%  if ( $cgi->param('_password') ne $cgi->param('_password2') ) {
%    $cgi->param('error', "The passwords do not match");
%    print $cgi->redirect(popurl(2) . "access_user.html?" . $cgi->query_string);
%  } else {
<%   include( 'elements/process.html',
                 'table'       => 'access_user',
                 'viewall_dir' => 'browse',
                 'copy_on_empty' => [ '_password' ],
                 'clear_on_error' => [ '_password', '_password2' ],
                 'process_m2m' => { 'link_table'   => 'access_usergroup',
                                    'target_table' => 'access_group',
                                  },
                 'precheck_callback'=> \&precheck_callback,
             )
%>
%   }
<%init>

die "access denied"
  unless $FS::CurrentUser::CurrentUser->access_right('Configuration');

if ( FS::Conf->new->exists('disable_acl_changes') ) {
  errorpage('ACL changes disabled in public demo.');
  die "shouldn't be reached";
}

sub precheck_callback {
  my $cgi = shift;
  my $o = FS::access_user->new({username => $cgi->param('username')});
  if( $o->is_system_user and !$cgi->param('usernum') ) {
    $cgi->param('username','');
    return "username '".$o->username."' reserved for system account."
  }
  return '';
}
</%init>