self-service API: allow changing CVV with edit_info, RT#36795

[freeside.git] / FS / FS / ClientAPI / MyAccount.pm

diff --git a/FS/FS/ClientAPI/MyAccount.pm b/FS/FS/ClientAPI/MyAccount.pm
index cb6ac02..85a96c7 100644 (file)
--- a/FS/FS/ClientAPI/MyAccount.pm
+++ b/FS/FS/ClientAPI/MyAccount.pm
@@ -260,16 +260,39 @@ sub login {
     my $svc_domain = qsearchs('svc_domain', { 'domain' => $p->{'domain'} } )
       or return { error => 'Domain '. $p->{'domain'}. ' not found' };
 
-    my $svc_acct = qsearchs( 'svc_acct', { 'username'  => $p->{'username'},
-                                           'domsvc'    => $svc_domain->svcnum, }
-                           );
-    return { error => 'User not found.' } unless $svc_acct;
+    my @svc_acct = qsearch( 'svc_acct', { 'username'  => $p->{'username'},
+                                          'domsvc'    => $svc_domain->svcnum, }
+                          );
+
+    if ( $conf->exists('selfservice_server-login_svcpart') ) {
+      my @svcpart = $conf->config('selfservice_server-login_svcpart');
+      @svc_acct = grep { my $svcpart = $_->cust_svc->svcpart;
+                         scalar( grep( $_ eq $svcpart, @svcpart ) );
+                       }
+                    @svc_acct;
+    }
+
+    if ( $conf->exists('selfservice_server-primary_only') ) {
+        @svc_acct =
+          grep {
+            my $cust_svc = $_->cust_svc;
+            $cust_svc->cust_pkg->part_pkg->svcpart([qw( svc_acct svc_phone )])
+              == $cust_svc->svcpart
+          }
+          @svc_acct;
+    }
+
+    return { error => 'User not found.' } unless @svc_acct;
+
+    return { error => 'Multiple users.' } if scalar(@svc_acct) > 1;
 
-    if($conf->exists('selfservice_server-login_svcpart')) {
-       my @svcpart = $conf->config('selfservice_server-login_svcpart');
-       my $svcpart = $svc_acct->cust_svc->svcpart;
-       return { error => 'Invalid user.' } 
-           unless grep($_ eq $svcpart, @svcpart);
+    my $svc_acct = $svc_acct[0];
+
+    if ( $conf->exists('selfservice_server-login_svcpart') ) {
+      my @svcpart = $conf->config('selfservice_server-login_svcpart');
+      my $svcpart = $svc_acct->cust_svc->svcpart;
+      return { error => 'Invalid user.' } 
+        unless grep($_ eq $svcpart, @svcpart);
     }
 
     return { error => 'Incorrect password.' }
@@ -799,16 +822,16 @@ sub edit_info {
 
     if ( $new->payinfo eq $cust_main->paymask ) {
       $new->payinfo($cust_main->payinfo);
+      $new->paycvv( $p->{'paycvv'} || $cust_main->paycvv );
     } else {
       $new->payinfo($p->{'payinfo'});
+      return { 'error' => 'CVV2 is required' }
+        if ! $p->{'paycvv'} && $conf->exists('selfservice-onfile_require_cvv');
+      $new->paycvv( $p->{'paycvv'} )
     }
 
     $new->set( 'payby' => $p->{'auto'} ? 'CARD' : 'DCRD' );
 
-    if ( $conf->exists('selfservice-onfile_require_cvv') ){
-      return { 'error' => 'CVV2 is required' } unless $p->{'paycvv'};
-    }
-
   } elsif ( $payby =~ /^(CHEK|DCHK)$/ ) {
 
     my $payinfo;