Add access right to view attachments

[freeside.git] / FS / FS / AccessRight.pm

diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm
index fc309fa..44235b1 100644 (file)
--- a/FS/FS/AccessRight.pm
+++ b/FS/FS/AccessRight.pm
@@ -150,6 +150,7 @@ tie my %rights, 'Tie::IxHash',
   'Customer invoice / financial info rights' => [
     'View invoices',
     'Resend invoices', #NEWNEW
+    'Delete invoices', #new, but no need to phase in
     'View customer tax exemptions', #yow
     'Add customer tax adjustment', #new, but no need to phase in
     'View customer batched payments', #NEW
@@ -205,6 +206,7 @@ tie my %rights, 'Tie::IxHash',
   'Customer note and attachment rights' => [
     'Add customer note', #NEW
     'Edit customer note', #NEW
+    'View attachments',
     'Download attachment', #NEW
     'Add attachment', #NEW
     'Edit attachment', #NEW
@@ -285,14 +287,38 @@ tie my %rights, 'Tie::IxHash',
   
 =item rights
 
-Returns a list of right names.
+Returns the full list of right names.
 
 =cut
   
-  sub rights {
+sub rights {
   #my $class = shift;
   map { ref($_) ? $_->{'rightname'} : $_ } map @{ $rights{$_} }, keys %rights;
-  }
+}
+
+=item default_superuser_rights
+
+Most (but not all) right names.
+
+=cut
+
+sub default_superuser_rights {
+  my $class = shift;
+  my %omit = map { $_=>1 } (
+    'Delete customer',
+    'Delete invoices',
+    'Delete payment',
+    'Delete credit', #?
+    'Delete refund', #?
+    'Time queue',
+    'Redownload resolved batches',
+    'Raw SQL',
+    'Configuration download',
+  );
+
+  no warnings 'uninitialized';
+  grep { ! $omit{$_} } $class->rights;
+}
   
 =item rights_info