-#false laziness w/FS::ClientAPI::MyAccount::login (needs to handle encrypted pw)
- my $svc_acct =
- ( length($old_password) < 13
- && qsearchs( 'svc_acct', { 'username' => $packet->{'username'},
- 'domsvc' => $svc_domain->svcnum,
- '_password' => $old_password } )
- )
- || qsearchs( 'svc_acct', { 'username' => $packet->{'username'},
- 'domsvc' => $svc_domain->svcnum,
- '_password' => $old_password } );
-
- unless ( $svc_acct ) { return { error => 'Incorrect password.' } }
+ #false laziness w/FS::ClientAPI::MyAccount::login
+
+ my $svc_acct = qsearchs( 'svc_acct', { 'username' => $packet->{'username'},
+ 'domsvc' => $svc_domain->svcnum, }
+ );
+ return { error => 'User not found.' } unless $svc_acct;
+
+ my $cust_pkg = $svc_acct->cust_svc->cust_pkg;
+ return { error => "Can't change password for a suspended service" }
+ if $cust_pkg && $cust_pkg->status eq 'suspended';
+
+ return { error => 'Incorrect password.' }
+ unless $svc_acct->check_password($old_password);