1 package FS::ClientAPI::MyAccount;
6 use Digest::MD5 qw(md5_hex);
8 use Business::CreditCard;
9 use FS::CGI qw(small_custview); #doh
11 use FS::Record qw(qsearch qsearchs);
12 use FS::Msgcat qw(gettext);
13 use FS::ClientAPI_SessionCache;
20 use FS::cust_main_county;
23 use vars qw( @cust_main_editable_fields );
24 @cust_main_editable_fields = qw(
25 first last company address1 address2 city
26 county state zip country daytime night fax
27 ship_first ship_last ship_company ship_address1 ship_address2 ship_city
28 ship_state ship_zip ship_country ship_daytime ship_night ship_fax
32 use subs qw(_provision);
35 $cache ||= new FS::ClientAPI_SessionCache( {
36 'namespace' => 'FS::ClientAPI::MyAccount',
40 #false laziness w/FS::ClientAPI::passwd::passwd
44 my $svc_domain = qsearchs('svc_domain', { 'domain' => $p->{'domain'} } )
45 or return { error => 'Domain '. $p->{'domain'}. ' not found' };
47 my $svc_acct = qsearchs( 'svc_acct', { 'username' => $p->{'username'},
48 'domsvc' => $svc_domain->svcnum, }
50 return { error => 'User not found.' } unless $svc_acct;
52 my $conf = new FS::Conf;
53 my $pkg_svc = $svc_acct->cust_svc->pkg_svc;
54 return { error => 'Only primary user may log in.' }
55 if $conf->exists('selfservice_server-primary_only')
56 && ( ! $pkg_svc || $pkg_svc->primary_svc ne 'Y' );
58 return { error => 'Incorrect password.' }
59 unless $svc_acct->check_password($p->{'password'});
62 'svcnum' => $svc_acct->svcnum,
65 my $cust_pkg = $svc_acct->cust_svc->cust_pkg;
67 my $cust_main = $cust_pkg->cust_main;
68 $session->{'custnum'} = $cust_main->custnum;
73 $session_id = md5_hex(md5_hex(time(). {}. rand(). $$))
74 } until ( ! defined _cache->get($session_id) ); #just in case
76 _cache->set( $session_id, $session, '1 hour' );
78 return { 'error' => '',
79 'session_id' => $session_id,
85 if ( $p->{'session_id'} ) {
86 _cache->remove($p->{'session_id'});
87 return { 'error' => '' };
89 return { 'error' => "Can't resume session" }; #better error message
96 my($context, $session, $custnum) = _custoragent_session_custnum($p);
97 return { 'error' => $session } if $context eq 'error';
100 if ( $custnum ) { #customer record
102 my $search = { 'custnum' => $custnum };
103 $search->{'agentnum'} = $session->{'agentnum'} if $context eq 'agent';
104 my $cust_main = qsearchs('cust_main', $search )
105 or return { 'error' => "unknown custnum $custnum" };
107 $return{balance} = $cust_main->balance;
111 invnum => $_->invnum,
112 date => time2str("%b %o, %Y", $_->_date),
115 } $cust_main->open_cust_bill;
116 $return{open_invoices} = \@open;
118 my $conf = new FS::Conf;
119 $return{small_custview} =
120 small_custview( $cust_main, $conf->config('countrydefault') );
122 $return{name} = $cust_main->first. ' '. $cust_main->get('last');
124 for (@cust_main_editable_fields) {
125 $return{$_} = $cust_main->get($_);
128 if ( $cust_main->payby =~ /^(CARD|DCRD)$/ ) {
129 $return{payinfo} = $cust_main->payinfo_masked;
130 @return{'month', 'year'} = $cust_main->paydate_monthyear;
133 $return{'invoicing_list'} =
134 join(', ', grep { $_ ne 'POST' } $cust_main->invoicing_list );
135 $return{'postal_invoicing'} =
136 0 < ( grep { $_ eq 'POST' } $cust_main->invoicing_list );
138 } else { #no customer record
140 my $svc_acct = qsearchs('svc_acct', { 'svcnum' => $session->{'svcnum'} } )
141 or die "unknown svcnum";
142 $return{name} = $svc_acct->email;
146 return { 'error' => '',
147 'custnum' => $custnum,
155 my $session = _cache->get($p->{'session_id'})
156 or return { 'error' => "Can't resume session" }; #better error message
158 my $custnum = $session->{'custnum'}
159 or return { 'error' => "no customer record" };
