diff options
| author | ivan <ivan> | 2006-06-19 11:25:14 +0000 |
|---|---|---|
| committer | ivan <ivan> | 2006-06-19 11:25:14 +0000 |
| commit | 41a6a1b1811e337be2fca47504ff9687b6b46cf8 (patch) | |
| tree | 2b9708c1e681a39f3c75b6fd0fa90672ef7353bd /httemplate/view | |
| parent | 6b12c14cc10503d6b0783e8ef71fe44d9a9b37b6 (diff) | |
ACLs, take three or four or something
Diffstat (limited to 'httemplate/view')
| -rwxr-xr-x | httemplate/view/cust_main.cgi | 55 | ||||
| -rwxr-xr-x | httemplate/view/cust_main/packages.html | 91 | ||||
| -rw-r--r-- | httemplate/view/cust_main/payment_history.html | 78 |
3 files changed, 165 insertions, 59 deletions
diff --git a/httemplate/view/cust_main.cgi b/httemplate/view/cust_main.cgi index 58f2925d5..e7b3319c7 100755 --- a/httemplate/view/cust_main.cgi +++ b/httemplate/view/cust_main.cgi @@ -1,4 +1,3 @@ -<!-- mason kludge --> <% my $conf = new FS::Conf; @@ -12,13 +11,17 @@ foreach my $part_svc ( qsearch('part_svc',{}) ) { %> + <%= include("/elements/header.html","Customer View", include("/elements/menubar.html", 'Main Menu' => $p, )) %> + <% +my $curuser = $FS::CurrentUser::CurrentUser; + die "No customer specified (bad URL)!" unless $cgi->keywords; my($query) = $cgi->keywords; # needs parens with my, ->keywords returns array $query =~ /^(\d+)$/; @@ -26,10 +29,14 @@ my $custnum = $1; my $cust_main = qsearchs('cust_main',{'custnum'=>$custnum}); die "Customer not found!" unless $cust_main; -print qq!<A HREF="${p}edit/cust_main.cgi?$custnum">Edit this customer</A>!; - %> + +<% if ( $curuser->access_right('Edit customer') ) { %> + <A HREF="<%= $p %>edit/cust_main.cgi?<%= $custnum %>">Edit this customer</A> | +<% } %> + + <SCRIPT TYPE="text/javascript" SRC="../elements/overlibmws.js"></SCRIPT> <SCRIPT TYPE="text/javascript" SRC="../elements/overlibmws_iframe.js"></SCRIPT> <SCRIPT TYPE="text/javascript" SRC="../elements/overlibmws_draggable.js"></SCRIPT> @@ -60,37 +67,36 @@ var confirm_cancel = '<FORM METHOD="POST" ACTION="<%= $p %>misc/cust_main-cancel </SCRIPT> -<% if ( $cust_main->ncancelled_pkgs ) { %> +<% if ( $curuser->access_right('Cancel customer') + && $cust_main->ncancelled_pkgs + ) { +%> + <A HREF="javascript:void(0);" onClick="overlib(confirm_cancel, CAPTION, 'Confirm cancellation', STICKY, AUTOSTATUSCAP, CLOSETEXT, '', MIDX, 0, MIDY, 0, DRAGGABLE, WIDTH, 576, HEIGHT, 128, TEXTSIZE, 3, BGCOLOR, '#ff0000', CGCOLOR, '#ff0000' ); return false; ">Cancel this customer</A> | +<% } %> - | <A HREF="javascript:void(0);" onClick="overlib(confirm_cancel, CAPTION, 'Confirm cancellation', STICKY, AUTOSTATUSCAP, CLOSETEXT, '', MIDX, 0, MIDY, 0, DRAGGABLE, WIDTH, 576, HEIGHT, 128, TEXTSIZE, 3, BGCOLOR, '#ff0000', CGCOLOR, '#ff0000' ); return false; ">Cancel this customer</A> +<% if ( $conf->exists('deletecustomers') + && $curuser->access_right('Delete customer') + ) { +%> + <A HREF="<%= $p %>misc/delete-customer.cgi?<%= $custnum%>">Delete this customer</A> | <% } %> -<% -print qq! | <A HREF="${p}misc/delete-customer.cgi?