X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=FS%2FFS%2FClientAPI%2FMyAccount.pm;h=d3b58e3a7672b231f26d1bc0623578e99bf68552;hb=297ddd01fb112cf45a6dab819ec56803c953bda5;hp=748ae0c7515de0649b2e9a36ae2de66147a4048b;hpb=c9450c02f7ac2f904a6ffabb07b6b2d5bca1fd4a;p=freeside.git diff --git a/FS/FS/ClientAPI/MyAccount.pm b/FS/FS/ClientAPI/MyAccount.pm index 748ae0c75..d3b58e3a7 100644 --- a/FS/FS/ClientAPI/MyAccount.pm +++ b/FS/FS/ClientAPI/MyAccount.pm @@ -96,6 +96,7 @@ sub skin_info { } elsif ( defined($p->{'agentnum'}) and $p->{'agentnum'} =~ /^(\d+)$/ ) { $agentnum = $1; } + $p->{'agentnum'} = $agentnum; my $conf = new FS::Conf; @@ -203,7 +204,7 @@ sub login { && (my $contact = FS::contact->by_selfservice_email($p->{email})) ) { - return { error => 'Incorrect password.' } + return { error => 'Incorrect contact password.' } unless $contact->authenticate_password($p->{'password'}); $session->{'custnum'} = $contact->custnum; @@ -849,6 +850,9 @@ sub payment_info { 'card_types' => card_types(), + 'withcvv' => $conf->exists('selfservice-require_cvv'), #or enable optional cvv? + 'require_cvv' => $conf->exists('selfservice-require_cvv'), + 'paytypes' => [ @FS::cust_main::paytypes ], 'paybys' => [ $conf->config('signup_server-payby') ], @@ -1025,6 +1029,8 @@ sub validate_payment { or return { 'error' => "CVV2 (CVC2/CID) is three digits." }; $paycvv = $1; } + } elsif ( $conf->exists('selfservice-require_cvv') ) { #and you weren't using a card on file? + return { 'error' => 'CVV2 is required' }; } } else { @@ -2853,6 +2859,16 @@ sub myaccount_passwd { $svc_acct->set_password($p->{'new_password'}); $error ||= $svc_acct->replace(); + #regular pw change in self-service should change contact pw too, otherwise its + #way too confusing. hell its confusing they're separate at all, but alas. + #need to support the "ISP provides email that's used as a contact email" case + #as well as we can. + my $contact = FS::contact->by_selfservice_email($svc_acct->email); + if ( $contact && $contact->custnum == $custnum ) { + #svc_acct was successful but this one returns an error? "shouldn't happen" + $error ||= $contact->change_password($p->{'new_password'}); + } + my($label, $value) = $svc_acct->cust_svc->label; return { 'error' => $error, @@ -2862,7 +2878,6 @@ sub myaccount_passwd { } -#regular pw change in self-service should change contact pw too, otherwise its way too confusing. hell its confusing they're separate at all, but alas. need to support the "ISP provides email that's used as a contact email" case as well as we can. # sub contact_passwd { # my $p = shift; # my($context, $session, $custnum) = _custoragent_session_custnum($p); @@ -2913,9 +2928,11 @@ sub myaccount_passwd { sub reset_passwd { my $p = shift; + my $info = skin_info($p); + my $conf = new FS::Conf; my $verification = $conf->config('selfservice-password_reset_verification') - or return { 'error' => 'Password resets disabled' }; + or return { %$info, 'error' => 'Password resets disabled' }; my $contact = ''; my $svc_acct = ''; @@ -2946,21 +2963,21 @@ sub reset_passwd { } - return { 'error' => 'Email address not found' } + return { %$info, 'error' => 'Email address not found' } unless $contact || $svc_acct; } elsif ( $p->{'username'} ) { #old style, looks in svc_acct only my $svc_domain = qsearchs('svc_domain', { 'domain' => $p->{'domain'} } ) - or return { 'error' => 'Account not found' }; + or return { %$info, 'error' => 'Account not found' }; $svc_acct = qsearchs('svc_acct', { 'username' => $p->{'username'}, 'domsvc' => $svc_domain->svcnum } ) - or return { 'error' => 'Account not found' }; + or return { %$info, 'error' => 'Account not found' }; my $cust_pkg = $svc_acct->cust_svc->cust_pkg - or return { 'error' => 'Account not found' }; + or return { %$info, 'error' => 'Account not found' }; $cust_main = $cust_pkg->cust_main; @@ -2994,7 +3011,7 @@ sub reset_passwd { foreach my $verify ( split(',', $verification) ) { &{ $verify{$verify} }( $p, $cust_main ) - or return { 'error' => 'Account not found' }; + or return { %$info, 'error' => 'Account not found' }; } @@ -3007,7 +3024,7 @@ sub reset_passwd { ); if ( $error ) { - return { 'error' => $error }; #???? + return { %$info, 'error' => $error }; #???? } } elsif ( $svc_acct ) { @@ -3015,7 +3032,8 @@ sub reset_passwd { #create a unique session my $reset_session = { - 'svcnum' => $svc_acct->svcnum, + 'svcnum' => $svc_acct->svcnum, + 'agentnum' => }; my $timeout = '1 hour'; #? @@ -3033,7 +3051,7 @@ sub reset_passwd { my $msgnum = $conf->config('selfservice-password_reset_msgnum', $cust_main->agentnum); #die "selfservice-password_reset_msgnum unset" unless $msgnum; - return { 'error' => "selfservice-password_reset_msgnum unset" } + return { %$info, 'error' => "selfservice-password_reset_msgnum unset" } unless $msgnum; my $msg_template = qsearchs('msg_template', { msgnum => $msgnum } ); my $error = $msg_template->send( 'cust_main' => $cust_main, @@ -3043,12 +3061,12 @@ sub reset_passwd { } ); if ( $error ) { - return { 'error' => $error }; #???? + return { %$info, 'error' => $error }; #???? } } - return { 'error' => '' }; + return { %$info, 'error' => '' }; } sub check_reset_passwd { @@ -3068,7 +3086,11 @@ sub check_reset_passwd { my $svc_acct = qsearchs('svc_acct', { 'svcnum' => $svcnum } ) or return { 'error' => "Service not found" }; - return { 'error' => '', + $p->{'agentnum'} = $svc_acct->cust_svc->cust_pkg->cust_main->agentnum; + my $info = skin_info($p); + + return { %$info, + 'error' => '', 'session_id' => $p->{'session_id'}, 'username' => $svc_acct->username, }; @@ -3083,7 +3105,11 @@ sub check_reset_passwd { my @contact_email = $contact->contact_email; return { 'error' => 'No contact email' } unless @contact_email; - return { 'error' => '', + $p->{'agentnum'} = $contact->cust_main->agentnum; + my $info = skin_info($p); + + return { %$info, + 'error' => '', 'session_id' => $p->{'session_id'}, 'email' => $contact_email[0]->email, #the first? }; @@ -3103,26 +3129,49 @@ sub process_reset_passwd { my $verification = $conf->config('selfservice-password_reset_verification') or return { 'error' => 'Password resets disabled' }; - return { 'error' => "New passwords don't match." } - if $p->{'new_password'} ne $p->{'new_password2'}; - - return { 'error' => 'Enter new password' } - unless length($p->{'new_password'}); - my $reset_session = _cache->get('reset_passwd_'. $p->{'session_id'}) or return { 'error' => "Can't resume session" }; #better error message + my $info = ''; + + my $svc_acct = ''; if ( $reset_session->{'svcnum'} ) { my $svcnum = $reset_session->{'svcnum'}; - my $svc_acct = qsearchs('svc_acct', { 'svcnum' => $svcnum } ) + $svc_acct = qsearchs('svc_acct', { 'svcnum' => $svcnum } ) or return { 'error' => "Service not found" }; + $p->{'agentnum'} ||= $svc_acct->cust_svc->cust_pkg->cust_main->agentnum; + $info ||= skin_info($p); + + } + + my $contact = ''; + if ( $reset_session->{'contactnum'} ) { + + my $contactnum = $reset_session->{'contactnum'}; + + $contact = qsearchs('contact', { 'contactnum' => $contactnum } ) + or return { 'error' => "Contact not found" }; + + $p->{'agentnum'} ||= $contact->cust_main->agentnum; + $info ||= skin_info($p); + + } + + return { %$info, 'error' => "New passwords don't match." } + if $p->{'new_password'} ne $p->{'new_password2'}; + + return { %$info, 'error' => 'Enter new password' } + unless length($p->{'new_password'}); + + if ( $svc_acct ) { + $svc_acct->set_password($p->{'new_password'}); my $error = $svc_acct->replace(); - return { 'error' => $error } if $error; + return { %$info, 'error' => $error } if $error; #my($label, $value) = $svc_acct->cust_svc->label; #return { 'error' => $error, @@ -3132,23 +3181,18 @@ sub process_reset_passwd { } - if ( $reset_session->{'contactnum'} ) { - - my $contactnum = $reset_session->{'contactnum'}; - - my $contact = qsearchs('contact', { 'contactnum' => $contactnum } ) - or return { 'error' => "Contact not found" }; + if ( $contact ) { my $error = $contact->change_password($p->{'new_password'}); - return { 'error' => $error }; # if $error; + return { %$info, 'error' => $error }; # if $error; } #password changed ,so remove session, don't want it reused _cache->remove($p->{'session_id'}); - return { 'error' => '' }; + return { %$info, 'error' => '' }; }