161 my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } )
162 or return { 'error' => "unknown custnum $custnum" };
164 my $new = new FS::cust_main { $cust_main->hash };
165 $new->set( $_ => $p->{$_} )
166 foreach grep { exists $p->{$_} } @cust_main_editable_fields;
168 if ( $p->{'payby'} =~ /^(CARD|DCRD)$/ ) {
169 $new->paydate($p->{'year'}. '-'. $p->{'month'}. '-01');
170 if ( $new->payinfo eq $cust_main->payinfo_masked ) {
171 $new->payinfo($cust_main->payinfo);
173 $new->paycvv($p->{'paycvv'});
178 if ( exists $p->{'invoicing_list'} || exists $p->{'postal_invoicing'} ) {
179 #false laziness with httemplate/edit/process/cust_main.cgi
180 @invoicing_list = split( /\s*\,\s*/, $p->{'invoicing_list'} );
181 push @invoicing_list, 'POST' if $p->{'postal_invoicing'};
183 @invoicing_list = $cust_main->invoicing_list;
186 my $error = $new->replace($cust_main, \@invoicing_list);
187 return { 'error' => $error } if $error;
190 return { 'error' => '' };
195 my $session = _cache->get($p->{'session_id'})
196 or return { 'error' => "Can't resume session" }; #better error message
202 my $conf = new FS::Conf;
203 my %states = map { $_->state => 1 }
204 qsearch('cust_main_county', {
205 'country' => $conf->config('countrydefault') || 'US'
208 use vars qw($payment_info); #cache for performance
211 #list all counties/states/countries
212 'cust_main_county' =>
213 [ map { $_->hashref } qsearch('cust_main_county', {}) ],
215 #shortcut for one-country folks
217 [ sort { $a cmp $b } keys %states ],
220 'VISA' => 'VISA card',
221 'MasterCard' => 'MasterCard',
222 'Discover' => 'Discover card',
223 'American Express' => 'American Express card',
232 my %return = %$payment_info;
234 my $custnum = $session->{'custnum'};
236 my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } )
237 or return { 'error' => "unknown custnum $custnum" };
239 $return{balance} = $cust_main->balance;
241 $return{payname} = $cust_main->payname
242 || ( $cust_main->first. ' '. $cust_main->get('last') );
244 $return{$_} = $cust_main->get($_) for qw(address1 address2 city state zip);
246 $return{payby} = $cust_main->payby;
248 if ( $cust_main->payby =~ /^(CARD|DCRD)$/ ) {
249 #warn $return{card_type} = cardtype($cust_main->payinfo);
250 $return{payinfo} = $cust_main->payinfo;
252 @return{'month', 'year'} = $cust_main->paydate_monthyear;
256 #doubleclick protection
258 $return{paybatch} = "webui-MyAccount-$_date-$$-". rand() * 2**32;
260 return { 'error' => '',
266 #some false laziness with httemplate/process/payment.cgi - look there for
267 #ACH and CVV support stuff
268 sub process_payment {
272 my $session = _cache->get($p->{'session_id'})
273 or return { 'error' => "Can't resume session" }; #better error message
277 my $custnum = $session->{'custnum'};
279 my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } )
280 or return { 'error' => "unknown custnum $custnum" };
282 $p->{'payname'} =~ /^([\w \,\.\-\']+)$/
283 or return { 'error' => gettext('illegal_name'). " payname: ". $p->{'payname'} };
286 $p->{'paybatch'} =~ /^([\w \!\@\#\$\%\&\(\)\-\+\;\:\'\"\,\.\?\/\=]*)$/
287 or return { 'error' => gettext('illegal_text'). " paybatch: ". $p->{'paybatch'} };
292 #if ( $payby eq 'CHEK' ) {
294 # $p->{'payinfo1'} =~ /^(\d+)$/
295 # or return { 'error' => "illegal account number ". $p->{'payinfo1'} };
297 # $p->{'payinfo2'} =~ /^(\d+)$/
298 # or return { 'error' => "illegal ABA/routing number ". $p->{'payinfo2'} };
300 # $payinfo = $payinfo1. '@'. $payinfo2;
302 #} elsif ( $payby eq 'CARD' ) {
304 $payinfo = $p->{'payinfo'};
306 $payinfo =~ /^(\d{13,16})$/
307 or return { 'error' => gettext('invalid_card') }; # . ": ". $self->payinfo