$custnum">!. - 'Delete this customer</A>' - if $conf->exists('deletecustomers'); +<% unless ( $conf->exists('disable_customer_referrals') ) { %> + <A HREF="<%= popurl(2) %>edit/cust_main.cgi?referral_custnum=<%= $custnum %>">Refer a new customer</A> | + <A HREF="<%= popurl(2) %>search/cust_main.cgi?referral_custnum=<%= $custnum %>">View this customer's referrals</A> +<% } %> -unless ( $conf->exists('disable_customer_referrals') ) { - print qq! | <A HREF="!, popurl(2), - qq!edit/cust_main.cgi?referral_custnum=$custnum">!, - qq!Refer a new customer</A>!; - print qq! | <A HREF="!, popurl(2), - qq!search/cust_main.cgi?referral_custnum=$custnum">!, - qq!View this customer's referrals</A>!; -} - -print '<BR><BR>'; +<BR><BR> +<% my $signupurl = $conf->config('signupurl'); if ( $signupurl ) { -print "This customer's signup URL: ". - "<a href=\"$signupurl?ref=$custnum\">$signupurl?ref=$custnum</a><BR><BR>"; -} - %> + This customer's signup URL: <A HREF="<%= $signupurl %>?ref=<%= $custnum %>"><%= $signupurl %>?ref=<%= $custnum %></A><BR><BR> +<% } %> <A NAME="cust_main"></A> <TABLE BORDER=0> @@ -135,5 +141,4 @@ Comments <%= include('cust_main/payment_history.html', $cust_main ) %> <% } %> -</BODY></HTML> - +<%= include('/elements/footer.html') %> diff --git a/httemplate/view/cust_main/packages.html b/httemplate/view/cust_main/packages.html index 32e0ee1fc..8312a8663 100755 --- a/httemplate/view/cust_main/packages.html +++ b/httemplate/view/cust_main/packages.html @@ -2,6 +2,8 @@ my( $cust_main ) = @_; my $conf = new FS::Conf; + my $curuser = $FS::CurrentUser::CurrentUser; + my $packages = get_packages($cust_main, $conf); %> @@ -11,13 +13,21 @@ <A NAME="cust_pkg"><FONT SIZE="+2">Packages</FONT></A> -<%= include('order_pkg.html', $cust_main ) %> +<% if ( $curuser->access_right('Order customer package') ) { %> + <%= include('order_pkg.html', $cust_main ) %> +<% } %> -<% if ( $conf->config('payby-default') ne 'HIDE' ) { %> +<% if ( $curuser->access_right('One-time charge') + && $conf->config('payby-default') ne 'HIDE' + ) { +%> <%= include('quick-charge.html', $cust_main ) %> <% } %> -<A HREF="<%= $p %>edit/cust_pkg.cgi?<%= $cust_main->custnum %>">Bulk order and cancel packages</A> (preserves services) +<% if ( $curuser->access_right('Bulk change customer packages') ) { %> + <A HREF="<%= $p %>edit/cust_pkg.cgi?<%= $cust_main->custnum %>">Bulk order and cancel packages</A> (preserves services) +<% } %> + <BR><BR> <% if ( @$packages ) { %> @@ -70,10 +80,19 @@ foreach my $pkg (sort pkgsort_pkgnum_cancel @$packages) { <TD ROWSPAN=<%= $rowspan || 1 %>> <A NAME="cust_pkg<%=$pkg->{pkgnum}%>"><%=$pkg->{pkgnum}%></A>: <%=$pkg->{pkg}%> - <%=$pkg->{comment}%><BR> -<% unless ($pkg->{cancel}) { %> - ( <%=pkg_change_link($pkg)%> ) - ( <%=pkg_dates_link($pkg)%> | <%=pkg_customize_link($pkg,$cust_main->custnum)%> ) -<% } %> + <FONT SIZE=-1> + <% unless ( $pkg->{cancel} ) { %> + <% if ( $curuser->access_right('Change customer package') ) { %> + ( <%=pkg_change_link($pkg)%> ) + <% } %> + <% if ( $curuser->access_right('Edit customer package dates') ) { %> + ( <%=pkg_dates_link($pkg)%> ) + <% } %> + <% if ( $curuser->access_right('Customize customer package') ) { %> + ( <%=pkg_customize_link($pkg,$cust_main->custnum)%> ) + <% } %> + <% } %> + </FONT> </TD> <TD ROWSPAN=<%= $rowspan || 1 %>> <TABLE BORDER=0 CELLSPACING=0 CELLPADDING=0 WIDTH="100%"> @@ -182,7 +201,16 @@ foreach my $pkg (sort pkgsort_pkgnum_cancel @$packages) { <% } %> <TR> - <TD COLSPAN=<%=$colspan%>>( <%= pkg_unsuspend_link($pkg) %> | <%= pkg_cancel_link($pkg) %> )</TD> + <TD COLSPAN=<%=$colspan%>> + <FONT SIZE=-1> + <% if ( $curuser->access_right('Unsuspend customer package') ) { %> + ( <%= pkg_unsuspend_link($pkg) %> ) + <% } %> + <% if ( $curuser->access_right('Cancel customer package') ) { %> + ( <%= pkg_cancel_link($pkg) %> ) + <% } %> + </FONT> + </TD> </TR> <% } else { %> <!