1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
|
package FS::AccessRight;
use strict;
use vars qw(@rights); # %rights);
use Tie::IxHash;
=head1 NAME
FS::AccessRight - Access control rights.
=head1 SYNOPSIS
use FS::AccessRight;
=head1 DESCRIPTION
Access control rights - Permission to perform specific actions that can be
assigned to users and/or groups.
=cut
#@rights = (
# 'Reports' => [
# '_desc' => 'Access to high-level reporting',
# ],
# 'Configuration' => [
# '_desc' => 'Access to configuration',
#
# 'Settings' => {},
#
# 'agent' => [
# '_desc' => 'Master access to reseller configuration',
# 'agent_type' => {},
# 'agent' => {},
# ],
#
# 'export_svc_pkg' => [
# '_desc' => 'Access to export, service and package configuration',
# 'part_export' => {},
# 'part_svc' => {},
# 'part_pkg' => {},
# 'pkg_class' => {},
# ],
#
# 'billing' => [
# '_desc' => 'Access to billing configuration',
# 'payment_gateway' => {},
# 'part_bill_event' => {},
# 'prepay_credit' => {},
# 'rate' => {},
# 'cust_main_county' => {},
# ],
#
# 'dialup' => [
# '_desc' => 'Access to dialup configuraiton',
# 'svc_acct_pop' => {},
# ],
#
# 'broadband' => [
# '_desc' => 'Access to broadband configuration',
# 'router' => {},
# 'addr_block' => {},
# ],
#
# 'misc' => [
# 'part_referral' => {},
# 'part_virtual_field' => {},
# 'msgcat' => {},
# 'inventory_class' => {},
# ],
#
# },
#
#);
#
##turn it into a more hash-like structure, but ordered via IxHash
#well, this is what we have for now. could be ordered better, could be lots of
# things better, but this ACL system does 99% of what folks need and the UI
# isn't *that* bad
@rights = (
'New customer',
'View customer',
#'View Customer | View tickets',
'Edit customer',
'Cancel customer',
'Complimentary customer', #aka users-allow_comp
'Delete customer', #aka. deletecustomers #Enable customer deletions. Be very careful! Deleting a customer will remove all traces that this customer ever existed! It should probably only be used when auditing a legacy database. Normally, you cancel all of a customers' packages if they cancel service.
'Order customer package',
'One-time charge',
'Change customer package',
'Bulk change customer packages',
'Edit customer package dates',
'Customize customer package',
'Suspend customer package',
'Unsuspend customer package',
'Cancel customer package immediately',
'Cancel customer package later',
'Provision customer service',
'Unprovision customer service',
'View/link unlinked services', #not agent-virtualizable without more work
'View invoices',
'Post payment',
'Post payment batch',
'Unapply payment', #aka. unapplypayments Enable "unapplication" of unclosed payments.
'Process payment',
'Refund payment',
'Delete payment', #aka. deletepayments - Enable deletion of unclosed payments. Be very careful! Only delete payments that were data-entry errors, not adjustments. Optionally specify one or more comma-separated email addresses to be notified when a payment is deleted.
'Post credit',
#'Apply credit',
'Unapply credit', #aka unapplycredits Enable "unapplication" of unclosed credits.
'Delete credit', #aka. deletecredits Enable deletion of unclosed credits. Be very careful! Only delete credits that were data-entry errors, not adjustments. Optionally specify one or more comma-separated email addresses to be notified when a credit is deleted.
'Credit card void', #aka. cc-void #Enable local-only voiding of echeck payments in addition to refunds against the payment gateway
'Echeck void', #aka. echeck-void #Enable local-only voiding of echeck payments in addition to refunds against the payment gateway
'Regular void',
'Unvoid', #aka. unvoid #Enable unvoiding of voided payments
'List customers',
#'List zip codes',
'List invoices',
'List packages',
'List services',
'List rating data',
'Financial reports',
'Job queue', # these are not currently agent-virtualized
'Import', #
'Export', #
'Edit advertising sources',
'Edit global advertising sources',
'Configuration', #most of the rest of the configuraiton is not
# agent-virtualized
);
sub rights {
@rights;
}
|