310 or return { 'error' => gettext('invalid_card') }; # . ": ". $self->payinfo
311 return { 'error' => gettext('unknown_card_type') }
312 if cardtype($payinfo) eq "Unknown";
314 if ( defined $cust_main->dbdef_table->column('paycvv') ) {
315 if ( length($p->{'paycvv'} ) ) {
316 if ( cardtype($payinfo) eq 'American Express card' ) {
317 $p->{'paycvv'} =~ /^(\d{4})$/
318 or return { 'error' => "CVV2 (CID) for American Express cards is four digits." };
321 $p->{'paycvv'} =~ /^(\d{3})$/
322 or return { 'error' => "CVV2 (CVC2/CID) is three digits." };
329 # die "unknown payby $payby";
332 my $error = $cust_main->realtime_bop( 'CC', $p->{'amount'},
334 'payinfo' => $payinfo,
335 'paydate' => $p->{'year'}. '-'. $p->{'month'}. '-01',
336 'payname' => $payname,
337 'paybatch' => $paybatch,
339 map { $_ => $p->{$_} } qw( address1 address2 city state zip )
341 return { 'error' => $error } if $error;
343 $cust_main->apply_payments;
345 if ( $p->{'save'} ) {
346 my $new = new FS::cust_main { $cust_main->hash };
347 $new->set( $_ => $p->{$_} )
348 foreach qw( payname address1 address2 city state zip payinfo );
349 $new->set( 'paydate' => $p->{'year'}. '-'. $p->{'month'}. '-01' );
350 $new->set( 'payby' => $p->{'auto'} ? 'CARD' : 'DCRD' );
351 my $error = $new->replace($cust_main);
352 return { 'error' => $error } if $error;
356 return { 'error' => '' };
362 my $session = _cache->get($p->{'session_id'})
363 or return { 'error' => "Can't resume session" }; #better error message
365 my $custnum = $session->{'custnum'};
367 my $invnum = $p->{'invnum'};
369 my $cust_bill = qsearchs('cust_bill', { 'invnum' => $invnum,
370 'custnum' => $custnum } )
371 or return { 'error' => "Can't find invnum" };
375 return { 'error' => '',
377 'invoice_text' => join('', $cust_bill->print_text ),
384 my $session = _cache->get($p->{'session_id'})
385 or return { 'error' => "Can't resume session" }; #better error message
387 my $custnum = $session->{'custnum'};
389 my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } )
390 or return { 'error' => "unknown custnum $custnum" };
392 my @cust_bill = $cust_main->cust_bill;
394 return { 'error' => '',
395 'invoices' => [ map { { 'invnum' => $_->invnum,
396 '_date' => $_->_date,
405 my $session = _cache->get($p->{'session_id'})
406 or return { 'error' => "Can't resume session" }; #better error message
408 my $custnum = $session->{'custnum'};
410 my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } )
411 or return { 'error' => "unknown custnum $custnum" };
413 my @errors = $cust_main->cancel( 'quiet'=>1 );
415 my $error = scalar(@errors) ? join(' / ', @errors) : '';
417 return { 'error' => $error };
424 my($context, $session, $custnum) = _custoragent_session_custnum($p);
425 return { 'error' => $session } if $context eq 'error';
427 my $search = { 'custnum' => $custnum };
428 $search->{'agentnum'} = $session->{'agentnum'} if $context eq 'agent';
429 my $cust_main = qsearchs('cust_main', $search )
430 or return { 'error' => "unknown custnum $custnum" };
432 #return { 'cust_pkg' => [ map { $_->hashref } $cust_main->ncancelled_pkgs ] };
434 my $conf = new FS::Conf;
436 { 'svcnum' => $session->{'svcnum'},
437 'custnum' => $custnum,
438 'cust_pkg' => [ map {
442 [ map $_->hashref, $_->available_part_svc ],
444 [ map { my $ref = { $_->hash,
445 label => [ $_->label ],
447 $ref->{_password} = $_->svc_x->_password
448 if $context eq 'agent'
449 && $conf->exists('agent-showpasswords')
450 && $_->part_svc->svcdb eq 'svc_acct';
455 } $cust_main->ncancelled_pkgs
458 small_custview( $cust_main, $conf->config('countrydefault') ),
466 my($context, $session, $custnum) = _custoragent_session_custnum($p);