-- #status: active --> @@ -196,7 +224,13 @@ foreach my $pkg (sort pkgsort_pkgnum_cancel @$packages) { </TR> <TR> - <TD COLSPAN=<%=$colspan%>>( <%= pkg_cancel_link($pkg) %> )</TD> + <TD COLSPAN=<%=$colspan%>> + <FONT SIZE=-1> + <% if ( $curuser->access_right('Cancel customer package immediately') ) { %> + ( <%= pkg_cancel_link($pkg) %> ) + <% } %> + </FONT> + </TD> </TR> <% } else { %> @@ -258,7 +292,19 @@ foreach my $pkg (sort pkgsort_pkgnum_cancel @$packages) { <% if ( $pkg->{freq} ) { %> <TR> - <TD COLSPAN=<%=$colspan%>>( <%= pkg_suspend_link($pkg) %> | <%= pkg_cancel_link($pkg) %> )</TD> + <TD COLSPAN=<%=$colspan%>> + <FONT SIZE=-1> + <% if ( $curuser->access_right('Suspend customer package') ) { %> + ( <%= pkg_suspend_link($pkg) %> ) + <% } %> + <% if ( $curuser->access_right('Cancel customer package immediately') ) { %> + ( <%= pkg_cancel_link($pkg) %> ) + <% } %> + <% if ( $curuser->access_right('Cancel customer package later') ) { %> + ( <%= pkg_expire_link($pkg) %> ) + <% } %> + <FONT> + </TD> </TR> <% } %> @@ -278,14 +324,20 @@ foreach my $pkg (sort pkgsort_pkgnum_cancel @$packages) { print '<TR>' if ($cnt > 0); %> <TD><%=svc_link($svcpart,$service)%></TD> - <TD><%=svc_label_link($svcpart,$service)%><BR>( <%=svc_unprovision_link($service)%> )</TD> + <TD><%=svc_label_link($svcpart,$service)%> + <% if ( $curuser->access_right('Unprovision customer service') ) { %> + <BR>( <%=svc_unprovision_link($service)%> ) + <% } %> + </TD> </TR> <% $cnt++; } - if ($svcpart->{count} < $svcpart->{quantity}) { + if ( $svcpart->{count} < $svcpart->{quantity} + && $curuser->access_right('Provision customer services') + ) { print qq!<TR>\n! if ($cnt > 0); - print qq! <TD COLSPAN=2>!.svc_provision_link($pkg, $svcpart, $conf).qq!</TD>\n</TR>\n!; + print qq! <TD COLSPAN=2>!.svc_provision_link($pkg, $svcpart, $conf, $curuser).qq!</TD>\n</TR>\n!; } } } @@ -393,7 +445,7 @@ sub svc_label_link { } sub svc_provision_link { - my ($pkg, $svcpart, $conf) = @_; + my ($pkg, $svcpart, $conf, $curuser) = @_; ( my $svc_nbsp = $svcpart->{svc} ) =~ s/\s+/ /g; my $num_left = $svcpart->{quantity} - $svcpart->{count}; my $pkgnum_svcpart = "pkgnum$pkg->{pkgnum}-svcpart$svcpart->{svcpart}"; @@ -411,7 +463,10 @@ sub svc_provision_link { my $link = qq!<A CLASS="provision" HREF="$url">!. "Provision $svc_nbsp ($num_left)</A>"; - if ( $conf->exists('legacy_link') ) { + if ( $conf->exists('legacy_link') + && $curuser->access_right('View/link unlinked services') + ) + { $link .= '<BR>'. qq!<A CLASS="provision" HREF="${p}misc/link.cgi?!. qq!$pkgnum_svcpart">!. @@ -475,7 +530,11 @@ sub pkg_cancel_link { my $pkg = shift or return ''; qq!<A HREF="javascript:areyousure('${p}misc/cancel_pkg.cgi?$pkg->{pkgnum}', !. qq!'Permanently delete included services and cancel this package?')">!. - qq!Cancel now</A> | !. + qq!Cancel now</A>!; +} + +sub pkg_expire_link { + my $pkg = shift or return ''; qq!<A HREF="${p}misc/expire_pkg.cgi?