diff options
| -rw-r--r-- | FS/FS/AccessRight.pm | 3 | ||||
| -rw-r--r-- | FS/FS/Conf.pm | 14 | ||||
| -rw-r--r-- | FS/FS/Mason.pm | 1 | ||||
| -rw-r--r-- | FS/FS/Record.pm | 8 | ||||
| -rw-r--r-- | FS/FS/Schema.pm | 16 | ||||
| -rw-r--r-- | FS/FS/cust_attachment.pm | 170 | ||||
| -rwxr-xr-x | httemplate/edit/cust_main_attach.cgi | 58 | ||||
| -rw-r--r-- | httemplate/edit/process/cust_main_attach.cgi | 88 | ||||
| -rw-r--r-- | httemplate/view/attachment.html | 16 | ||||
| -rwxr-xr-x | httemplate/view/cust_main.cgi | 28 | ||||
| -rwxr-xr-x | httemplate/view/cust_main/attachments.html | 133 | 
11 files changed, 523 insertions, 12 deletions
| diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm index 29cecd5f2..d19212520 100644 --- a/FS/FS/AccessRight.pm +++ b/FS/FS/AccessRight.pm @@ -100,6 +100,9 @@ tie my %rights, 'Tie::IxHash',      { rightname=>'Delete customer', desc=>"Enable customer deletions. Be very careful! Deleting a customer will remove all traces that this customer ever existed! It should probably only be used when auditing a legacy database. Normally, you cancel all of a customer's packages if they cancel service." }, #aka. deletecustomers      'Add customer note', #NEW      'Edit customer note', #NEW +    'Download attachment', #NEW +    'Add attachment', #NEW +    'Edit attachment', #NEW      'Bill customer now', #NEW      'Bulk send customer notices', #NEW    ], diff --git a/FS/FS/Conf.pm b/FS/FS/Conf.pm index 66f74578d..1da55837c 100644 --- a/FS/FS/Conf.pm +++ b/FS/FS/Conf.pm @@ -736,6 +736,20 @@ worry that config_items is freeside-specific and icky.    },    { +    'key'         => 'disable_cust_attachment', +    'section'     => '', +    'description' => 'Disable customer file attachments', +    'type'        => 'checkbox', +  }, + +  { +    'key'         => 'max_attachment_size', +    'section'     => '', +    'description' => 'Maximum size for customer file attachments (leave blank for unlimited)', +    'type'        => 'text', +  }, + +  {      'key'         => 'disable_customer_referrals',      'section'     => 'UI',      'description' => 'Disable new customer-to-customer referrals in the web interface', diff --git a/FS/FS/Mason.pm b/FS/FS/Mason.pm index ed99bf694..d73d3810a 100644 --- a/FS/FS/Mason.pm +++ b/FS/FS/Mason.pm @@ -186,6 +186,7 @@ Initializes the Mason environment, loads all Freeside and RT libraries, etc.    use FS::part_pkg_taxrate;    use FS::tax_rate;    use FS::part_pkg_report_option; +  use FS::cust_attachment;    use FS::h_cust_pkg;    use FS::h_svc_acct;    use FS::h_svc_broadband; diff --git a/FS/FS/Record.pm b/FS/FS/Record.pm index 9e1c0e890..11afd9ff6 100644 --- a/FS/FS/Record.pm +++ b/FS/FS/Record.pm @@ -55,14 +55,13 @@ FS::UID->install_callback( sub {    $conf_encryption = $conf->exists('encryption');    $File::CounterFile::DEFAULT_DIR = $conf->base_dir . "/counters.". datasrc;    if ( driver_name eq 'Pg' ) { -    eval "use DBD::Pg qw(:pg_types);"; +    eval "use DBD::Pg ':pg_types'";      die $@ if $@;    } else {      eval "sub PG_BYTEA { die 'guru meditation #9: calling PG_BYTEA when not running Pg?'; }";    }  } ); -  =head1 NAME  FS::Record - Database record objects @@ -2718,7 +2717,10 @@ sub _quote {            )    {      no strict 'subs'; -    dbh->quote($value, PG_BYTEA); +#    dbh->quote($value, { pg_type => PG_BYTEA() }); # doesn't work right +    # Pg binary string quoting: convert each character to 3-digit octal prefixed with \\,  +    # single-quote the whole mess, and put an "E" in front. +    return ("E'" . join('', map { sprintf('\\\\%03o', ord($_)) } split(//, $value) ) . "'");    } else {      dbh->quote($value);    } diff --git a/FS/FS/Schema.pm b/FS/FS/Schema.pm index 80aed8297..0ede00031 100644 --- a/FS/FS/Schema.pm +++ b/FS/FS/Schema.pm @@ -372,6 +372,22 @@ sub tables_hashref {        'index' => [ ['typenum'] ],      }, +    'cust_attachment' => { +      