diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2017-08-25 15:31:56 -0700 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2017-08-25 15:31:56 -0700 |
| commit | 5a8140c9027c5c035ac0ed42e053f27231edd0ba (patch) | |
| tree | 51cff93925c2e4065d9b4b03050ed4f2879cb8b1 /httemplate/elements | |
| parent | c5e968992dcf349bbc2862909c70204fe4b980f9 (diff) | |
separate access control for payment reports, RT#77007
Diffstat (limited to 'httemplate/elements')
| -rw-r--r-- | httemplate/elements/menu.html | 25 |
1 files changed, 15 insertions, 10 deletions
diff --git a/httemplate/elements/menu.html b/httemplate/elements/menu.html index 0e0170f42..25a6967de 100644 --- a/httemplate/elements/menu.html +++ b/httemplate/elements/menu.html @@ -343,20 +343,25 @@ tie my %report_bill_event, 'Tie::IxHash', 'Billing event errors' => [ $fsurl.'search/report_cust_event.html?failed=1', 'Failed credit cards, processor or printer problems, etc.' ], ; -tie my %report_payments, 'Tie::IxHash', - 'Payments' => [ $fsurl.'search/report_cust_pay.html', 'Payment report (by type and/or date range)' ], - 'Payment application detail' => [ $fsurl.'search/report_cust_bill_pay_pkg.html', 'Line item application detail' ], -; +tie my %report_payments, 'Tie::IxHash'; +$report_payments{'Payments'} = [ $fsurl.'search/report_cust_pay.html', 'Payment report (by type and/or date range)' ] + if $curuser->access_right('Basic payment and refund reports'); +$report_payments{'Payment application detail'} = [ $fsurl.'search/report_cust_bill_pay_pkg.html', 'Line item application detail' ] + if $curuser->access_right('Financial reports'); $report_payments{'Pending Payments'} = [ $fsurl.'search/cust_pay_pending.html?magic=_date;statusNOT=done', 'Pending real-time payments' ] if $curuser->access_right('View customer pending payments'); -$report_payments{'Unapplied Payments'} = [ $fsurl.'search/report_cust_pay.html?unapplied=1', 'Unapplied payment report (by type and/or date range)' ]; +$report_payments{'Unapplied Payments'} = [ $fsurl.'search/report_cust_pay.html?unapplied=1', 'Unapplied payment report (by type and/or date range)' ] + if $curuser->access_right('Financial reports'); #not enforced $report_payments{'Voided Payments'} = [ $fsurl.'search/report_cust_pay.html?void=1', 'Voided payment report (by type and/or date range)' ] - if $curuser->access_right('View customer pending payments'); + if $curuser->access_right('Financial reports'); #not enforced $report_payments{'Payment Batches'} = [ $fsurl.'search/pay_batch.html', 'Payment batches (by status and/or date range)' ] - if $conf->exists('batch-enable') || $conf->config('batch-enable_payby'); -$report_payments{'Unapplied Payment Aging'} = [ $fsurl.'search/report_unapplied_cust_pay.html', 'Unapplied payment aging report' ]; + if ( $conf->exists('batch-enable') || $conf->config('batch-enable_payby') ) + && $curuser->access_right('Financial reports'); +$report_payments{'Unapplied Payment Aging'} = [ $fsurl.'search/report_unapplied_cust_pay.html', 'Unapplied payment aging report' ] + if $curuser->access_right('Financial reports'); $report_payments{'Deleted Payments / Payment history table'} = [ $fsurl.'search/report_h_cust_pay.html', 'Deleted payments / payment history table' ] - if $conf->exists('payment-history-report'); + if $conf->exists('payment-history-report') + && $curuser->access_right('Financial reports'); tie my %report_credits, 'Tie::IxHash', 'Credit Report' => [ $fsurl.'search/report_cust_credit.html', 'Credit report (by employee and/or date range)' ], @@ -457,7 +462,7 @@ $report_menu{'Invoices'} = [ \%report_invoices, 'Invoice reports' ] $report_menu{'Discounts'} = [ \%report_discounts, 'Discount reports' ] if $curuser->access_right('Financial reports'); $report_menu{'Payments'} = [ \%report_payments, 'Payment reports' ] - if $curuser->access_right('Financial reports'); + if keys %report_payments; $report_menu{'Packages'} = [ \%report_packages, 'Package reports' ] if $curuser->access_right('List packages'); $report_menu{'Services'} = [ \%report_services, 'Services reports' ] |