@@ -139,24 +162,18 @@ my $payby = $cgi->param('payby');
my $payinfo = $cgi->param('payinfo');
my $reason = $cgi->param('reason');
my $link = $cgi->param('popup') ? 'popup' : '';
-
-my @rights = ();
-push @rights, 'Post refund' if $payby =~ /^(BILL|CASH)$/;
-push @rights, 'Post check refund' if $payby eq 'BILL';
-push @rights, 'Post cash refund ' if $payby eq 'CASH';
-push @rights, 'Refund payment' if $payby =~ /^(CARD|CHEK)$/;
-push @rights, 'Refund credit card payment' if $payby eq 'CARD';
-push @rights, 'Refund Echeck payment' if $payby eq 'CHEK';
+my $batch = $cgi->param('batch');
die "access denied"
- unless $FS::CurrentUser::CurrentUser->access_right(\@rights);
+ unless $FS::CurrentUser::CurrentUser->refund_access_right($payby);
-my( $paynum, $cust_pay ) = ( '', '' );
+my( $paynum, $cust_pay, $batchnum ) = ( '', '', '' );
if ( $cgi->param('paynum') =~ /^(\d+)$/ ) {
$paynum = $1;
$cust_pay = qsearchs('cust_pay', { paynum=>$paynum } )
or die "unknown payment # $paynum";
$refund ||= $cust_pay->unrefunded;
+ $batchnum = $cust_pay->batchnum;
if ( $custnum ) {
die "payment # $paynum is not for specified customer # $custnum"
unless $custnum == $cust_pay->custnum;
@@ -166,6 +183,12 @@ if ( $cgi->param('paynum') =~ /^(\d+)$/ ) {
}
die "no custnum or paynum specified!" unless $custnum;
+my $cust_main = qsearchs( 'cust_main', { 'custnum'=>$custnum } );
+die "unknown custnum $custnum" unless $cust_main;
+
+my $real_payby = $cust_main->payby;
+my $real_paymask = $cust_main->paymask;
+
my $_date = time;
my $p1 = popurl(1);