'columns' => [ +        'attachnum', 'serial', '', '', '', '', +        'custnum',   'int', '', '', '', '', +        '_date',     @date_type, '', '', +        'otaker',    'varchar', '', 32, '', '', +        'filename',  'varchar', '', 32, '', '', +        'mime_type', 'varchar', '', 32, '', '', +        'body',      'blob', 'NULL', '', '', '', +        'disabled',  @date_type, '', '', +      ], +      'primary_key' => 'attachnum', +      'unique'      => [], +      'index'       => [ ['custnum'] ], +    }, +      'cust_bill' => {        'columns' => [          'invnum',    'serial',  '', '', '', '',  diff --git a/FS/FS/cust_attachment.pm b/FS/FS/cust_attachment.pm new file mode 100644 index 000000000..9527381f4 --- /dev/null +++ b/FS/FS/cust_attachment.pm @@ -0,0 +1,170 @@ +package FS::cust_attachment; + +use strict; +use base qw( FS::Record ); +use FS::Record qw( qsearch qsearchs ); +use FS::Conf; + +=head1 NAME + +FS::cust_attachment - Object methods for cust_attachment records + +=head1 SYNOPSIS + +  use FS::cust_attachment; + +  $record = new FS::cust_attachment \%hash; +  $record = new FS::cust_attachment { 'column' => 'value' }; + +  $error = $record->insert; + +  $error = $new_record->replace($old_record); + +  $error = $record->delete; + +  $error = $record->check; + +=head1 DESCRIPTION + +An FS::cust_attachment object represents a file attached to a L<FS::cust_main> +object.  FS::cust_attachment inherits from FS::Record.  The following fields  +are currently supported: + +=over 4 + +=item attachnum + +Primary key (assigned automatically). + +=item custnum + +Customer number (see L<FS::cust_main>). + +=item _date + +The date the record was last updated. + +=item otaker + +Order taker (assigned automatically; see L<FS::UID>). + +=item filename + +The file's name. + +=item mime_type + +The Content-Type of the file. + +=item body + +The contents of the file. + +=item disabled + +If the attachment was disabled, this contains the date it was disabled. + +=back + +=head1 METHODS + +=over 4 + +=item new HASHREF + +Creates a new attachment object. + +=cut + +# the new method can be inherited from FS::Record, if a table method is defined + +sub table { 'cust_attachment'; } + +sub nohistory_fields { 'body'; } + +=item insert + +Adds this record to the database.  If there is an error, returns the error, +otherwise returns false. + +=cut + +=item delete + +Delete this record from the database. + +=cut + +=item replace OLD_RECORD + +Replaces the OLD_RECORD with this one in the database.  If there is an error, +returns the error, otherwise returns false. + +=cut + +# the replace method can be inherited from FS::Record + +=item check + +Checks all fields to make sure this is a valid example.  If there is +an error, returns the error, otherwise returns false.  Called by the insert +and replace methods. + +=cut + +# the check method should currently be supplied - FS::Record contains some +# data checking routines + +sub check { +  my $self = shift; + +  my $conf = new FS::Conf; +  my $error; +  if($conf->config('disable_cust_attachment') ) { +    $error = 'Attachments disabled (see configuration)'; +  } + +  $error =  +    $self->ut_numbern('attachnum') +    || $self->ut_number('custnum') +    || $self->ut_numbern('_date') +    || $self->ut_text('otaker') +    || $self->ut_text('filename') +    || $self->ut_text('mime_type') +    || $self->ut_numbern('disabled') +    || $self->ut_anything('body') +  ; +  if($conf->config('max_attachment_size')  +    and $self->size > $conf->config('max_attachment_size') ) { +    $error = 'Attachment too large' +  } +  return $error if $error; + +  $self->SUPER::check; +} + +=item size + +Returns the size of the attachment in bytes. + +=cut + +sub size { +  my $self = shift; +  return length($self->body); +} + +=back + +=head1 BUGS + +Doesn't work on non-Postgres systems. + +=head1 SEE ALSO + +L<FS::Record>, schema.html