X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fedit%2Fcust_refund.cgi;h=1ef69fdae5e525b6a12eea69982e92c929100616;hb=431c9ca4fab151862bd24322bf8a1f9252fb38fc;hp=59417b4c4806f3cef7c153808072b5dc1f2dbbb3;hpb=624b2d44625f69d71175c3348cae635d580c890b;p=freeside.git

diff --git a/httemplate/edit/cust_refund.cgi b/httemplate/edit/cust_refund.cgi
index 59417b4c4..1ef69fdae 100755
--- a/httemplate/edit/cust_refund.cgi
+++ b/httemplate/edit/cust_refund.cgi
@@ -98,7 +98,7 @@
 
   <TR>
     <TD ALIGN="right">Amount</TD>
-    <TD BGCOLOR="#ffffff">$<INPUT TYPE="text" NAME="refund" VALUE="<% $refund %>" SIZE=8 MAXLENGTH=8> by <B><% FS::payby->payname($payby) %></B></TD>
+    <TD BGCOLOR="#ffffff">$<INPUT TYPE="text" NAME="refund" VALUE="<% $refund %>" SIZE=8 MAXLENGTH=9> by <B><% FS::payby->payname($payby) %></B></TD>
   </TR>
 
 % if ( $payby eq 'BILL' ) { 
@@ -130,9 +130,6 @@
 
 <%init>
 
-die "access denied"
-  unless $FS::CurrentUser::CurrentUser->access_right('Refund payment');
-
 my $conf = new FS::Conf;
 my $date_format = $conf->config('date_format') || '%m/%d/%Y';
 
@@ -143,6 +140,17 @@ my $payinfo = $cgi->param('payinfo');
 my $reason  = $cgi->param('reason');
 my $link    = $cgi->param('popup') ? 'popup' : '';
 
+my @rights = ();
+push @rights, 'Post refund'                if $payby =~ /^(BILL|CASH|MCRD)$/;
+push @rights, 'Post check refund'          if $payby eq 'BILL';
+push @rights, 'Post cash refund '          if $payby eq 'CASH';
+push @rights, 'Refund payment'             if $payby =~ /^(CARD|CHEK)$/;
+push @rights, 'Refund credit card payment' if $payby eq 'CARD';
+push @rights, 'Refund Echeck payment'      if $payby eq 'CHEK';
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right(\@rights);
+
 my( $paynum, $cust_pay ) = ( '', '' );
 if ( $cgi->param('paynum') =~ /^(\d+)$/ ) {
   $paynum = $1;