X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fedit%2Fprocess%2Fcust_refund.cgi;h=599c8b8e23a72286919e0394a0d681b694da38f0;hb=3ece1c396f23e04cd659f1085f6eeee8bdfd846f;hp=5749e53462335ce579e62594cd4877f2d9886d0e;hpb=624b2d44625f69d71175c3348cae635d580c890b;p=freeside.git

diff --git a/httemplate/edit/process/cust_refund.cgi b/httemplate/edit/process/cust_refund.cgi
index 5749e5346..599c8b8e2 100755
--- a/httemplate/edit/process/cust_refund.cgi
+++ b/httemplate/edit/process/cust_refund.cgi
@@ -28,8 +28,26 @@ my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } )
 
 my $link    = $cgi->param('popup') ? 'popup' : '';
 
-my $error = '';
-if ( $cgi->param('payby') =~ /^(CARD|CHEK)$/ ) { 
+my $payby = $cgi->param('payby');
+
+my @rights = ();
+push @rights, 'Post refund'                if $payby =~ /^(BILL|CASH|MCRD)$/;
+push @rights, 'Post check refund'          if $payby eq 'BILL';
+push @rights, 'Post cash refund '          if $payby eq 'CASH';
+push @rights, 'Refund payment'             if $payby =~ /^(CARD|CHEK)$/;
+push @rights, 'Refund credit card payment' if $payby eq 'CARD';
+push @rights, 'Refund Echeck payment'      if $payby eq 'CHEK';
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right(\@rights);
+
+$cgi->param('reasonnum') =~ /^(-?\d+)$/ or die "Illegal reasonnum";
+my ($reasonnum, $error) = $m->comp('/misc/process/elements/reason');
+$cgi->param('reasonnum', $reasonnum) unless $error;
+
+if ( $error ) {
+  # do nothing
+} elsif ( $payby =~ /^(CARD|CHEK)$/ ) { 
   my %options = ();
   my $bop = $FS::payby::payby2bop{$1};
   $cgi->param('refund') =~ /^(\d*)(\.\d{2})?$/