add ability to edit signup dates (turn on cust_main-edit_signupdate config), RT#4644

[freeside.git] / httemplate / edit / cust_main.cgi

diff --git a/httemplate/edit/cust_main.cgi b/httemplate/edit/cust_main.cgi
index 7308c72..15c9f45 100755 (executable)
--- a/httemplate/edit/cust_main.cgi
+++ b/httemplate/edit/cust_main.cgi
@@ -32,6 +32,15 @@
   <% include('cust_main/birthdate.html', $cust_main) %>
 % }
 
+%# latitude and longitude
+% if ( $conf->exists('cust_main-require_censustract') ) {
+%   my ($latitude, $longitude) = $cust_main->service_coordinates;
+%   $latitude ||= $conf->config('company_latitude') || '';
+%   $longitude ||= $conf->config('company_longitude') || '';
+  <INPUT NAME="latitude" TYPE="hidden" VALUE="<% $latitude |h %>">
+  <INPUT NAME="longitude" TYPE="hidden" VALUE="<% $longitude |h %>">
+% }
+
 %# contact info
 
 %  my $same_checked = '';
@@ -47,7 +56,7 @@
 %    }
 %  }
 
-<BR><BR>
+<BR>
 <FONT SIZE="+1"><B>Billing address</B></FONT>
 
 <% include('cust_main/contact.html',
@@ -173,6 +182,7 @@ function samechanged(what) {
 
 <INPUT TYPE="hidden" NAME="otaker" VALUE="<% $cust_main->otaker %>">
 
+%# cust_main/bottomfixup.js
 % foreach my $hidden (
 %    'payauto',
 %    'payinfo', 'payinfo1', 'payinfo2', 'paytype',
@@ -199,8 +209,12 @@ function samechanged(what) {
 
 <%init>
 
+my $curuser = $FS::CurrentUser::CurrentUser;
+
+#probably redundant given the checks below...
 die "access denied"
-  unless $FS::CurrentUser::CurrentUser->access_right('Edit customer');
+  unless $curuser->access_right('New customer')
+     ||  $curuser->access_right('Edit customer');
 
 my $conf = new FS::Conf;
 
@@ -219,6 +233,10 @@ if ( $cgi->param('error') ) {
   } );
 
   $custnum = $cust_main->custnum;
+
+  die "access denied"
+    unless $curuser->access_right($custnum ? 'Edit customer' : 'New customer');
+
   @invoicing_list = split( /\s*,\s*/, $cgi->param('invoicing_list') );
   $same = $cgi->param('same');
   $cust_main->setfield('paid' => $cgi->param('paid')) if $cgi->param('paid');
@@ -245,6 +263,9 @@ if ( $cgi->param('error') ) {
 
 } elsif ( $cgi->keywords ) { #editing
 
+  die "access denied"
+    unless $curuser->access_right('Edit customer');
+
   my( $query ) = $cgi->keywords;
   $query =~ /^(\d+)$/;
   $custnum=$1;
@@ -262,6 +283,9 @@ if ( $cgi->param('error') ) {
 
 } else { #new customer
 
+  die "access denied"
+    unless $curuser->access_right('New customer');
+
   $custnum='';
   $cust_main = new FS::cust_main ( {} );
   $cust_main->otaker( &getotaker );