X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=FS%2FFS%2FAPI.pm;h=32400f7c3c9743aee075f14d55885ce4b176d79f;hp=c49fb205a8275bb8f539980fb4345409f7f69c6d;hb=53846367793e58f00ce32b2fcbd05e9f0ddd179e;hpb=a7d1e60f6b411c9a8daa1f654855440f59bc05ea diff --git a/FS/FS/API.pm b/FS/FS/API.pm index c49fb205a..32400f7c3 100644 --- a/FS/FS/API.pm +++ b/FS/FS/API.pm @@ -24,7 +24,9 @@ This module implements a backend API for advanced back-office integration. In contrast to the self-service API, which authenticates an end-user and offers functionality to that end user, the backend API performs a simple shared-secret authentication and offers full, administrator functionality, enabling -integration with other back-office systems. +integration with other back-office systems. Only access this API from a secure +network from other backoffice machines. DON'T use this API to create customer +portal functionality. If accessing this API remotely with XML-RPC or JSON-RPC, be careful to block the port by default, only allow access from back-office servers with the same @@ -41,7 +43,7 @@ in plaintext. Adds a new payment to a customers account. Takes a list of keys and values as paramters with the following keys: -=over 5 +=over 4 =item secret @@ -89,9 +91,7 @@ Example: #enter cash payment sub insert_payment { my($class, %opt) = @_; - my $conf = new FS::Conf; - return { 'error' => 'Incorrect shared secret' } - unless $opt{secret} eq $conf->config('api_shared_secret'); + return _shared_secret_error() unless _check_shared_secret($opt{secret}); #less "raw" than this? we are the backoffice API, and aren't worried # about version migration ala cust_main/cust_location here @@ -105,19 +105,12 @@ sub insert_payment { # pass the phone number ( from svc_phone ) sub insert_payment_phonenum { my($class, %opt) = @_; - my $conf = new FS::Conf; - return { 'error' => 'Incorrect shared secret' } - unless $opt{secret} eq $conf->config('api_shared_secret'); - $class->_by_phonenum('insert_payment', %opt); - } sub _by_phonenum { my($class, $method, %opt) = @_; - my $conf = new FS::Conf; - return { 'error' => 'Incorrect shared secret' } - unless $opt{secret} eq $conf->config('api_shared_secret'); + return _shared_secret_error() unless _check_shared_secret($opt{secret}); my $phonenum = delete $opt{'phonenum'}; @@ -130,7 +123,6 @@ sub _by_phonenum { $opt{'custnum'} = $cust_pkg->custnum; $class->$method(%opt); - } =item insert_credit OPTION => VALUE, ... @@ -181,11 +173,9 @@ Example: #Enter credit sub insert_credit { my($class, %opt) = @_; - my $conf = new FS::Conf; - return { 'error' => 'Incorrect shared secret' } - unless $opt{secret} eq $conf->config('api_shared_secret'); + return _shared_secret_error() unless _check_shared_secret($opt{secret}); - $opt{'reasonnum'} ||= $conf->config('api_credit_reason'); + $opt{'reasonnum'} ||= FS::Conf->new->config('api_credit_reason'); #less "raw" than this? we are the backoffice API, and aren't worried # about version migration ala cust_main/cust_location here @@ -199,12 +189,38 @@ sub insert_credit { # pass the phone number ( from svc_phone ) sub insert_credit_phonenum { my($class, %opt) = @_; - my $conf = new FS::Conf; - return { 'error' => 'Incorrect shared secret' } - unless $opt{secret} eq $conf->config('api_shared_secret'); - $class->_by_phonenum('insert_credit', %opt); +} + +=item apply_payments_and_credits + +Applies payments and credits for this customer. Takes a list of keys and +values as parameter with the following keys: + +=over 4 + +=item secret + +API secret + +=item custnum +Customer number + +=back + +=cut + +#apply payments and credits +sub apply_payments_and_credits { + my($class, %opt) = @_; + return _shared_secret_error() unless _check_shared_secret($opt{secret}); + + my $cust_main = qsearchs('cust_main', { 'custnum' => $opt{custnum} }) + or return { 'error' => 'Unknown custnum' }; + + my $error = $cust_main->apply_payments_and_credits( 'manual'=>1 ); + return { 'error' => $error, }; } =item insert_refund OPTION => VALUE, ... @@ -236,9 +252,7 @@ Example: #Enter cash refund. sub insert_refund { my($class, %opt) = @_; - my $conf = new FS::Conf; - return { 'error' => 'Incorrect shared secret' } - unless $opt{secret} eq $conf->config('api_shared_secret'); + return _shared_secret_error() unless _check_shared_secret($opt{secret}); # when github pull request #24 is merged, # will have to change over to default reasonnum like credit @@ -257,12 +271,7 @@ sub insert_refund { # pass the phone number ( from svc_phone ) sub insert_refund_phonenum { my($class, %opt) = @_; - my $conf = new FS::Conf; - return { 'error' => 'Incorrect shared secret' } - unless $opt{secret} eq $conf->config('api_shared_secret'); - $class->_by_phonenum('insert_refund', %opt); - } #--- @@ -365,26 +374,6 @@ comma-separated list of email addresses for email invoices. The special value 'P postal_invoicing Set to 1 to enable postal invoicing -=item payby - -CARD, DCRD, CHEK, DCHK, LECB, BILL, COMP or PREPAY - -=item payinfo - -Card number for CARD/DCRD, account_number@aba_number for CHEK/DCHK, prepaid "pin" for PREPAY, purchase order number for BILL - -=item paycvv - -Credit card CVV2 number (1.5+ or 1.4.2 with CVV schema patch) - -=item paydate - -Expiration date for CARD/DCRD - -=item payname - -Exact name on credit card for CARD/DCRD, bank name for CHEK/DCHK - =item referral_custnum Referring customer number @@ -415,16 +404,13 @@ Referring customer number sub new_customer { my( $class, %opt ) = @_; - - my $conf = new FS::Conf; - return { 'error' => 'Incorrect shared secret' } - unless $opt{secret} eq $conf->config('api_shared_secret'); + return _shared_secret_error() unless _check_shared_secret($opt{secret}); #default agentnum like signup_server-default_agentnum? #$opt{agentnum} ||= $conf->config('signup_server-default_agentnum'); #same for refnum like signup_server-default_refnum - $opt{refnum} ||= $conf->config('signup_server-default_refnum'); + $opt{refnum} ||= FS::Conf->new->config('signup_server-default_refnum'); $class->API_insert( %opt ); } @@ -505,27 +491,6 @@ addition to email addresses), postal_invoicing Set to 1 to enable postal invoicing -=item payby - -CARD, DCRD, CHEK, DCHK, LECB, BILL, COMP or PREPAY - -=item payinfo - -Card number for CARD/DCRD, account_number@aba_number for CHEK/DCHK, prepaid -"pin" for PREPAY, purchase order number for BILL - -=item paycvv - -Credit card CVV2 number (1.5+ or 1.4.2 with CVV schema patch) - -=item paydate - -Expiration date for CARD/DCRD - -=item payname - -Exact name on credit card for CARD/DCRD, bank name for CHEK/DCHK - =item referral_custnum Referring customer number @@ -544,10 +509,7 @@ Agent number sub update_customer { my( $class, %opt ) = @_; - - my $conf = new FS::Conf; - return { 'error' => 'Incorrect shared secret' } - unless $opt{secret} eq $conf->config('api_shared_secret'); + return _shared_secret_error() unless _check_shared_secret($opt{secret}); FS::cust_main->API_update( %opt ); } @@ -561,9 +523,7 @@ parameters with the following keys: custnum, secret sub customer_info { my( $class, %opt ) = @_; - my $conf = new FS::Conf; - return { 'error' => 'Incorrect shared secret' } - unless $opt{secret} eq $conf->config('api_shared_secret'); + return _shared_secret_error() unless _check_shared_secret($opt{secret}); my $cust_main = qsearchs('cust_main', { 'custnum' => $opt{custnum} }) or return { 'error' => 'Unknown custnum' }; @@ -584,9 +544,7 @@ and values as paramters with the following keys: custnum, secret sub location_info { my( $class, %opt ) = @_; - my $conf = new FS::Conf; - return { 'error' => 'Incorrect shared secret' } - unless $opt{secret} eq $conf->config('api_shared_secret'); + return _shared_secret_error() unless _check_shared_secret($opt{secret}); my @cust_location = qsearch('cust_location', { 'custnum' => $opt{custnum} }); @@ -623,9 +581,7 @@ Customer number (required) sub bill_now { my( $class, %opt ) = @_; - my $conf = new FS::Conf; - return { 'error' => 'Incorrect shared secret' } - unless $opt{secret} eq $conf->config('api_shared_secret'); + return _shared_secret_error() unless _check_shared_secret($opt{secret}); my $cust_main = qsearchs('cust_main', { 'custnum' => $opt{custnum} }) or return { 'error' => 'Unknown custnum' }; @@ -641,7 +597,19 @@ sub bill_now { } -#Advertising sources? +#next.. Advertising sources? + + +## +# helper subroutines +## +sub _check_shared_secret { + shift eq FS::Conf->new->config('api_shared_secret'); +} + +sub _shared_secret_error { + return { 'error' => 'Incorrect shared secret' }; +} 1;