<%doc>
-Requires cgi params 'password' (plaintext) and 'sub' ('validate_password' is
-only acceptable value.) Also accepts 'svcnum' (for svc_acct, will otherwise
-create an empty dummy svc_acct), 'pkgnum' (for when the svc_acct isn't yet
-inserted), and 'fieldid' (for html post-processing, passed along in results
-for convenience.)
-
-Returns a json-encoded hashref with keys of 'valid' (set to 1 if object is
-valid), 'error' (error text if password is invalid) or 'syserror' (error text
-if password could not be validated.) Only one of these keys will be set.
-Will also set 'fieldid' if it was passed.
+Requires cgi params 'password' (plaintext) and 'sub' ('validate_password' is only
+acceptable value.) Also accepts 'svcnum' (for svc_acct, will otherwise create an
+empty dummy svc_acct) and 'fieldid' (for html post-processing, passed along in
+results for convenience.)
+
+Returns a json-encoded hashref with keys of 'valid' (set to 1 if object is valid),
+'error' (error text if password is invalid) or 'syserror' (error text if password
+could not be validated.) Only one of these keys will be set. Will also set
+'fieldid' if it was passed.
</%doc>
<% encode_json($result) %>
$result{'syserror'} = 'Invoked without password' unless $password;
return \%result if $result{'syserror'};
- my $svcnum = $arg{'svcnum'};
- $result{'syserror'} = 'Invalid svcnum' unless $svcnum =~ /^\d*$/;
- return \%result if $result{'syserror'};
+ if ($arg{'contactnum'} =~ /^\d+$/) {
+ my $contactnum = $arg{'contactnum'};
+ $result{'syserror'} = 'Invalid contactnum' unless $contactnum =~ /^\d*$/;
+ return \%result if $result{'syserror'};
- my $pkgnum = $arg{'pkgnum'};
- $result{'syserror'} = 'Invalid pkgnum' unless $pkgnum =~ /^\d*$/;
- return \%result if $result{'syserror'};
+ my $contact = $contactnum
+ ? qsearchs('contact',{'contactnum' => $contactnum})
+ : (new FS::contact {});
- my $svc_acct = $svcnum
- ? qsearchs('svc_acct',{'svcnum' => $svcnum})
- : FS::svc_acct->new({ 'pkgnum' => $pkgnum });
- $result{'syserror'} = 'Could not find service' unless $svc_acct;
- return \%result if $result{'syserror'};
+ $result{'error'} = $contact->is_password_allowed($password);
+ }
+
+ if ($arg{'svcnum'}) {
+ my $svcnum = $arg{'svcnum'};
+ $result{'syserror'} = 'Invalid svcnum' unless $svcnum =~ /^\d*$/;
+ return \%result if $result{'syserror'};
+
+ my $svc_acct = $svcnum
+ ? qsearchs('svc_acct',{'svcnum' => $svcnum})
+ : (new FS::svc_acct {});
+ $result{'syserror'} = 'Could not find service' unless $svc_acct;
+ return \%result if $result{'syserror'};
+
+ $result{'error'} = $svc_acct->is_password_allowed($password);
+ }
- $result{'error'} = $svc_acct->is_password_allowed($password);
+ # $result{'error'} = $svc_acct->is_password_allowed($password);
$result{'valid'} = 1 unless $result{'error'};
return \%result;
};