467 return { 'error' => $session } if $context eq 'error';
469 my $search = { 'custnum' => $custnum };
470 $search->{'agentnum'} = $session->{'agentnum'} if $context eq 'agent';
471 my $cust_main = qsearchs('cust_main', $search )
472 or return { 'error' => "unknown custnum $custnum" };
474 #false laziness w/ClientAPI/Signup.pm
476 my $cust_pkg = new FS::cust_pkg ( {
477 'custnum' => $custnum,
478 'pkgpart' => $p->{'pkgpart'},
480 my $error = $cust_pkg->check;
481 return { 'error' => $error } if $error;
484 unless ( $p->{'svcpart'} eq 'none' ) {
488 if ( $p->{'svcpart'} =~ /^(\d+)$/ ) {
490 my $part_svc = qsearchs('part_svc', { 'svcpart' => $svcpart } );
491 return { 'error' => "Unknown svcpart $svcpart" } unless $part_svc;
492 $svcdb = $part_svc->svcdb;
496 $svcpart ||= $cust_pkg->part_pkg->svcpart($svcdb);
499 'svc_acct' => [ qw( username _password sec_phrase popnum ) ],
500 'svc_domain' => [ qw( domain ) ],
501 'svc_external' => [ qw( id title ) ],
504 my $svc_x = "FS::$svcdb"->new( {
505 'svcpart' => $svcpart,
506 map { $_ => $p->{$_} } @{$fields{$svcdb}}
509 if ( $svcdb eq 'svc_acct' ) {
512 while ( length($p->{"snarf_machine$snarfnum"}) ) {
513 my $acct_snarf = new FS::acct_snarf ( {
514 'machine' => $p->{"snarf_machine$snarfnum"},
515 'protocol' => $p->{"snarf_protocol$snarfnum"},
516 'username' => $p->{"snarf_username$snarfnum"},
517 '_password' => $p->{"snarf_password$snarfnum"},
520 push @acct_snarf, $acct_snarf;
522 $svc_x->child_objects( \@acct_snarf );
525 my $y = $svc_x->setdefault; # arguably should be in new method
526 return { 'error' => $y } if $y && !ref($y);
528 $error = $svc_x->check;
529 return { 'error' => $error } if $error;
536 tie my %hash, 'Tie::RefHash';
537 %hash = ( $cust_pkg => \@svc );
539 $error = $cust_main->order_pkgs( \%hash, '', 'noexport' => 1 );
540 return { 'error' => $error } if $error;
542 my $conf = new FS::Conf;
543 if ( $conf->exists('signup_server-realtime') ) {
545 my $old_balance = $cust_main->balance;
547 my $bill_error = $cust_main->bill;
548 $cust_main->apply_payments;
549 $cust_main->apply_credits;
550 $bill_error = $cust_main->collect;
552 if ( $cust_main->balance > $old_balance
553 && $cust_main->balance > 0
554 && $cust_main->payby !~ /^(BILL|DCRD|DCHK)$/ ) {
555 #this makes sense. credit is "un-doing" the invoice
556 $cust_main->credit( sprintf("%.2f", $cust_main->balance - $old_balance ),
557 'self-service decline' );
558 $cust_main->apply_credits( 'order' => 'newest' );
560 $cust_pkg->cancel('quiet'=>1);
561 return { 'error' => '_decline', 'bill_error' => $bill_error };
570 return { error => '', pkgnum => $cust_pkg->pkgnum };
576 my $session = _cache->get($p->{'session_id'})
577 or return { 'error' => "Can't resume session" }; #better error message
579 my $custnum = $session->{'custnum'};
581 my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } )
582 or return { 'error' => "unknown custnum $custnum" };
584 my $pkgnum = $p->{'pkgnum'};
586 my $cust_pkg = qsearchs('cust_pkg', { 'custnum' => $custnum,
587 'pkgnum' => $pkgnum, } )
588 or return { 'error' => "unknown pkgnum $pkgnum" };
590 my $error = $cust_pkg->cancel( 'quiet'=>1 );
591 return { 'error' => $error };
598 return { 'error' => gettext('passwords_dont_match') }
599 if $p->{'_password'} ne $p->{'_password2'};
600 return { 'error' => gettext('empty_password') }
601 unless length($p->{'_password'});
603 _provision( 'FS::svc_acct',
604 [qw(username _password)],
605 [qw(username _password)],
611 sub provision_external {
613 #_provision( 'FS::svc_external', [qw(id title)], [qw(id title)], $p, @_ );
614 _provision( 'FS::svc_external',
