"Edit password" ACL, #21178, part 1

1 files changed, 21 insertions, 0 deletions

diff --git a/httemplate/misc/process/change-password.html b/httemplate/misc/process/change-password.html
new file mode 100644
index 000000000..7005439cc
--- /dev/null
+++ b/httemplate/misc/process/change-password.html
@@ -0,0 +1,21 @@
+<%init>
+my $curuser = $FS::CurrentUser::CurrentUser;
+die "access denied" unless $curuser->access_right('Edit password');
+
+$cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum";
+my $svcnum = $1;
+my $svc_acct = FS::svc_acct->by_key($svcnum)
+  or die "svc_acct $svcnum not found";
+my $error = $svc_acct->set_password($cgi->param('password'))
+        ||  $svc_acct->replace;
+
+# annoyingly specific to view/svc_acct.cgi, for now...
+$cgi->delete('password');
+</%init>
+% if ( $error ) {
+%   $cgi->param('svcnum', $svcnum);
+%   $cgi->param("changepw${svcnum}_error", $error);
+% } else {
+%   $cgi->query_string($svcnum);
+% }
+<% $cgi->redirect($fsurl.'view/svc_acct.cgi?'.$cgi->query_string) %>