diff options
| -rw-r--r-- | FS/FS/AccessRight.pm | 4 | ||||
| -rwxr-xr-x | httemplate/edit/cust_main_attach.cgi | 5 | ||||
| -rw-r--r-- | httemplate/edit/process/cust_main_attach.cgi | 23 | ||||
| -rw-r--r-- | httemplate/view/attachment.html | 6 | ||||
| -rwxr-xr-x | httemplate/view/cust_main.cgi | 12 | ||||
| -rwxr-xr-x | httemplate/view/cust_main/attachments.html | 90 |
6 files changed, 92 insertions, 48 deletions
diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm index d19212520..17d2d76fd 100644 --- a/FS/FS/AccessRight.pm +++ b/FS/FS/AccessRight.pm @@ -103,6 +103,10 @@ tie my %rights, 'Tie::IxHash', 'Download attachment', #NEW 'Add attachment', #NEW 'Edit attachment', #NEW + 'Delete attachment', #NEW + 'View deleted attachments', #NEW + 'Undelete attachment', #NEW + 'Purge attachment', #NEW 'Bill customer now', #NEW 'Bulk send customer notices', #NEW ], diff --git a/httemplate/edit/cust_main_attach.cgi b/httemplate/edit/cust_main_attach.cgi index 7c9e407d9..dd460fa5e 100755 --- a/httemplate/edit/cust_main_attach.cgi +++ b/httemplate/edit/cust_main_attach.cgi @@ -24,7 +24,7 @@ Filename <INPUT TYPE="file" NAME="file"><BR> <INPUT TYPE="submit" NAME="submit" VALUE="<% $attachnum ? "Apply Changes" : "Upload File" %>"> -% if(defined $attach) { +% if(defined $attach and $curuser->access_right('Delete attachment')) { <BR> <INPUT TYPE="submit" NAME="delete" value="Delete File"> % } @@ -35,6 +35,7 @@ Filename <INPUT TYPE="file" NAME="file"><BR> <%init> +my $curuser = $FS::CurrentUser::CurrentUser; my $attachnum = ''; my $attach; if ( $cgi->param('error') ) { @@ -52,7 +53,7 @@ my $custnum = $1; my $action = $attachnum ? 'Edit' : 'Add'; die "access denied" - unless $FS::CurrentUser::CurrentUser->access_right("$action customer note"); + unless $curuser->access_right("$action customer note"); </%init> diff --git a/httemplate/edit/process/cust_main_attach.cgi b/httemplate/edit/process/cust_main_attach.cgi index 51eead076..98f4d0912 100644 --- a/httemplate/edit/process/cust_main_attach.cgi +++ b/httemplate/edit/process/cust_main_attach.cgi @@ -4,6 +4,7 @@ %} else { % my $act = 'added'; % $act = 'updated' if ($attachnum); +% $act = 'purged' if($attachnum and $purge); % $act = 'undeleted' if($attachnum and $undelete); % $act = 'deleted' if($attachnum and $delete); <% header('Attachment ' . $act ) %> @@ -23,12 +24,13 @@ $cgi->param('attachnum') =~ /^(\d*)$/ or die "Illegal attachnum: ". $cgi->param('attachnum'); my $attachnum = $1; -my $otaker = $FS::CurrentUser::CurrentUser->name; -$otaker = $FS::CurrentUser::CurrentUser->username - if ($otaker eq "User, Legacy"); +my $curuser = $FS::CurrentUser::CurrentUser; +my $otaker = $curuser->name; +$otaker = $curuser->username if ($otaker eq "User, Legacy"); my $delete = $cgi->param('delete'); my $undelete = $cgi->param('undelete'); +my $purge = $cgi->param('purge'); my $new = new FS::cust_attachment ( { attachnum => $attachnum, @@ -44,6 +46,8 @@ if($attachnum) { if(!