from the base documentation. + +=cut + +1; + diff --git a/httemplate/edit/cust_main_attach.cgi b/httemplate/edit/cust_main_attach.cgi new file mode 100755 index 000000000..7c9e407d9 --- /dev/null +++ b/httemplate/edit/cust_main_attach.cgi @@ -0,0 +1,58 @@ +<% include('/elements/header-popup.html', "$action File Attachment") %> + +<% include('/elements/error.html') %> + +<FORM ACTION="<% popurl(1) %>process/cust_main_attach.cgi" METHOD=POST ENCTYPE="multipart/form-data"> +<INPUT TYPE="hidden" NAME="custnum" VALUE="<% $custnum %>"> +<INPUT TYPE="hidden" NAME="attachnum" VALUE="<% $attachnum %>"> + +<BR><BR> + +% if(defined $attach) { +Filename <INPUT TYPE="text" NAME="filename" VALUE="<% $attach->filename %>"><BR> +MIME type <INPUT TYPE="text" NAME="mime_type" VALUE="<% $attach->mime_type %>"<BR> +Size: <% $attach->size %><BR> + +% } +% else { # !defined $attach + +Filename <INPUT TYPE="file" NAME="file"><BR> + +% } + +<BR> +<INPUT TYPE="submit" NAME="submit"  +    VALUE="<% $attachnum ? "Apply Changes" : "Upload File" %>"> + +% if(defined $attach) { +<BR> +<INPUT TYPE="submit" NAME="delete" value="Delete File"> +% } + +</FORM> +</BODY> +</HTML> + +<%init> + +my $attachnum = ''; +my $attach; +if ( $cgi->param('error') ) { +  #$comment     = $cgi->param('comment'); +} elsif ( $cgi->param('attachnum') =~ /^(\d+)$/ ) { +  $attachnum = $1; +  die "illegal query ". $cgi->keywords unless $attachnum; +  $attach = qsearchs('cust_attachment', { 'attachnum' => $attachnum }); +  die "no such attachment: ". $attachnum unless $attach; +} + +$cgi->param('custnum') =~ /^(\d+)$/ or die "illegal custnum"; +my $custnum = $1; + +my $action = $attachnum ? 'Edit' : 'Add'; + +die "access denied" +  unless $FS::CurrentUser::CurrentUser->access_right("$action customer note"); + +</%init> + diff --git a/httemplate/edit/process/cust_main_attach.cgi b/httemplate/edit/process/cust_main_attach.cgi new file mode 100644 index 000000000..51eead076 --- /dev/null +++ b/httemplate/edit/process/cust_main_attach.cgi @@ -0,0 +1,88 @@ +%if ($error) { +%  $cgi->param('error', $error); +<% $cgi->redirect(popurl(2). 'cust_main_attach.cgi?'. $cgi->query_string ) %> +%} else { +% my $act = 'added'; +% $act = 'updated' if ($attachnum); +% $act = 'undeleted' if($attachnum and $undelete); +% $act = 'deleted' if($attachnum and $delete); +<% header('Attachment ' . $act ) %> +    <SCRIPT TYPE="text/javascript"> +      window.top.location.reload(); +    </SCRIPT> +    </BODY></HTML> +% } +<%init> + +my $error; +$cgi->param('custnum') =~ /^(\d+)$/ +  or die "Illegal custnum: ". $cgi->param('custnum'); +my $custnum = $1; + +$cgi->param('attachnum') =~ /^(\d*)$/ +  or die "Illegal attachnum: ". $cgi->param('attachnum'); +my $attachnum = $1; + +my $otaker = $FS::CurrentUser::CurrentUser->name; +$otaker = $FS::CurrentUser::CurrentUser->username +  if ($otaker eq "User, Legacy"); + +my $delete = $cgi->param('delete'); +my $undelete = $cgi->param('undelete'); + +my $new = new FS::cust_attachment ( { +  attachnum => $attachnum, +  custnum   => $custnum, +  _date     => time, +  otaker    => $otaker, +  disabled  => '', +}); +my $old; + +if($attachnum) { +  $old = qsearchs('cust_attachment', { attachnum => $attachnum }); +  if(!$old) { +    $error = "Attachnum '$attachnum' not found"; +  } +  else { +    map { $new->$_($old->$_) }  +      ('_date', 'otaker', 'body', 'disabled'); +    $new->filename($cgi->param('filename') || $old->filename); +    $new->mime_type($cgi->param('mime_type') || $old->mime_type); +    if($delete and not $old->disabled) { +      $new->disabled(time); +    } +    if($undelete and $old->disabled) { +      $new->disabled(''); +    } +  } +} +else { # This is a new attachment, so require a file. + +  my $filename = $cgi->param('file'); +  if($filename) { +    $new->filename($filename); +    $new->mime_type($cgi->uploadInfo($filename)->{'Content-Type'}); +     +    local $/; +    my $fh = $cgi->upload('file'); +    $new->body(<$fh>); +  } +  else { +    $error = 'No file uploaded'; +  } +} +my $user = $FS::CurrentUser::CurrentUser; + +$error = 'access denied' unless $user->access_right(($old ? 