From 97e6cec67c0c99ce1b6f0667a09f1e009100189d Mon Sep 17 00:00:00 2001
From: ivan <ivan>
Date: Sun, 13 Jan 2008 21:14:32 +0000
Subject: ACLs

---
 httemplate/misc/unprovision.cgi | 47 ++++++++++++++++++-----------------------
 1 file changed, 21 insertions(+), 26 deletions(-)

(limited to 'httemplate/misc/unprovision.cgi')

diff --git a/httemplate/misc/unprovision.cgi b/httemplate/misc/unprovision.cgi
index b5e510695..4ab15fdc0 100755
--- a/httemplate/misc/unprovision.cgi
+++ b/httemplate/misc/unprovision.cgi
@@ -1,31 +1,26 @@
-%
-%
-%my $dbh = dbh;
-% 
-%#untaint svcnum
-%my($query) = $cgi->keywords;
-%$query =~ /^(\d+)$/;
-%my $svcnum = $1;
-%
-%#my $svc_acct = qsearchs('svc_acct',{'svcnum'=>$svcnum});
-%#die "Unknown svcnum!" unless $svc_acct;
-%
-%my $cust_svc = qsearchs('cust_svc',{'svcnum'=>$svcnum});
-%die "Unknown svcnum!" unless $cust_svc;
-%
-%my $custnum = $cust_svc->cust_pkg->custnum;
-%
-%my $error = $cust_svc->cancel;
-%
 %if ( $error ) {
-%  
-
-<!-- mason kludge -->
-%
 %  errorpage($error);
 %} else {
-%  print $cgi->redirect(popurl(2)."view/cust_main.cgi?$custnum");
+<% $cgi->redirect(popurl(2)."view/cust_main.cgi?$custnum") %>
 %}
-%
-%
+<%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Unprovision customer service');
+
+#untaint svcnum
+my($query) = $cgi->keywords;
+$query =~ /^(\d+)$/;
+my $svcnum = $1;
+
+#my $svc_acct = qsearchs('svc_acct',{'svcnum'=>$svcnum});
+#die "Unknown svcnum!" unless $svc_acct;
+
+my $cust_svc = qsearchs('cust_svc',{'svcnum'=>$svcnum});
+die "Unknown svcnum!" unless $cust_svc;
+
+my $custnum = $cust_svc->cust_pkg->custnum;
+
+my $error = $cust_svc->cancel;
 
+</%init>
-- 
cgit v1.2.1