add separate "Edit customer tax exemptions" access right, RT#21416

[freeside.git] / httemplate / edit / process / cust_main.cgi

diff --git a/httemplate/edit/process/cust_main.cgi b/httemplate/edit/process/cust_main.cgi
index 622dd87..584462c 100755 (executable)
--- a/httemplate/edit/process/cust_main.cgi
+++ b/httemplate/edit/process/cust_main.cgi
@@ -16,8 +16,8 @@ my $DEBUG = 0;
 </%once>
 <%init>
 
-die "access denied"
-  unless $FS::CurrentUser::CurrentUser->access_right('Edit customer');
+my $curuser = $FS::CurrentUser::CurrentUser;
+die "access denied" unless $curuser->access_right('Edit customer');
 
 my $conf = new FS::Conf;
 
@@ -110,35 +110,7 @@ if ( $cgi->param('no_credit_limit') ) {
 
 $new->tagnum( [ $cgi->param('tagnum') ] );
 
-if ( my $id_country = $conf->config('national_id-country') ) {
-  if ( $id_country eq 'MY' ) {
-
-    if ( $cgi->param('national_id1') =~ /\S/ ) {
-      my $nric = $cgi->param('national_id1');
-      $nric =~ s/\s//g;
-      if ( $nric =~ /^(\d{6})\-?(\d{2})\-?(\d{4})$/ ) {
-        $new->national_id( "$1-$2-$3" );
-      } else {
-        $error ||= "Illegal NRIC: ". $cgi->param('national_id1');
-      }
-    } elsif ( $cgi->param('national_id2') =~ /\S/ ) {
-      my $oldic = $cgi->param('national_id2');
-      $oldic =~ s/\s//g;
-      if ( $oldic =~ /^\w\d{9}$/ ) {
-        $new->national_id($oldic);
-      } else {
-        $error ||= "Illegal Old IC/Passport: ". $cgi->param('national_id2');
-      }
-    } else {
-      $error ||= 'Either NRIC or Old IC/Passport is required';
-    }
-    
-  } else {
-    warn "unknown national_id-country $id_country";
-  }
-} elsif ( $cgi->param('national_id0') ) {
-  $new->national_id( $cgi->param('national_id0') );
-}
+$error ||= $new->set_national_id_from_cgi( $cgi );
 
 my %usedatetime = ( 'birthdate'        => 1,
                     'spouse_birthdate' => 1,
@@ -184,9 +156,14 @@ foreach my $dfield (qw(
 $new->setfield('paid', $cgi->param('paid') )
   if $cgi->param('paid');
 
-my @exempt_groups = grep /\S/, $conf->config('tax-cust_exempt-groups');
-my @tax_exempt = grep { $cgi->param("tax_$_") eq 'Y' } @exempt_groups;
-my %tax_exempt = map { $_ => scalar($cgi->param("tax_$_".'_num')) } @tax_exempt;
+my %options = ();
+if ( $curuser->access_right('Edit customer tax exemptions') ) { 
+  my @exempt_groups = grep /\S/, $conf->config('tax-cust_exempt-groups');
+  my @tax_exempt = grep { $cgi->param("tax_$_") eq 'Y' } @exempt_groups;
+  $options{'tax_exemption'} = {
+    map { $_ => scalar($cgi->param("tax_$_".'_num')) } @tax_exempt
+  };
+}
 
 #perhaps this stuff should go to cust_main.pm
 if ( $new->custnum eq '' or $duplicate_of ) {
@@ -294,8 +271,8 @@ if ( $new->custnum eq '' or $duplicate_of ) {
   else {
     # create the customer
     $error ||= $new->insert( \%hash, \@invoicing_list,
-                           'tax_exemption'=> \%tax_exempt,
-                           'prospectnum'  => scalar($cgi->param('prospectnum')),
+                             %options,
+                             prospectnum => scalar($cgi->param('prospectnum')),
                            );
 
     my $conf = new FS::Conf;
@@ -356,7 +333,7 @@ if ( $new->custnum eq '' or $duplicate_of ) {
   warn Dumper({ new => $new, old => $old }) if $DEBUG;
 
   $error ||= $new->replace( $old, \@invoicing_list,
-                            'tax_exemption' => \%tax_exempt,
+                            %options,
                           );
 
   warn "$me returned from replace" if $DEBUG;