diff options
Diffstat (limited to 'httemplate/edit')
| -rwxr-xr-x | httemplate/edit/cust_main_attach.cgi | 5 | ||||
| -rw-r--r-- | httemplate/edit/process/cust_main_attach.cgi | 23 |
2 files changed, 20 insertions, 8 deletions
diff --git a/httemplate/edit/cust_main_attach.cgi b/httemplate/edit/cust_main_attach.cgi index 7c9e407d9..dd460fa5e 100755 --- a/httemplate/edit/cust_main_attach.cgi +++ b/httemplate/edit/cust_main_attach.cgi @@ -24,7 +24,7 @@ Filename <INPUT TYPE="file" NAME="file"><BR> <INPUT TYPE="submit" NAME="submit" VALUE="<% $attachnum ? "Apply Changes" : "Upload File" %>"> -% if(defined $attach) { +% if(defined $attach and $curuser->access_right('Delete attachment')) { <BR> <INPUT TYPE="submit" NAME="delete" value="Delete File"> % } @@ -35,6 +35,7 @@ Filename <INPUT TYPE="file" NAME="file"><BR> <%init> +my $curuser = $FS::CurrentUser::CurrentUser; my $attachnum = ''; my $attach; if ( $cgi->param('error') ) { @@ -52,7 +53,7 @@ my $custnum = $1; my $action = $attachnum ? 'Edit' : 'Add'; die "access denied" - unless $FS::CurrentUser::CurrentUser->access_right("$action customer note"); + unless $curuser->access_right("$action customer note"); </%init> diff --git a/httemplate/edit/process/cust_main_attach.cgi b/httemplate/edit/process/cust_main_attach.cgi index 51eead076..98f4d0912 100644 --- a/httemplate/edit/process/cust_main_attach.cgi +++ b/httemplate/edit/process/cust_main_attach.cgi @@ -4,6 +4,7 @@ %} else { % my $act = 'added'; % $act = 'updated' if ($attachnum); +% $act = 'purged' if($attachnum and $purge); % $act = 'undeleted' if($attachnum and $undelete); % $act = 'deleted' if($attachnum and $delete); <% header('Attachment ' . $act ) %> @@ -23,12 +24,13 @@ $cgi->param('attachnum') =~ /^(\d*)$/ or die "Illegal attachnum: ". $cgi->param('attachnum'); my $attachnum = $1; -my $otaker = $FS::CurrentUser::CurrentUser->name; -$otaker = $FS::CurrentUser::CurrentUser->username - if ($otaker eq "User, Legacy"); +my $curuser = $FS::CurrentUser::CurrentUser; +my $otaker = $curuser->name; +$otaker = $curuser->username if ($otaker eq "User, Legacy"); my $delete = $cgi->param('delete'); my $undelete = $cgi->param('undelete'); +my $purge = $cgi->param('purge'); my $new = new FS::cust_attachment ( { attachnum => $attachnum, @@ -44,6 +46,8 @@ if($attachnum) { if(!$old) { $error = "Attachnum '$attachnum' not found"; } + elsif($purge) { # do nothing + } else { map { $new->$_($old->$_) } ('_date', 'otaker', 'body', 'disabled'); @@ -72,12 +76,19 @@ else { # This is a new attachment, so require a file. $error = 'No file uploaded'; } } -my $user = $FS::CurrentUser::CurrentUser; +my $action = 'Add'; +$action = 'Edit' if $attachnum; +$action = 'Delete' if $attachnum and $delete; +$action = 'Undelete' if $attachnum and $undelete; +$action = 'Purge' if $attachnum and $purge; -$error = 'access denied' unless $user->access_right(($old ? 'Edit' : 'Add') . ' attachment'); +$error = 'access denied' unless $curuser->access_right($action . ' attachment'); if(!$error) { - if($old) { + if($old and $old->disabled and $purge) { + $error = $old->delete; + } + elsif($old) { $error = $new->replace($old); } else { |