$pkg->{pkgnum}">Cancel later</A>!; } diff --git a/httemplate/view/cust_main/payment_history.html b/httemplate/view/cust_main/payment_history.html index f0cd993ff..b7621d57a 100644 --- a/httemplate/view/cust_main/payment_history.html +++ b/httemplate/view/cust_main/payment_history.html @@ -4,6 +4,8 @@ my $conf = new FS::Conf; + my $curuser = $FS::CurrentUser::CurrentUser; + my @payby = grep /\w/, $conf->config('payby'); #@payby = (qw( CARD DCRD CHEK DCHK LECB BILL CASH WEST COMP )) @payby = (qw( CARD DCRD CHEK DCHK LECB BILL CASH COMP )) @@ -16,42 +18,48 @@ <BR><BR><A NAME="history"><FONT SIZE="+2">Payment History</FONT></A><BR> -<% if ( $payby{'BILL'} ) { %> +<% if ( $payby{'BILL'} && $curuser->access_right('Post payment') ) { %> <%= $s++ ? ' | ' : '' %> <A HREF="<%= $p %>edit/cust_pay.cgi?payby=BILL;custnum=<%= $custnum %>">Post check payment</A> <% } %> -<% if ( $payby{'CASH'} ) { %> +<% if ( $payby{'CASH'} && $curuser->access_right('Post payment') ) { %> <%= $s++ ? ' | ' : '' %> <A HREF="<%= $p %>edit/cust_pay.cgi?payby=CASH;custnum=<%= $custnum %>">Post cash payment</A> <% } %> -<% if ( $payby{'WEST'} ) { %> +<% if ( $payby{'WEST'} && $curuser->access_right('Post payment') ) { %> <%= $s++ ? ' | ' : '' %> <A HREF="<%= $p %>edit/cust_pay.cgi?payby=WEST;custnum=<%= $custnum %>">Post Western Union payment</A> <% } %> -<% if ( $payby{'CARD'} || $payby{'DCRD'} ) { %> +<% if ( ( $payby{'CARD'} || $payby{'DCRD'} ) + && $curuser->access_right('Process payment') + ) { +%> <%= $s++ ? ' | ' : '' %> <A HREF="<%= $p %>misc/payment.cgi?payby=CARD;custnum=<%= $custnum %>">Process credit card payment</A> <% } %> -<% if ( $payby{'CHEK'} || $payby{'DCHK'} ) { %> +<% if ( ( $payby{'CHEK'} || $payby{'DCHK'} ) + && $curuser->access_right('Process payment') + ) { +%> <%= $s++ ? ' | ' : '' %> <A HREF="<%= $p %>misc/payment.cgi?payby=CHEK;custnum=<%= $custnum %>">Process electronic check (ACH) payment</A> <% } %> -<% if ( $payby{'MCRD'} ) { %> +<% if ( $payby{'MCRD'} && $curuser->access_right('Post payment') ) { %> <%= $s++ ? ' | ' : '' %> <A HREF="<%= $p %>edit/cust_pay.cgi?payby=MCRD;custnum=<%= $custnum %>">Post manual credit card payment</A> @@ -60,9 +68,13 @@ <BR> -<A HREF="javascript:void(0);" onClick="overlib( OLiframeContent('<%= $p %>edit/cust_credit.cgi?<%= $custnum %>', 392, 336, 'cust_credit_popup' ), CAPTION, 'Post credit', STICKY, AUTOSTATUSCAP, MIDX, 0, MIDY, 0, DRAGGABLE, CLOSECLICK )">Post credit</A> +<% if ( $curuser->access_right('Post credit') ) { %> -<BR> + <A HREF="javascript:void(0);" onClick="overlib( OLiframeContent('<%= $p %>edit/cust_credit.cgi?<%= $custnum %>', 392, 336, 'cust_credit_popup' ), CAPTION, 'Post credit', STICKY, AUTOSTATUSCAP, MIDX, 0, MIDY, 0, DRAGGABLE, CLOSECLICK )">Post credit</A> + + <BR> + +<% } %> <% #get payment history @@ -75,11 +87,14 @@ foreach my $cust_bill ($cust_main->cust_bill) { : ''; my $post = ( $cust_bill->owed > 0 ) ? '</FONT></B>' : ''; my $invnum = $cust_bill->invnum; + my $link = $curuser->access_right('View invoices') + ? qq!<A HREF="${p}view/cust_bill.cgi?$invnum">! + : ''; push @history, { 'date' => $cust_bill->_date, - 'desc' => qq!<A HREF="${p}view/cust_bill.cgi?