:46:04 -0400
commit: e08464c07d045dc946e9d4ea8decb8031a10411c (patch)
tree: c8a8bbffddb46e6ee663c2c2b22220282658b804
parent: 31f1e1bd302bd88d97d56b20dffad5c5f2388261 (diff)
2 files changed, 19 insertions, 3 deletions
diff --git a/FS/FS/ClientAPI/MyAccount.pm b/FS/FS/ClientAPI/MyAccount.pm
index 4614af2..1df91e4 100644
--- a/FS/FS/ClientAPI/MyAccount.pm
+++ b/FS/FS/ClientAPI/MyAccount.pm
@@ -722,6 +722,11 @@ sub edit_info {
   my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } )
     or return { 'error' => "unknown custnum $custnum" };
 
+  my $conf = new FS::Conf;
+  if (($p->{payby} eq "CHEK" || $p->{payby} eq "DCHEK") && $conf->exists('selfservice-ACH_info_readonly')) {
+    return { 'error' => "You do not have authority to add a bank account" };
+  }
+
   my $new = new FS::cust_main { $cust_main->hash };
 
   $new->set( $_ => $p->{$_} )
@@ -756,8 +761,6 @@ sub edit_info {
     $payby = $1;
   }
 
-  my $conf = new FS::Conf;
-
   if ( $payby =~ /^(CARD|DCRD)$/ ) {
 
     $new->paydate($p->{'year'}. '-'. $p->{'month'}. '-01');
@@ -1011,6 +1014,19 @@ sub validate_payment {
 
     $payinfo = $cust_main->payinfo
       if $cust_main->paymask eq $payinfo;
+
+    my $achonfile = 0;
+    foreach my $cust_payby ($cust_main->cust_payby('CHEK','DCHK')) {
+      if ( $cust_payby->paymask eq $payinfo ) {
+        $payinfo = $cust_payby->payinfo;
+        $achonfile = 1;
+        last;
+      }
+    }
+
+    if ($conf->exists('selfservice-ACH_info_readonly') && !$achonfile) {
+      return { 'error' => "You are not allowed to change your payment information." };
+    }
    
   } elsif ( $payby eq 'CARD' || $payby eq 'DCRD' ) {
    
diff --git a/fs_selfservice/FS-SelfService/cgi/make_ach_payment.html b/fs_selfservice/FS-SelfService/cgi/make_ach_payment.html
index 37fd464..1183b2b 100644
--- a/fs_selfservice/FS-SelfService/cgi/make_ach_payment.html
+++ b/fs_selfservice/FS-SelfService/cgi/make_ach_payment.html
@@ -31,7 +31,7 @@ EOF
 <%=
   $OUT = '';
   if ($ach_read_only) {
-    if ($payby == 'CHEK') {
+    if ($payby eq 'CHEK') {
       $OUT .= '<TR><TD COLSPAN=2><INPUT TYPE="hidden" NAME="auto" VALUE="1"></TD></TR>';
     }
   } else {
author	Christopher Burger <burgerc@freeside.biz>	2017-07-26 10:53:18 -0400
committer	Christopher Burger <burgerc@freeside.biz>	2017-08-02 16:46:04 -0400
commit	e08464c07d045dc946e9d4ea8decb8031a10411c (patch)
tree	c8a8bbffddb46e6ee663c2c2b22220282658b804
parent	31f1e1bd302bd88d97d56b20dffad5c5f2388261 (diff)