X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fedit%2Fprocess%2Fcust_pkg.cgi;h=c564c417e29f624339c268d20d39996d1d54ed2a;hb=d7759b49c2ff3b220ab328767645bfed85d18f31;hp=25b82675883a09aae1e8619c200e52af502ed9ce;hpb=8e2487662e3555c1efbb7b8ed90e4bda0f8b6cd2;p=freeside.git

diff --git a/httemplate/edit/process/cust_pkg.cgi b/httemplate/edit/process/cust_pkg.cgi
index 25b826758..c564c417e 100755
--- a/httemplate/edit/process/cust_pkg.cgi
+++ b/httemplate/edit/process/cust_pkg.cgi
@@ -1,22 +1,16 @@
 % if ($error) {
 %   $cgi->param('error', $error);
-%   $cgi->redirect(popurl(3). $error_redirect. '?'. $cgi->query_string );
-% } elsif ( $action eq 'change' ) {
-
-    <% header("Package changed") %>
-      <SCRIPT TYPE="text/javascript">
-        window.top.location.reload();
-      </SCRIPT>
-    </BODY>
-    </HTML>
-
-% } elsif ( $action eq 'bulk' ) {
-%   $cgi->redirect(popurl(3). "view/cust_main.cgi?$custnum");
+%   $cgi->redirect(popurl(3). 'edit/cust_pkg.cgi?'. $cgi->query_string );
 % } else {
-%   die "guru exception #5: action is neither change nor bulk!";
+<% $cgi->redirect(popurl(3). "view/cust_main.cgi?$custnum") %>
 % }
 <%init>
 
+my $curuser = $FS::CurrentUser::CurrentUser;
+
+die "access denied"
+  unless $curuser->access_right('Bulk change customer packages');
+
 my $error = '';
 
 #untaint custnum
@@ -28,25 +22,18 @@ my @remove_pkgnums = map {
   $1;
 } $cgi->param('remove_pkg');
 
-my( $action, $error_redirect );
+my( $action, $error_redirect ) = ( '', '' );
 my @pkgparts = ();
-if ( $cgi->param('new_pkgpart') =~ /^(\d+)$/ ) { #came from misc/change_pkg.cgi
-  $action = 'change';
-  $error_redirect = "misc/change_pkg.cgi";
-  @pkgparts = ($1);
-} else { #came from edit/cust_pkg.cgi
-  $action = 'bulk';
-  $error_redirect = "edit/cust_pkg.cgi";
-  foreach my $pkgpart ( map /^pkg(\d+)$/ ? $1 : (), $cgi->param ) {
-    if ( $cgi->param("pkg$pkgpart") =~ /^(\d+)$/ ) {
-      my $num_pkgs = $1;
-      while ( $num_pkgs-- ) {
-        push @pkgparts,$pkgpart;
-      }
-    } else {
-      $error = "Illegal quantity";
-      last;
+
+foreach my $pkgpart ( map /^pkg(\d+)$/ ? $1 : (), $cgi->param ) {
+  if ( $cgi->param("pkg$pkgpart") =~ /^(\d+)$/ ) {
+    my $num_pkgs = $1;
+    while ( $num_pkgs-- ) {
+      push @pkgparts,$pkgpart;
     }
+  } else {
+    $error = "Illegal quantity";
+    last;
   }
 }