<TR>
<TD ALIGN="right">Amount</TD>
- <TD BGCOLOR="#ffffff">$<INPUT TYPE="text" NAME="refund" VALUE="<% $refund %>" SIZE=8 MAXLENGTH=8> by <B><% FS::payby->payname($payby) %></B></TD>
+ <TD BGCOLOR="#ffffff">$<INPUT TYPE="text" NAME="refund" VALUE="<% $refund %>" SIZE=8 MAXLENGTH=9> by <B><% FS::payby->payname($payby) %></B></TD>
</TR>
% if ( $payby eq 'BILL' ) {
<%init>
-die "access denied"
- unless $FS::CurrentUser::CurrentUser->access_right('Refund payment');
-
my $conf = new FS::Conf;
my $date_format = $conf->config('date_format') || '%m/%d/%Y';
my $reason = $cgi->param('reason');
my $link = $cgi->param('popup') ? 'popup' : '';
+my @rights = ();
+push @rights, 'Post refund' if $payby =~ /^(BILL|CASH)$/;
+push @rights, 'Post check refund' if $payby eq 'BILL';
+push @rights, 'Post cash refund ' if $payby eq 'CASH';
+push @rights, 'Refund payment' if $payby =~ /^(CARD|CHEK)$/;
+push @rights, 'Refund credit card payment' if $payby eq 'CARD';
+push @rights, 'Refund Echeck payment' if $payby eq 'CHEK';
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right(\@rights);
+
my( $paynum, $cust_pay ) = ( '', '' );
if ( $cgi->param('paynum') =~ /^(\d+)$/ ) {
$paynum = $1;