X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=FS%2FFS%2FAccessRight.pm;h=1528ed42c939b90f85a2b44cb6a847ab9f39dc25;hp=13dbd7f5b29f5ed7ef84dcf4ebd0552aeab6416d;hb=20f38e4c256094bd938b732950e8f93319f851a5;hpb=5e05724a635a22776f1b973f5d7e77989da4e048

diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm
index 13dbd7f5b..1528ed42c 100644
--- a/FS/FS/AccessRight.pm
+++ b/FS/FS/AccessRight.pm
@@ -85,6 +85,20 @@ assigned to users and/or groups.
 
 #well, this is what we have for now.  getting better.
 tie my %rights, 'Tie::IxHash',
+
+  ###
+  # contact rights
+  ###
+  'Contact and Prospect rights' => [
+    'New prospect',
+    'View prospect',
+    'Edit prospect',
+    'List prospects',
+    'Edit contact', #!
+    #'New contact',
+    #'View customer contacts',
+    #'List contacts',
+  ],
   
   ###
   # basic customer rights
@@ -94,12 +108,13 @@ tie my %rights, 'Tie::IxHash',
     'View customer',
     #'View Customer | View tickets',
     'Edit customer',
+    'Edit referring customer',
+    'View customer history',
     'Cancel customer',
     'Complimentary customer', #aka users-allow_comp 
     { rightname=>'Delete customer', desc=>"Enable customer deletions. Be very careful! Deleting a customer will remove all traces that this customer ever existed! It should probably only be used when auditing a legacy database. Normally, you cancel all of a customer's packages if they cancel service." }, #aka. deletecustomers
-    'Add customer note', #NEW
-    'Edit customer note', #NEW
     'Bill customer now', #NEW
+    'Bulk send customer notices', #NEW
   ],
   
   ###
@@ -112,14 +127,19 @@ tie my %rights, 'Tie::IxHash',
     'Change customer package',
     'Bulk change customer packages',
     'Edit customer package dates',
+    'Discount customer package', #NEW
+    'Custom discount customer package', #NEW
     'Customize customer package',
     'Suspend customer package',
     'Suspend customer package later',
     'Unsuspend customer package',
     'Cancel customer package immediately',
     'Cancel customer package later',
+    'Delay suspension events',
     'Add on-the-fly cancel reason', #NEW
     'Add on-the-fly suspend reason', #NEW
+    'Edit customer package invoice details', #NEW
+    'Edit customer package comments', #NEW
   ],
   
   ###
@@ -136,6 +156,7 @@ tie my %rights, 'Tie::IxHash',
     'Edit www config', #NEW
     'Edit domain catchall', #NEW
     'Edit domain nameservice', #NEW
+    'Manage domain registration',
   
     { rightname=>'View/link unlinked services', global=>1 }, #not agent-virtualizable without more work
   ],
@@ -146,8 +167,12 @@ tie my %rights, 'Tie::IxHash',
   'Customer invoice / financial info rights' => [
     'View invoices',
     'Resend invoices', #NEWNEW
+    'Delete invoices', #new, but no need to phase in
     'View customer tax exemptions', #yow
+    'Add customer tax adjustment', #new, but no need to phase in
     'View customer batched payments', #NEW
+    'View customer pending payments', #NEW
+    'Edit customer pending payments', #NEW
     'View customer billing events', #NEW
   ],
   
@@ -160,8 +185,8 @@ tie my %rights, 'Tie::IxHash',
     'Apply payment', #NEWNEW
     { rightname=>'Unapply payment', desc=>'Enable "unapplication" of unclosed payments from specific invoices.' }, #aka. unapplypayments
     'Process payment',
-    'Refund payment',
-  
+    { rightname=>'Refund payment', desc=>'Enable refund of existing customer payments.' },
+
     { rightname=>'Delete payment', desc=>'Enable deletion of unclosed payments. Be very careful!  Only delete payments that were data-entry errors, not adjustments.' }, #aka. deletepayments Optionally specify one or more comma-separated email addresses to be notified when a payment is deleted.
   
