when using pkg-balances, limit self-service access when a customer with multiple...

[freeside.git] / fs_selfservice / FS-SelfService / cgi / selfservice.cgi
diff --git a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi

index 36557b6..a5a7d18 100644 (file)
--- a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
+++ b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
@@ -9,15 +9,15 @@ use Text::Template;
  use HTML::Entities;
  use Date::Format;
  use Number::Format 1.50;
  use HTML::Entities;
  use Date::Format;
  use Number::Format 1.50;
-use FS::SelfService qw( login customer_info edit_info invoice
-                        payment_info process_payment 
-                        process_prepay
-                        list_pkgs order_pkg signup_info order_recharge
-                        part_svc_info provision_acct provision_external
-                        unprovision_svc change_pkg domainselector
-                        list_svcs list_svc_usage list_support_usage
-                        myaccount_passwd
-                      );
+use FS::SelfService qw(
+  access_info login_info login customer_info edit_info invoice
+  payment_info process_payment realtime_collect process_prepay
+  list_pkgs order_pkg signup_info order_recharge
+  part_svc_info provision_acct provision_external
+  unprovision_svc change_pkg domainselector
+  list_svcs list_svc_usage list_cdr_usage list_support_usage
+  myaccount_passwd
+);
  
  $template_dir = '.';
  
  
  $template_dir = '.';
  
@@ -28,7 +28,9 @@ $form_max = 255;
  $cgi = new CGI;
  
  unless ( defined $cgi->param('session') ) {
  $cgi = new CGI;
  
  unless ( defined $cgi->param('session') ) {
-  do_template('login',{});
+  my $login_info = login_info();
+
+  do_template('login', $login_info );
    exit;
  }
  
    exit;
  }
  
@@ -52,10 +54,12 @@ if ( $cgi->param('session') eq 'login' ) {
      'password' => $password,
    );
    if ( $rv->{error} ) {
      'password' => $password,
    );
    if ( $rv->{error} ) {
+    my $login_info = login_info();
      do_template('login', {
        'error'    => $rv->{error},
        'username' => $username,
        'domain'   => $domain,
      do_template('login', {
        'error'    => $rv->{error},
        'username' => $username,
        'domain'   => $domain,
+      %$login_info,
      } );
      exit;
    } else {
      } );
      exit;
    } else {
@@ -68,7 +72,7 @@ $session_id = $cgi->param('session');
  
  #order|pw_list XXX ???
  $cgi->param('action') =~
  
  #order|pw_list XXX ???
  $cgi->param('action') =~
-    /^(myaccount|view_invoice|make_payment|make_ach_payment|payment_results|ach_payment_results|recharge_prepay|recharge_results|logout|change_bill|change_ship|change_pay|process_change_bill|process_change_ship|process_change_pay|customer_order_pkg|process_order_pkg|customer_change_pkg|process_change_pkg|process_order_recharge|provision|provision_svc|process_svc_acct|process_svc_external|delete_svc|view_usage|view_usage_details|view_support_details|change_password|process_change_password)$/
+    /^(myaccount|view_invoice|make_payment|make_ach_payment|make_thirdparty_payment|payment_results|ach_payment_results|recharge_prepay|recharge_results|logout|change_bill|change_ship|change_pay|process_change_bill|process_change_ship|process_change_pay|customer_order_pkg|process_order_pkg|customer_change_pkg|process_change_pkg|process_order_recharge|provision|provision_svc|process_svc_acct|process_svc_external|delete_svc|view_usage|view_usage_details|view_cdr_details|view_support_details|change_password|process_change_password)$/
    or die "unknown action ". $cgi->param('action');
  my $action = $1;
  
    or die "unknown action ". $cgi->param('action');
  my $action = $1;
  
@@ -81,7 +85,8 @@ die $@ if $@;
  if ( $result->{error} eq "Can't resume session"
    || $result->{error} eq "Expired session" ) { #ick
  
  if ( $result->{error} eq "Can't resume session"
    || $result->{error} eq "Expired session" ) { #ick
  
-  do_template('login',{});
+  my $login_info = login_info();
+  do_template('login', $login_info);
    exit;
  }
  
    exit;
  }
  
@@ -93,6 +98,7 @@ warn "processing template $action\n"
  do_template($action, {
    'session_id' => $session_id,
    'action'     => $action, #so the menu knows what tab we're on...
  do_template($action, {
    'session_id' => $session_id,
    'action'     => $action, #so the menu knows what tab we're on...
+  #%{ payment_info( 'session_id' => $session_id ) },  # cust_paybys for the menu
    %{$result}
  });
  
    %{$result}
  });
  
@@ -140,7 +146,7 @@ sub _process_change_info {
  sub process_change_bill {
          _process_change_info( 'change_bill', 
            qw( first last company address1 address2 city state
  sub process_change_bill {
          _process_change_info( 'change_bill', 
            qw( first last company address1 address2 city state
-              county state zip country daytime night fax )
+              county zip country daytime night fax )
          );
  }
  
