RT# 32234 Change unmask_ss from global conf to group access right

author Mitch Jackson <mitch@freeside.biz>

Wed, 18 Jul 2018 03:14:07 +0000 (22:14 -0500)

committer Mitch Jackson <mitch@freeside.biz>

Wed, 18 Jul 2018 03:14:07 +0000 (22:14 -0500)
author Mitch Jackson <mitch@freeside.biz>
Wed, 18 Jul 2018 03:14:07 +0000 (22:14 -0500)
committer Mitch Jackson <mitch@freeside.biz>
Wed, 18 Jul 2018 03:14:07 +0000 (22:14 -0500)
diff --git a/FS/FS/Conf.pm b/FS/FS/Conf.pm

index bac6a76..bd544c9 100644 (file)
--- a/FS/FS/Conf.pm
+++ b/FS/FS/Conf.pm
@@ -2169,7 +2169,7 @@ and customer address. Include units.',
  
    {
      'key'         => 'unmask_ss',
-    'section'     => 'e-checks',
+    'section'     => 'deprecated',
      'description' => "Don't mask social security numbers in the web interface.",
      'type'        => 'checkbox',
    },
diff --git a/FS/FS/Upgrade.pm b/FS/FS/Upgrade.pm

index aebfc29..c15f7dd 100644 (file)
--- a/FS/FS/Upgrade.pm
+++ b/FS/FS/Upgrade.pm
@@ -192,6 +192,19 @@ If you need to continue using the old Form 477 report, turn on the
        $lh->maketext($_) if length($_);
      }
    }
+
+  unless ( FS::upgrade_journal->is_done('deprecate_unmask_ss') ) {
+    if ( $conf->config_bool( 'unmask_ss' )) {
+      warn "'unmask_ssn' deprecated from global configuration\n";
+      for my $access_group ( qsearch( access_group => {} )) {
+        $access_group->grant_access_right( 'Unmask customer SSN' );
+        warn " - 'Unmask customer SSN' access right granted to '" .
+             $access_group->groupname . "' employee group\n";
+      }
+    }
+    FS::upgrade_journal->set_done('deprecate_unmask_ss');
+  }
+
  }
  
  sub upgrade_overlimit_groups {
diff --git a/FS/FS/access_group.pm b/FS/FS/access_group.pm

index a2b9774..4f6c85b 100644 (file)
--- a/FS/FS/access_group.pm
+++ b/FS/FS/access_group.pm
@@ -2,6 +2,7 @@ package FS::access_group;
  use base qw( FS::m2m_Common FS::m2name_Common FS::Record );
  
  use strict;
+use Carp qw( croak );
  use FS::Record qw( qsearch qsearchs );
  use FS::access_right;
  
@@ -137,6 +138,54 @@ sub access_right {
            );
  }
  
+=item grant_access_right RIGHTNAME
+
+Grant the specified specified FS::access_right record to this group.
+Return the FS::access_right record.
+
+=cut
+
+sub grant_access_right {
+  my ( $self, $rightname ) = @_;
+
+  croak "grant_access_right() requires \$rightname"
+    unless $rightname;
+
+  my $access_right = $self->access_right( $rightname );
+  return $access_right if $access_right;
+
+  $access_right = FS::access_right->new({
+    righttype   => 'FS::access_group',
+    rightobjnum => $self->groupnum,
+    rightname   => $rightname,
+  });
+  if ( my $error = $access_right->insert ) {
+    die "grant_access_right() error: $error";
+  }
+
+  $access_right;
+}
+
+=item revoke_access_right RIGHTNAME
+
+Revoke the specified FS::access_right record from this group.
+
+=cut
+
+sub revoke_access_right {
+  my ( $self, $rightname ) = @_;
+
+  croak "revoke_access_right() requires \$rightname"
+    unless $rightname;
+
+  my $access_right = $self->access_right( $rightname )
+    or return;
+
+  if ( my $error = $access_right->delete ) {
+    die "revoke_access_right() error: $error";
+  }
+}
+
  =back
  
  =head1 BUGS
@@ -148,4 +197,3 @@ L<FS::Record>, schema.html from the base documentation.
  =cut
  
  1;
-
author	Mitch Jackson <mitch@freeside.biz>
	Wed, 18 Jul 2018 03:14:07 +0000 (22:14 -0500)
committer	Mitch Jackson <mitch@freeside.biz>
	Wed, 18 Jul 2018 03:14:07 +0000 (22:14 -0500)
FS/FS/Conf.pm		patch \| blob \| history
FS/FS/Upgrade.pm		patch \| blob \| history
FS/FS/access_group.pm		patch \| blob \| history