$old) { $error = "Attachnum '$attachnum' not found"; } + elsif($purge) { # do nothing + } else { map { $new->$_($old->$_) } ('_date', 'otaker', 'body', 'disabled'); @@ -72,12 +76,19 @@ else { # This is a new attachment, so require a file. $error = 'No file uploaded'; } } -my $user = $FS::CurrentUser::CurrentUser; +my $action = 'Add'; +$action = 'Edit' if $attachnum; +$action = 'Delete' if $attachnum and $delete; +$action = 'Undelete' if $attachnum and $undelete; +$action = 'Purge' if $attachnum and $purge; -$error = 'access denied' unless $user->access_right(($old ? 'Edit' : 'Add') . ' attachment'); +$error = 'access denied' unless $curuser->access_right($action . ' attachment'); if(!$error) { - if($old) { + if($old and $old->disabled and $purge) { + $error = $old->delete; + } + elsif($old) { $error = $new->replace($old); } else { diff --git a/httemplate/view/attachment.html b/httemplate/view/attachment.html index c85b1375f..5fc053967 100644 --- a/httemplate/view/attachment.html +++ b/httemplate/view/attachment.html @@ -1,16 +1,16 @@ +<% $attach->body %> <%init> my ($query) = $cgi->keywords; $query =~ /^(\d+)$/; my $attachnum = $1 or die 'Invalid attachment number'; $FS::CurrentUser::CurrentUser->access_right('Download attachment') or die 'access denied'; -my $attach = qsearchs('cust_attachment', { attachnum => $attachnum }) or die 'Attachment not found: $attachnum'; +my $attach = qsearchs('cust_attachment', { attachnum => $attachnum }) or die "Attachment not found: $attachnum"; +die 'access denied' if $attach->disabled; $m->clear_buffer; $r->content_type($attach->mime_type || 'text/plain'); $r->headers_out->add('Content-Disposition' => 'attachment;filename=' . $attach->filename); -binmode STDOUT; -print STDOUT $attach->body; </%init> diff --git a/httemplate/view/cust_main.cgi b/httemplate/view/cust_main.cgi index da1a56a96..bbdfe5166 100755 --- a/httemplate/view/cust_main.cgi +++ b/httemplate/view/cust_main.cgi @@ -108,7 +108,7 @@ Comments </TABLE></TABLE> <BR><BR> % } - +<A NAME="notes"> % my $notecount = scalar($cust_main->notes()); % if ( ! $conf->exists('cust_main-disable_notes') || $notecount) { @@ -152,6 +152,16 @@ Comments %> % } <% include('cust_main/attachments.html', 'custnum' => $cust_main->custnum ) %> +% if($cgi->param('show_deleted')) { +<A HREF="<% $p.'view/cust_main.cgi?custnum=' . $cust_main->custnum . + ($view ? ";show=$view" : '') . '#notes' + %>"><I>(Show active attachments)</I></A> +% } +% elsif($curuser->access_right('View deleted attachments')) { +<A HREF="<% $p.'view/cust_main.cgi?custnum=' . $cust_main->custnum . + ($view ? ";show=$view" : '') . ';show_deleted=1#notes' + %>"><I>(Show deleted attachments)</I></A> +% } <BR> % } diff --git a/httemplate/view/cust_main/attachments.html b/httemplate/view/cust_main/attachments.html index e25814ff5..53635fd62 100755 --- a/httemplate/view/cust_main/attachments.html +++ b/httemplate/view/cust_main/attachments.html @@ -19,9 +19,19 @@ % my $bgcolor1 = '#eeeeee'; % my $bgcolor2 = '#ffffff'; % my $bgcolor = ''; +% if($cgi->param('show_deleted')) { +% if ($curuser->access_right('View deleted attachments')) { +% @attachments = grep { $_->disabled } @attachments; +% } +% else { +% @attachments = (); +% } +% } +% else { +% @attachments = grep { not $_->disabled } @attachments; +% } % -% foreach my $attach ((grep { $_->disabled } @attachments), -% (grep { ! $_->disabled } @attachments)) { +% foreach my $attach (@attachments) { % % if ( $bgcolor eq $bgcolor1 ) { % $bgcolor = $bgcolor2; @@ -32,42 +42,38 @@ % my $pop = popurl(3); % my $attachnum = $attach->attachnum; % my $edit = ''; -% my $download = ''; -% if($attach->disabled) { -% my $onclick = include('/elements/popup_link_onclick.html', -% 'action' => popurl(2). -% 'edit/process/cust_main_attach.cgi'. -% "?custnum=$custnum;". -% "attachnum=$attachnum;". -% "undelete=1", -% 'actionlabel' => 'Undelete attachment', -% 'width' => 616, -% 'height' => 408, -% 'frame' => 'top', -% ); -% my $clickjs = qq!onclick="$onclick"!; -% if($curuser->access_right('Edit attachment')) { -% $edit = qq! <A HREF="javascript:void(0);" $clickjs>(undelete)</A>!; +% if($attach->disabled) { # then you can undelete it or purge it. +% if ($curuser->access_right('Undelete attachment')) { +% my $clickjs = popup('edit/process/cust_main_attach.cgi?'. +% "custnum=$custnum;attachnum=$attachnum;". +% "undelete=1", +% 'Undelete attachment'); +% $edit .= qq! <A HREF="javascript:void(0);" $clickjs>(undelete)</A>!; +% } +% if ($curuser->access_right('Purge attachment')) { +% my $clickjs = popup('edit/process/cust_main_attach.cgi?'. +% "custnum=$custnum;attachnum=$attachnum;". +% "purge=1", +% 'Purge attachment'); +% $edit .= qq! <A HREF="javascript:void(0);" $clickjs>(purge)</A>!; % } % } -% else { -% my $onclick = include( '/elements/popup_link_onclick.html', -% 'action' => popurl(2). -% 'edit/cust_main_attach.cgi'. -% "?custnum=$custnum". -% ";attachnum=$attachnum", -% 'actionlabel' => 'Edit customer note', -% 'width' => 616, -% 'height' => 408, -% 'frame' => 'top', -% ); -% my $clickjs = qq!onclick="$onclick"!; -% +% else { # you can download or edit it % if ($curuser->access_right('Edit attachment') ) { -% $edit = qq! <A HREF="javascript:void(0);" $clickjs>(edit)</A>!; +% my $clickjs = popup('edit/cust_main_attach.cgi?'. +% "custnum=$custnum;attachnum=$attachnum", +% 'Edit attachment properties'); +% $edit .= qq! <A HREF="javascript:void(0);" $clickjs>(edit)</A>!; +% } +% if($curuser->access_right('Delete attachment') ) { +% my $clickjs = popup('edit/process/cust_main_attach.cgi?'. +% "custnum=$custnum;attachnum=$attachnum;". +% "delete=1", +% 'Delete attachment'); +% $edit .= qq! <A HREF="javascript:void(0);" $clickjs>(delete)</A>!; % } % if ($curuser->access_right('Download attachment') ) { -% $download = qq! <A HREF="!.popurl(1).'attachment.html?'.$attachnum.qq!">(download)</A>!; +% $edit .= qq! <A HREF="!.popurl(1).'attachment.html?'.$attachnum.qq!">(download)</A>!; % } % } @@ -86,10 +92,8 @@ <% size_units( $attach->size ) %> </TD> <TD CLASS="grid" BGCOLOR="<% $bgcolor %>"> - <% $edit %> - <% $download %> + <% $edit %> </TD> - <% $attach->disabled ? '</I>' : '' %> </TR> % } #end display notes @@ -130,4 +134,18 @@ sub size_units { return int($bytes / 1048576)."M"; } +sub popup { + my ($url, $label) = @_; + my $onclick = + include('/elements/popup_link_onclick.html', + 'action' => popurl(2).$url, + 'actionlabel' => $label, + 'width' => 616, + 'height' => 408, + 'frame' => 'top', + ); + return qq!onclick="$onclick"!; +} + + </%init> |