+ my( $self ) = shift;
+ my %opt = ref($_[0]) ? %{$_[0]} : @_;
+
+ my $agentnum = $opt{'table'} ? $opt{'table'}.'.agentnum' : 'agentnum';
+
+# my @agentnums = map { "$agentnum = $_" } $self->agentnums;
+ my @agentnums = ();
+ push @agentnums, "$agentnum IN (". join(',', $self->agentnums). ')';
+
+ push @agentnums, "$agentnum IS NULL"
+ if $opt{'null'}
+ || ( $opt{'null_right'} && $self->access_right($opt{'null_right'}) );
+
+ return ' 1 = 0 ' unless scalar(@agentnums);
+ '( '. join( ' OR ', @agentnums ). ' )';
+
+}
+
+=item agentnum
+
+Returns true if the user can view the specified agent.
+
+=cut
+
+sub agentnum {
+ my( $self, $agentnum ) = @_;
+ my $sth = dbh->prepare(
+ "SELECT COUNT(*) FROM access_usergroup
+ JOIN access_groupagent USING ( groupnum )
+ WHERE usernum = ? AND agentnum = ?"
+ ) or die dbh->errstr;
+ $sth->execute($self->usernum, $agentnum) or die $sth->errstr;
+ $sth->fetchrow_arrayref->[0];
+}
+
+=item agents
+
+Returns the list of agents this user can view (via group membership), as
+FS::agent objects.
+
+=cut
+
+sub agents {
+ my $self = shift;
+ qsearch({
+ 'table' => 'agent',
+ 'hashref' => { disabled=>'' },
+ 'extra_sql' => ' AND '. $self->agentnums_sql,
+ });
+}
+
+=item access_right RIGHTNAME | LISTREF
+
+Given a right name or a list reference of right names, returns true if this
+user has this right, or, for a list, one of the rights (currently via group
+membership, eventually also via user overrides).
+
+=cut
+
+sub access_right {
+ my( $self, $rightname ) = @_;
+
+ $rightname = [ $rightname ] unless ref($rightname);
+
+ warn "$me access_right called on ". join(', ', @$rightname). "\n"
+ if $DEBUG;
+
+ #some caching of ACL requests for low-hanging fruit perf improvement
+ #since we get a new $CurrentUser object each page view there shouldn't be any
+ #issues with stickiness
+ if ( $self->{_ACLcache} ) {
+
+ unless ( grep !exists($self->{_ACLcache}{$_}), @$rightname ) {
+ warn "$me ACL cache hit for ". join(', ', @$rightname). "\n"
+ if $DEBUG;
+ return grep $self->{_ACLcache}{$_}, @$rightname
+ }
+
+ warn "$me ACL cache miss for ". join(', ', @$rightname). "\n"
+ if $DEBUG;
+
+ } else {
+
+ warn "initializing ACL cache\n"
+ if $DEBUG;
+ $self->{_ACLcache} = {};
+
+ }
+
+ my $has_right = ' rightname IN ('. join(',', map '?', @$rightname ). ') ';
+
+ my $sth = dbh->prepare("
+ SELECT groupnum FROM access_usergroup
+ LEFT JOIN access_group USING ( groupnum )
+ LEFT JOIN access_right
+ ON ( access_group.groupnum = access_right.rightobjnum )
+ WHERE usernum = ?
+ AND righttype = 'FS::access_group'
+ AND $has_right
+ LIMIT 1
+ ") or die dbh->errstr;
+ $sth->execute($self->usernum, @$rightname) or die $sth->errstr;
+ my $row = $sth->fetchrow_arrayref;
+
+ my $return = $row ? $row->[0] : '';
+
+ #just caching the single-rightname hits should be enough of a win for now
+ if ( scalar(@$rightname) == 1 ) {
+ $self->{_ACLcache}{${$rightname}[0]} = $return;
+ }
+
+ $return;
+
+}
+
+=item default_customer_view
+
+Returns the default customer view for this user, from the
+"default_customer_view" user preference, the "cust_main-default_view" config,
+or the hardcoded default, "jumbo" (may change to "basics" in the near future).
+
+=cut
+
+sub default_customer_view {