1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
<% $server->process %>
<%init>
my $curuser = $FS::CurrentUser::CurrentUser;
die "access denied"
unless $curuser->access_right('Process batches')
|| $curuser->access_right('Process global batches');
# look up paybatch using agentnums_sql & status constraints
# to validate access for this particular cust_pay_batch,
# similar to how it's done in cust_pay_batch.cgi
my %arg = $cgi->param('arg');
my $paybatchnum = $arg{'paybatchnum'};
$paybatchnum =~ /^\d+$/ or die "Illegal paybatchnum";
my @search = ();
push @search, 'cust_pay_batch.paybatchnum = ' . $paybatchnum;
push @search, '(cust_pay_batch.status = \'\' OR cust_pay_batch.status IS NULL)';
push @search, 'pay_batch.status = \'O\'';
push @search, $curuser->agentnums_sql({ table => 'cust_main' });
push @search, $curuser->agentnums_sql({ table => 'pay_batch',
null_right => 'Process global batches',
});
my $search = ' WHERE ' . join(' AND ', @search);
die "permission denied" unless qsearchs({
'table' => 'cust_pay_batch',
'hashref' => {},
'addl_from' => 'LEFT JOIN pay_batch USING ( batchnum ) '.
'LEFT JOIN cust_main USING ( custnum ) '.
'LEFT JOIN cust_pay USING ( batchnum, custnum ) ',
'extra_sql' => $search
});
my $server = new FS::UI::Web::JSRPC 'FS::cust_pay_batch::process_unbatch_and_delete', $cgi;
</%init>
|