623 my( $class, $fields, $return_fields, $p ) = splice(@_, 0, 4);
625 my($context, $session, $custnum) = _custoragent_session_custnum($p);
626 return { 'error' => $session } if $context eq 'error';
628 my $search = { 'custnum' => $custnum };
629 $search->{'agentnum'} = $session->{'agentnum'} if $context eq 'agent';
630 my $cust_main = qsearchs('cust_main', $search )
631 or return { 'error' => "unknown custnum $custnum" };
633 my $pkgnum = $p->{'pkgnum'};
635 my $cust_pkg = qsearchs('cust_pkg', { 'custnum' => $custnum,
638 or return { 'error' => "unknown pkgnum $pkgnum" };
640 my $part_svc = qsearchs('part_svc', { 'svcpart' => $p->{'svcpart'} } )
641 or return { 'error' => "unknown svcpart $p->{'svcpart'}" };
643 my $svc_x = $class->new( {
644 'pkgnum' => $p->{'pkgnum'},
645 'svcpart' => $p->{'svcpart'},
646 map { $_ => $p->{$_} } @$fields
648 my $error = $svc_x->insert;
649 $svc_x = qsearchs($svc_x->table, { 'svcnum' => $svc_x->svcnum })
652 return { 'svc' => $part_svc->svc,
654 map { $_ => $svc_x->get($_) } @$return_fields
662 my($context, $session, $custnum) = _custoragent_session_custnum($p);
663 return { 'error' => $session } if $context eq 'error';
665 my $search = { 'custnum' => $custnum };
666 $search->{'agentnum'} = $session->{'agentnum'} if $context eq 'agent';
667 my $cust_main = qsearchs('cust_main', $search )
668 or return { 'error' => "unknown custnum $custnum" };
670 my $pkgnum = $p->{'pkgnum'};
672 my $cust_pkg = qsearchs('cust_pkg', { 'custnum' => $custnum,
675 or return { 'error' => "unknown pkgnum $pkgnum" };
677 my $svcpart = $p->{'svcpart'};
679 my $pkg_svc = qsearchs('pkg_svc', { 'pkgpart' => $cust_pkg->pkgpart,
680 'svcpart' => $svcpart, } )
681 or return { 'error' => "unknown svcpart $svcpart for pkgnum $pkgnum" };
682 my $part_svc = $pkg_svc->part_svc;
684 my $conf = new FS::Conf;
687 'svc' => $part_svc->svc,
688 'svcdb' => $part_svc->svcdb,
690 'svcpart' => $svcpart,
691 'custnum' => $custnum,
693 'security_phrase' => 0, #XXX !
694 'svc_acct_pop' => [], #XXX !
696 'init_popstate' => '',
701 small_custview( $cust_main, $conf->config('countrydefault') ),
707 sub unprovision_svc {
710 my($context, $session, $custnum) = _custoragent_session_custnum($p);
711 return { 'error' => $session } if $context eq 'error';
713 my $search = { 'custnum' => $custnum };
714 $search->{'agentnum'} = $session->{'agentnum'} if $context eq 'agent';
715 my $cust_main = qsearchs('cust_main', $search )
716 or return { 'error' => "unknown custnum $custnum" };
718 my $svcnum = $p->{'svcnum'};
720 my $cust_svc = qsearchs('cust_svc', { 'svcnum' => $svcnum, } )
721 or return { 'error' => "unknown svcnum $svcnum" };
723 return { 'error' => "Service $svcnum does not belong to customer $custnum" }
724 unless $cust_svc->cust_pkg->custnum == $custnum;
726 my $conf = new FS::Conf;
728 return { 'svc' => $cust_svc->part_svc->svc,
729 'error' => $cust_svc->cancel,
731 small_custview( $cust_main, $conf->config('countrydefault') ),
738 sub _custoragent_session_custnum {
741 my($context, $session, $custnum);
742 if ( $p->{'session_id'} ) {
744 $context = 'customer';
745 $session = _cache->get($p->{'session_id'})
746 or return { 'error' => "Can't resume session" }; #better error message
747 $custnum = $session->{'custnum'};
749 } elsif ( $p->{'agent_session_id'} ) {
752 my $agent_cache = new FS::ClientAPI_SessionCache( {
753 'namespace' => 'FS::ClientAPI::Agent',
755 $session = $agent_cache->get($p->{'agent_session_id'})
756 or return { 'error' => "Can't resume session" }; #better error message
757 $custnum = $p->{'custnum'};
760 return { 'error' => "Can't resume session" }; #better error message
763 ($context, $session, $custnum);