In contrast to the self-service API, which authenticates an end-user and offers
functionality to that end user, the backend API performs a simple shared-secret
authentication and offers full, administrator functionality, enabling
-integration with other back-office systems.
+integration with other back-office systems. Only access this API from a secure
+network from other backoffice machines. DON'T use this API to create customer
+portal functionality.
If accessing this API remotely with XML-RPC or JSON-RPC, be careful to block
the port by default, only allow access from back-office servers with the same
Adds a new payment to a customers account. Takes a list of keys and values as
paramters with the following keys:
-=over 5
+=over 4
=item secret
#enter cash payment
sub insert_payment {
my($class, %opt) = @_;
- my $conf = new FS::Conf;
- return { 'error' => 'Incorrect shared secret' }
- unless $opt{secret} eq $conf->config('api_shared_secret');
+ return _shared_secret_error() unless _check_shared_secret($opt{secret});
#less "raw" than this? we are the backoffice API, and aren't worried
# about version migration ala cust_main/cust_location here
# pass the phone number ( from svc_phone )
sub insert_payment_phonenum {
my($class, %opt) = @_;
- my $conf = new FS::Conf;
- return { 'error' => 'Incorrect shared secret' }
- unless $opt{secret} eq $conf->config('api_shared_secret');
-
$class->_by_phonenum('insert_payment', %opt);
-
}
sub _by_phonenum {
my($class, $method, %opt) = @_;
- my $conf = new FS::Conf;
- return { 'error' => 'Incorrect shared secret' }
- unless $opt{secret} eq $conf->config('api_shared_secret');
+ return _shared_secret_error() unless _check_shared_secret($opt{secret});
my $phonenum = delete $opt{'phonenum'};
$opt{'custnum'} = $cust_pkg->custnum;
$class->$method(%opt);
-
}
=item insert_credit OPTION => VALUE, ...
#Enter credit
sub insert_credit {
my($class, %opt) = @_;
- my $conf = new FS::Conf;
- return { 'error' => 'Incorrect shared secret' }
- unless $opt{secret} eq $conf->config('api_shared_secret');
+ return _shared_secret_error() unless _check_shared_secret($opt{secret});
- $opt{'reasonnum'} ||= $conf->config('api_credit_reason');
+ $opt{'reasonnum'} ||= FS::Conf->new->config('api_credit_reason');
#less "raw" than this? we are the backoffice API, and aren't worried
# about version migration ala cust_main/cust_location here
# pass the phone number ( from svc_phone )
sub insert_credit_phonenum {
my($class, %opt) = @_;
- my $conf = new FS::Conf;
- return { 'error' => 'Incorrect shared secret' }
- unless $opt{secret} eq $conf->config('api_shared_secret');
-
$class->_by_phonenum('insert_credit', %opt);
+}
+
+=item apply_payments_and_credits
+
+Applies payments and credits for this customer. Takes a list of keys and
+values as parameter with the following keys:
+
+=over 4
+
+=item secret
+
+API secret
+
+=item custnum
+
+Customer number
+
+=back
+
+=cut
+
+#apply payments and credits
+sub apply_payments_and_credits {
+ my($class, %opt) = @_;
+ return _shared_secret_error() unless _check_shared_secret($opt{secret});
+ my $cust_main = qsearchs('cust_main', { 'custnum' => $opt{custnum} })
+ or return { 'error' => 'Unknown custnum' };
+
+ my $error = $cust_main->apply_payments_and_credits( 'manual'=>1 );
+ return { 'error' => $error, };
}
=item insert_refund OPTION => VALUE, ...
#Enter cash refund.
sub insert_refund {
my($class, %opt) = @_;
- my $conf = new FS::Conf;
- return { 'error' => 'Incorrect shared secret' }
- unless $opt{secret} eq $conf->config('api_shared_secret');
+ return _shared_secret_error() unless _check_shared_secret($opt{secret});
# when github pull request #24 is merged,
# will have to change over to default reasonnum like credit
# pass the phone number ( from svc_phone )
sub insert_refund_phonenum {
my($class, %opt) = @_;
- my $conf = new FS::Conf;
- return { 'error' => 'Incorrect shared secret' }
- unless $opt{secret} eq $conf->config('api_shared_secret');
-
$class->_by_phonenum('insert_refund', %opt);
-
}
#---
sub new_customer {
my( $class, %opt ) = @_;
- my $conf = new FS::Conf;
- return { 'error' => 'Incorrect shared secret' }
- unless $opt{secret} eq $conf->config('api_shared_secret');
+ return _shared_secret_error() unless _check_shared_secret($opt{secret});
#default agentnum like signup_server-default_agentnum?
#same for refnum like signup_server-default_refnum
my $cust_main = new FS::cust_main ( {
- 'agentnum' => $agentnum,
'refnum' => $opt{refnum}
- || $conf->config('signup_server-default_refnum'),
+ || FS::Conf->new->config('signup_server-default_refnum'),
'payby' => 'BILL',
'tagnum' => [ FS::part_tag->default_tags ],
=cut
sub update_customer {
-
my( $class, %opt ) = @_;
-
- my $conf = new FS::Conf;
- return { 'error' => 'Incorrect shared secret' }
- unless $opt{secret} eq $conf->config('api_shared_secret');
-
+ return _shared_secret_error() unless _check_shared_secret($opt{secret});
my $custnum = $opt{'custnum'}
or return { 'error' => "no customer record" };
sub customer_info {
my( $class, %opt ) = @_;
- my $conf = new FS::Conf;
- return { 'error' => 'Incorrect shared secret' }
- unless $opt{secret} eq $conf->config('api_shared_secret');
+ return _shared_secret_error() unless _check_shared_secret($opt{secret});
my $cust_main = qsearchs('cust_main', { 'custnum' => $opt{custnum} })
or return { 'error' => 'Unknown custnum' };
sub location_info {
my( $class, %opt ) = @_;
- my $conf = new FS::Conf;
- return { 'error' => 'Incorrect shared secret' }
- unless $opt{secret} eq $conf->config('api_shared_secret');
+ return _shared_secret_error() unless _check_shared_secret($opt{secret});
my @cust_location = qsearch('cust_location', { 'custnum' => $opt{custnum} });
sub bill_now {
my( $class, %opt ) = @_;
- my $conf = new FS::Conf;
- return { 'error' => 'Incorrect shared secret' }
- unless $opt{secret} eq $conf->config('api_shared_secret');
+ return _shared_secret_error() unless _check_shared_secret($opt{secret});
my $cust_main = qsearchs('cust_main', { 'custnum' => $opt{custnum} })
or return { 'error' => 'Unknown custnum' };
}
-#Advertising sources?
+#next.. Advertising sources?
+
+##
+# helper subroutines
+##
+
+sub _check_shared_secret {
+ shift eq FS::Conf->new->config('api_shared_secret');
+}
+
+sub _shared_secret_error {
+ return { 'error' => 'Incorrect shared secret' };
+}
1;