'Edit' : 'Add') . ' attachment'); + +if(!$error) { +  if($old) { +    $error = $new->replace($old); +  } +  else { +    $error = $new->insert; +  } +} + +</%init> diff --git a/httemplate/view/attachment.html b/httemplate/view/attachment.html new file mode 100644 index 000000000..c85b1375f --- /dev/null +++ b/httemplate/view/attachment.html @@ -0,0 +1,16 @@ +<%init> +my ($query) = $cgi->keywords; +$query =~ /^(\d+)$/; +my $attachnum = $1 or die 'Invalid attachment number'; +$FS::CurrentUser::CurrentUser->access_right('Download attachment') or die 'access denied'; + +my $attach = qsearchs('cust_attachment', { attachnum => $attachnum }) or die 'Attachment not found: $attachnum'; + +$m->clear_buffer; +$r->content_type($attach->mime_type || 'text/plain'); +$r->headers_out->add('Content-Disposition' => 'attachment;filename=' . $attach->filename); + +binmode STDOUT; +print STDOUT $attach->body; + +</%init> diff --git a/httemplate/view/cust_main.cgi b/httemplate/view/cust_main.cgi index 78bcb1fc1..da1a56a96 100755 --- a/httemplate/view/cust_main.cgi +++ b/httemplate/view/cust_main.cgi @@ -113,7 +113,6 @@ Comments  % if ( ! $conf->exists('cust_main-disable_notes') || $notecount) {  %   unless ( $view eq 'notes' && $cust_main->comments !~ /[^\s\n\r]/ ) { -      <BR>        <A NAME="cust_main_note"><FONT SIZE="+2">Notes</FONT></A><BR>  %   } @@ -138,6 +137,22 @@ Comments  <% include('cust_main/notes.html', 'custnum' => $cust_main->custnum ) %>  % } +<BR> + +% if(! $conf->config('disable_cust_attachment')  +%  and $curuser->access_right('Add attachment')) { +<% include( '/elements/popup_link-cust_main.html', +              'label'       => 'Attach file', +              'action'      => $p.'edit/cust_main_attach.cgi', +              'actionlabel' => 'Upload file', +              'cust_main'   => $cust_main, +              'width'       => 616, +              'height'      => 408, +          ) +%> +% } +<% include('cust_main/attachments.html', 'custnum' => $cust_main->custnum ) %> +<BR>  % } @@ -181,10 +196,6 @@ Comments  % } -% if ( $view eq 'change_history' ) { #  || $view eq 'jumbo' -  <% include('cust_main/change_history.html', $cust_main ) %> -% } -  <% include('/elements/footer.html') %>  <%init> @@ -218,12 +229,11 @@ tie my %views, 'Tie::IxHash',         'Notes'            => 'notes', #notes and files?  ;  $views{'Tickets'}         =  'tickets' -  if $conf->config('ticket_system'); +                               if $conf->config('ticket_system');  $views{'Packages'}        =  'packages';  $views{'Payment History'} =  'payment_history' -  unless $conf->config('payby-default' eq 'HIDE'); -$views{'Change History'}  =  'change_history' -  if $curuser->access_right('View customer history'); +                               unless $conf->config('payby-default' eq 'HIDE'); +#$views{'Change History'}  =  '';  $views{'Jumbo'}           =  'jumbo';  my %viewname = reverse %views; diff --git a/httemplate/view/cust_main/attachments.html b/httemplate/view/cust_main/attachments.html new file mode 100755 index 000000000..e25814ff5 --- /dev/null +++ b/httemplate/view/cust_main/attachments.html @@ -0,0 +1,133 @@ +% if ( scalar(@attachments) ) { + +  <% include('/elements/init_overlib.html') %> + +  <% include("/elements/table-grid.html") %> + +  <TR> +    <TH CLASS="grid" BGCOLOR="#cccccc">Date</TH> +%   if ( $conf->exists('cust_main_note-display_times') ) { +      <TH CLASS="grid" BGCOLOR="#cccccc">Time</TH> +%   } +    <TH CLASS="grid" BGCOLOR="#cccccc">Person</TH> +    <TH CLASS="grid" BGCOLOR="#cccccc">Filename</TH> +    <TH CLASS="grid" BGCOLOR="#cccccc">Type</TH> +    <TH CLASS="grid" BGCOLOR="#cccccc">Size</TH> +    <TH CLASS="grid" BGCOLOR="#cccccc"></TH> +  </TR> + +% my $bgcolor1 = '#eeeeee'; +% my $bgcolor2 = '#ffffff'; +% my $bgcolor = ''; +% +% foreach my $attach ((grep { $_->disabled } @attachments), +%                     (grep { ! $_->disabled } @attachments)) { +% +%   if ( $bgcolor eq $bgcolor1 ) { +%     $bgcolor = $bgcolor2; +%   } else { +%     $bgcolor = $bgcolor1; +%   } +% +%   my $pop = popurl(3); +%   my $attachnum = $attach->attachnum; +%   my $edit = ''; +%   my $download = ''; +%   if($attach->disabled) { +%     my $onclick = include('/elements/popup_link_onclick.html', +%                            'action'   => popurl(2). +%                                         'edit/process/cust_main_attach.cgi'. +%                                         "?custnum=$custnum;". +%                                         "attachnum=$attachnum;". +%                                         "undelete=1", +%                            'actionlabel' => 'Undelete attachment', +%                            'width'       => 616, +%                            'height'      => 408, +%                            'frame'       => 'top', +%                         ); +%     my $clickjs = qq!onclick="$onclick"!; +%     if($curuser->access_right('Edit attachment')) { +%       $edit = qq! <A HREF="javascript:void(0);" $clickjs>(undelete)</A>!; +%     } +%   } +%   else { +%     my $onclick = include( '/elements/popup_link_onclick.html', +%                              'action'      => popurl(2). +%                                               'edit/cust_main_attach.cgi'. +%                                               "?custnum=$custnum". +%                                               ";attachnum=$attachnum", +%                              'actionlabel' => 'Edit customer note', +%                              'width'       => 616, +%                              'height'      => 408, +%                              'frame'       => 'top', +%                          ); +%     my $clickjs = qq!onclick="$onclick"!; +% +%     if ($curuser->access_right('Edit attachment') ) { +%       $edit = qq! <A HREF="javascript:void(0);" $clickjs>(edit)</A>!; +%     } +%     if ($curuser->access_right('Download attachment') ) { +%       $download = qq! <A HREF="!.popurl(1).'attachment.html?'.$attachnum.qq!">(download)</A>!; +%     } +%   } + +    <TR> +      <% note_datestr($attach,$conf,$bgcolor) %> +      <TD CLASS="grid" BGCOLOR="<% $bgcolor %>"> +         <% $attach->otaker%> +      </TD> +      <TD CLASS="grid" BGCOLOR="<% $bgcolor %>"> +        <% $attach->filename %> +      </TD> +      <TD CLASS="grid" BGCOLOR="<% $bgcolor %>"> +        <% $attach->mime_type %> +      </TD> +      <TD CLASS="grid" BGCOLOR="<% $bgcolor %>"> +        <% size_units( $attach->size ) %> +      </TD> +      <TD CLASS="grid" BGCOLOR="<% $bgcolor %>"> +         <% $edit %> +         <% $download %> +      </TD> +      <% $attach->disabled ? '</I>' : '' %> +    </TR> + +% } #end display notes + +</TABLE> + +% } +<%init> + +my $conf = new FS::Conf; +my $curuser = $FS::CurrentUser::CurrentUser; + +my(%opt) = @_; + +my $custnum = $opt{'custnum'}; + +my $cust_main = qsearchs('cust_main', {'custnum' => $custnum} ); +die "Customer not found!" unless $cust_main; + +my (@attachments) = qsearch('cust_attachment', {'custnum' => $custnum}); + +#subroutines + +sub note_datestr { +  my($note, $conf, $bgcolor) = @_ or return ''; +  my $td = qq{<TD CLASS="grid" BGCOLOR="$bgcolor" ALIGN="right">}; +  my $format = "$td%b %o, %Y</TD>"; +  $format .= "$td%l:%M%P</TD>" +    if $conf->exists('cust_main_note-display_times'); +  ( my $strip = time2str($format, $note->_date) ) =~ s/ (\d)/$1/g; +  $strip; +} + +sub size_units { +  my $bytes = shift; +  return $bytes if $bytes < 1024; +  return int($bytes / 1024)."K" if $bytes < 1048576; +  return int($bytes / 1048576)."M"; +} + +</%init> | 