          );
  }
  
@@ -157,11 +163,22 @@ sub process_change_ship {
  }
  
  sub process_change_pay {
  }
  
  sub process_change_pay {
-        _process_change_info( 'change_pay', 
+        my $postal = $cgi->param( 'postal_invoicing' );
+        my @list =
            qw( payby payinfo payinfo1 payinfo2 month year payname
                address1 address2 city county state zip country auto paytype
            qw( payby payinfo payinfo1 payinfo2 month year payname
                address1 address2 city county state zip country auto paytype
-              paystate ss stateid stateid_state )
-        );
+              paystate ss stateid stateid_state invoicing_list
+            );
+        push @list, 'postal_invoicing' if $postal;
+        unless ( $postal || $cgi->param( 'invoicing_list' ) ) {
+          $action = 'change_pay';
+          return {
+            %{&change_pay()},
+            $cgi->Vars,
+            'error' => '<FONT COLOR="#FF0000">Postal or email required.</FONT>',
+          };
+        }
+        _process_change_info( 'change_pay', @list );
  }
  
  sub view_invoice {
  }
  
  sub view_invoice {
@@ -348,12 +365,15 @@ sub payment_results {
    $cgi->param('city') =~ /^(.{0,80})$/ or die "illegal city";
    my $city = $1;
  
    $cgi->param('city') =~ /^(.{0,80})$/ or die "illegal city";
    my $city = $1;
  
-  $cgi->param('state') =~ /^(.{2})$/ or die "illegal state";
+  $cgi->param('state') =~ /^(.{0,80})$/ or die "illegal state";
    my $state = $1;
  
    $cgi->param('zip') =~ /^(.{0,10})$/ or die "illegal zip";
    my $zip = $1;
  
    my $state = $1;
  
    $cgi->param('zip') =~ /^(.{0,10})$/ or die "illegal zip";
    my $zip = $1;
  
+  $cgi->param('country') =~ /^(.{0,2})$/ or die "illegal country";
+  my $country = $1;
+
    my $save = 0;
    $save = 1 if $cgi->param('save');
  
    my $save = 0;
    $save = 1 if $cgi->param('save');
  
@@ -377,6 +397,7 @@ sub payment_results {
      'city'       => $city,
      'state'      => $state,
      'zip'        => $zip,
      'city'       => $city,
      'state'      => $state,
      'zip'        => $zip,
+    'country'    => $country,
      'save'       => $save,
      'auto'       => $auto,
      'paybatch'   => $paybatch,
      'save'       => $save,
      'auto'       => $auto,
      'paybatch'   => $paybatch,
@@ -456,6 +477,12 @@ sub ach_payment_results {
  
  }
  
  
  }
  
+sub make_thirdparty_payment {
+  $cgi->param('payby_method') =~ /^(CC|ECHECK)$/
+    or die "illegal payby method";
+  realtime_collect( 'session_id' => $session_id, 'method' => $1 );
+}
+
  sub recharge_prepay {
    customer_info( 'session_id' => $session_id );
  }
  sub recharge_prepay {
    customer_info( 'session_id' => $session_id );
  }
@@ -541,7 +568,7 @@ sub delete_svc {
  sub view_usage {
    list_svcs(
      'session_id'  => $session_id,
  sub view_usage {
    list_svcs(
      'session_id'  => $session_id,
-    'svcdb'       => 'svc_acct',
+    'svcdb'       => [ 'svc_acct', 'svc_phone' ],
      'ncancelled'  => 1,
    );
  }
      'ncancelled'  => 1,
    );
  }
@@ -555,6 +582,15 @@ sub view_usage_details {
    );
  }
  
    );
  }
  
+sub view_cdr_details {
+  list_cdr_usage(
+    'session_id'  => $session_id,
+    'svcnum'      => $cgi->param('svcnum'),
+    'beginning'   => $cgi->param('beginning') || '',
+    'ending'      => $cgi->param('ending') || '',
+  );
+}
+
  sub view_support_details {
    list_support_usage(
      'session_id'  => $session_id,
  sub view_support_details {
    list_support_usage(
      'session_id'  => $session_id,
@@ -609,12 +645,21 @@ sub do_template {
    $fill_in->{'selfurl'} = $cgi->self_url;
    $fill_in->{'cgi'} = \$cgi;
  
    $fill_in->{'selfurl'} = $cgi->self_url;
    $fill_in->{'cgi'} = \$cgi;
  
-  my $template = new Text::Template( TYPE    => 'FILE',
-                                     SOURCE  => "$template_dir/$name.html",
+  my $access_info = $session_id
+                      ? access_info( 'session_id' => $session_id )
+                      : {};
+  $fill_in->{$_} = $access_info->{$_} foreach keys %$access_info;
+
+  my $source = "$template_dir/$name.html";
+  #warn "creating template for $source\n";
+  my $template = new Text::Template( TYPE       => 'FILE',
+                                     SOURCE     => $source,
                                       DELIMITERS => [ '<%=', '%>' ],
                                       DELIMITERS => [ '<%=', '%>' ],
-                                     UNTAINT => 1,                    )
+                                     UNTAINT    => 1,
+                                   )
      or die $Text::Template::ERROR;
  
      or die $Text::Template::ERROR;
  
+  #warn "filling in $template with $fill_in\n";
    print $cgi->header( '-expires' => 'now' ),
          $template->fill_in( PACKAGE => 'FS::SelfService::_selfservicecgi',
                              HASH    => $fill_in
    print $cgi->header( '-expires' => 'now' ),
          $template->fill_in( PACKAGE => 'FS::SelfService::_selfservicecgi',
                              HASH    => $fill_in
@@ -627,7 +672,7 @@ package FS::SelfService::_selfservicecgi;
  
  #use FS::SelfService qw(regionselector expselect popselector);
  use HTML::Entities;
  
  #use FS::SelfService qw(regionselector expselect popselector);
  use HTML::Entities;
-use FS::SelfService qw(regionselector popselector domainselector);
+use FS::SelfService qw(regionselector popselector domainselector location_form);
  
  #false laziness w/agent.cgi
  sub include {
  
  #false laziness w/agent.cgi
  sub include {