better access rights for phone_avail report, part 1, RT10464

[freeside.git] / httemplate / search / phone_avail.html

diff --git a/httemplate/search/phone_avail.html b/httemplate/search/phone_avail.html
index 2388d25..0ca0946 100644 (file)
--- a/httemplate/search/phone_avail.html
+++ b/httemplate/search/phone_avail.html
@@ -16,6 +16,8 @@
               'header'        => [ '#',
                                    'State',
                                    'Phone Number',
+                                  'Rate Center',
+                                  'Batch',
                                    'Export',
                                    'Service',
                                     FS::UI::Web::cust_header(),
@@ -27,15 +29,19 @@
                       '+'. $pn->countrycode. ' '.
                         $pn->npa. ' '.  $pn->nxx. '-'. $pn->station;
                     },
+               sub { shift->get('name') },
+               'availbatch',
                 'exportnum', #XXX
                 #sub { },
                 'svcnum', #XXX
                 \&FS::UI::Web::cust_fields,
               ],
-              'align'         => 'rllll'.FS::UI::Web::cust_aligns(),
+              'align'         => 'rllllll'.FS::UI::Web::cust_aligns(),
               'links'         => [
                 '',
                 '',
+               '',
+               '',
                 '',
                 '', #XXX #$export_link
                 '', #XXX #$svc_link
@@ -46,6 +52,8 @@
               'color' => [ 
                            '',
                            '',
+                          '',
+                          '',
                            '',
                            '',
                            '',
@@ -54,6 +62,8 @@
               'style' => [ 
                            '',
                            '',
+                          '',
+                          '',
                            '',
                            '',
                            '',
@@ -64,13 +74,33 @@
 <%init>
 
 die "access denied"
-  unless $FS::CurrentUser::CurrentUser->access_right('Import');
+  unless ( $FS::CurrentUser::CurrentUser->access_right('List inventory')
+        );
 
 my @search = ();
 
-if ( $cgi->param('availbatch') =~ /^([\w\/\:\-\.]+)$/ ) {
-  push @search, "availbatch = '$1'";
-}
+push @search, "availbatch = '$1'" 
+    if ( $cgi->param('availbatch') =~ /^([\w\d \/\:\-\.]+)$/ ); 
+  
+push @search, "countrycode = '$1'" 
+    if ( $cgi->param('countrycode') =~ /^(\d{1,3})$/ );
+
+push @search, "phone_avail.state = '$1'" 
+    if ( $cgi->param('state') =~ /^(\w{2})$/ );
+
+# i know that the regexps match more than NPA/NXX, but this is good enough now
+push @search, "npa = '$1'" 
+    if ( $cgi->param('npa') =~ /^(\d{3})$/ ); 
+push @search, "nxx = '$1'" 
+    if ( $cgi->param('npa') =~ /^\d{3}$/ && $cgi->param('nxx') =~ /^(\d{3})$/ ); 
+
+push @search, "name = '$1'" 
+    if ( $cgi->param('ratecenter') =~ /^([\w \-\.]+)$/ );
+
+push @search, "svcnum is null" 
+    if ( $cgi->param('avail_status') eq 'AVAIL' );
+push @search, "svcnum is not null" 
+    if ( $cgi->param('avail_status') eq 'UNAVAIL' );
 
 #  #here is the agent virtualization
 #  push @search, $FS::CurrentUser::CurrentUser->agentnums_sql;
@@ -90,7 +120,7 @@ my $count_query = "SELECT COUNT(*) FROM phone_avail $search"; #$addl_from?
 my $link_cust = sub {
   my $phone_avail = shift;
   if ( $phone_avail->svcnum ) {
-    my $cust_svc = $phone_avail->svc_phone->cust_svc;
+    my $cust_svc = $phone_avail->cust_svc;
     if ( $cust_svc->pkgnum ) {
       #my $cust_main = $cust_svc->cust_pkg->cust_main;
       return [ "${p}view/cust_main.cgi?", 'custnum' ];