$invnum">!. $pre. + 'desc' => $link. $pre. "Invoice #$invnum (Balance \$". $cust_bill->owed. ')'. - $post. '</A>', + $post. ( $link ? '</A>' : '' ), 'charge' => $cust_bill->charged, }; } @@ -169,6 +184,7 @@ foreach my $cust_pay ($cust_main->cust_pay) { && $cust_pay->payby =~ /^(CARD|CHEK)$/ && time-$cust_pay->_date < $refund_days*86400 && $cust_pay->unrefunded > 0 + && $curuser->access_right('Refund payment') ) { $refund = qq! (<A HREF="${p}edit/cust_refund.cgi?payby=$1;!. qq!paynum=!. $cust_pay->paynum. '"'. @@ -178,9 +194,17 @@ foreach my $cust_pay ($cust_main->cust_pay) { my $void = ''; if ( $cust_pay->closed !~ /^Y/i - && ( $cust_pay->payby ne 'CARD' || $conf->exists('cc-void') ) - && ( $cust_pay->payby ne 'CHEK' || $conf->exists('echeck-void') ) - ) { + && ( ( $cust_pay->payby eq 'CARD' + && $conf->exists('cc-void') + && $curuser->acccess_right('Credit card void') + ) + || ( $cust_pay->payby eq 'CHEK' + && $conf->exists('echeck-void') + && $curuser->acccess_right('Echeck void') + ) + ) + ) + { $void = qq! (<A HREF="javascript:areyousure('!. qq!${p}misc/void-cust_pay.cgi?!. $cust_pay->paynum. qq!', 'Are you sure you want to void this payment?')"!. @@ -193,7 +217,11 @@ foreach my $cust_pay ($cust_main->cust_pay) { } my $delete = ''; - if ( $cust_pay->closed !~ /^Y/i && $conf->exists('deletepayments') ) { + if ( $cust_pay->closed !~ /^Y/i + && $conf->exists('deletepayments') + && $curuser->access_right('Delete payment') + ) + { $delete = qq! (<A HREF="javascript:areyousure('!. qq!${p}misc/delete-cust_pay.cgi?!. $cust_pay->paynum. qq!', 'Are you sure you want to delete this payment?')"!. @@ -204,7 +232,10 @@ foreach my $cust_pay ($cust_main->cust_pay) { my $unapply = ''; if ( $cust_pay->closed !~ /^Y/i && $conf->exists('unapplypayments') - && scalar(@cust_bill_pay) ) { + && scalar(@cust_bill_pay) + && $curuser->access_right('Unapply payment') + ) + { $unapply = qq! (<A HREF="javascript:areyousure('!. qq!${p}misc/unapply-cust_pay.cgi?!. $cust_pay->paynum. qq!', 'Are you sure you want to unapply this payment?')"!. @@ -236,7 +267,11 @@ foreach my $cust_pay_void ($cust_main->cust_pay_void) { my $info = $payby ? " ($payby$payinfo)" : ''; my $unvoid = ''; - if ( $cust_pay_void->closed !~ /^Y/i && $conf->exists('unvoid') ) { + if ( $cust_pay_void->closed !~ /^Y/i + && $conf->exists('unvoid') + && $curuser->access_right('Unvoid') + ) + { $unvoid = qq! (<A HREF="javascript:areyousure('!. qq!${p}misc/unvoid-cust_pay_void.cgi?!. $cust_pay_void->paynum. qq!', 'Are you sure you want to unvoid this payment?')"!. @@ -314,7 +349,11 @@ foreach my $cust_credit ($cust_main->cust_credit) { } # my $delete = ''; - if ( $cust_credit->closed !~ /^Y/i && $conf->exists('deletecredits') ) { + if ( $cust_credit->closed !~ /^Y/i + && $conf->exists('deletecredits') + && $curuser->access_right('Delete credit') + ) + { $delete = qq! (<A HREF="javascript:areyousure('!. qq!${p}misc/delete-cust_credit.cgi?!. $cust_credit->crednum. qq!', 'Are you sure you want to delete this credit?')">!. @@ -324,7 +363,10 @@ foreach my $cust_credit ($cust_main->cust_credit) { my $unapply = ''; if ( $cust_credit->closed !~ /^Y/i && $conf->exists('unapplycredits') - && scalar(@cust_credit_bill) ) { + && scalar(@cust_credit_bill) + && $curuser->access_right('Unapply credit') + ) + { $unapply = qq! (<A HREF="javascript:areyousure('!. qq!${p}misc/unapply-cust_credit.cgi?!. $cust_credit->crednum. qq!', 'Are you sure you want to unapply this credit?')">!. |