   ],
@@ -174,6 +199,8 @@ tie my %rights, 'Tie::IxHash',
     'Apply credit', #NEWNEW
     { rightname=>'Unapply credit', desc=>'Enable "unapplication" of unclosed credits.' }, #aka unapplycredits
     { rightname=>'Delete credit', desc=>'Enable deletion of unclosed credits. Be very careful!  Only delete credits that were data-entry errors, not adjustments.' }, #aka. deletecredits Optionally specify one or more comma-separated email addresses to be notified when a credit is deleted.
+    { rightname=>'Post refund', desc=>'Enable posting of check and cash refunds.' },
+#    { rightname=>'Process refund', desc=>'Enable processing of generic credit card/ACH refunds (i.e. not associated with a specific prior payment).' },
     'Delete refund', #NEW
     'Add on-the-fly credit reason', #NEW
   ],
@@ -189,11 +216,28 @@ tie my %rights, 'Tie::IxHash',
     
   
   ],
+ 
+  ###
+  # note/attachment rights...
+  ###
+  'Customer note and attachment rights' => [
+    'Add customer note', #NEW
+    'Edit customer note', #NEW
+    'View attachments', #NEW
+    'Browse attachments', #NEW
+    'Download attachment', #NEW
+    'Add attachment', #NEW
+    'Edit attachment', #NEW
+    'Delete attachment', #NEW
+    'View deleted attachments', #NEW
+    'Undelete attachment', #NEW
+    'Purge attachment', #NEW
+  ],
   
   ###
   # report/listing rights...
   ###
-  'Reprting/listing rights' => [
+  'Reporting/listing rights' => [
     'List customers',
     'List zip codes', #NEW
     'List invoices',
@@ -202,6 +246,7 @@ tie my %rights, 'Tie::IxHash',
   
     { rightname=> 'List rating data', desc=>'Usage reports', global=>1 },
     'Billing event reports',
+    'Receivables report',
     'Financial reports',
   ],
   
@@ -213,8 +258,10 @@ tie my %rights, 'Tie::IxHash',
     { rightname=>'Time queue', global=>1 },
     { rightname=>'Process batches', global=>1 },
     { rightname=>'Reprocess batches', global=>1 },
+    { rightname=>'Redownload resolved batches', global=>1 },
     { rightname=>'Import', global=>1 }, #some of these are ag-virt'ed now?  give em their own ACLs
     { rightname=>'Export', global=>1 },
+    { rightname=> 'Edit rating data', desc=>'Delete CDRs', global=>1 },
   #],
   #
   ###
@@ -237,7 +284,17 @@ tie my %rights, 'Tie::IxHash',
     'Edit billing events',
     { rightname=>'Edit global billing events', global=>1 },
   
+    { rightname=>'Dialup configuration' },
+    { rightname=>'Dialup global configuration', global=>1 },
+
+    { rightname=>'Broadband configuration' },
+    { rightname=>'Broadband global configuration', global=>1 },
+
     { rightname=>'Configuration', global=>1 }, #most of the rest of the configuraiton is not agent-virtualized
+
+    { rightname=>'Configuration download', }, #description of how it affects
+                                              #search/elements/search.html
+
   ],
   
 ;
@@ -248,14 +305,38 @@ tie my %rights, 'Tie::IxHash',
   
 =item rights
 
-Returns a list of right names.
+Returns the full list of right names.
 
 =cut
   
-  sub rights {
+sub rights {
   #my $class = shift;
   map { ref($_) ? $_->{'rightname'} : $_ } map @{ $rights{$_} }, keys %rights;
-  }
+}
+
+=item default_superuser_rights
+
+Most (but not all) right names.
+
+=cut
+
+sub default_superuser_rights {
+  my $class = shift;
+  my %omit = map { $_=>1 } (
+    'Delete customer',
+    'Delete invoices',
+    'Delete payment',
+    'Delete credit', #?
+    'Delete refund', #?
+    'Time queue',
+    'Redownload resolved batches',
+    'Raw SQL',
+    'Configuration download',
+  );
+
+  no warnings 'uninitialized';
+  grep { ! $omit{$_} } $class->rights;
+}
   
 =item rights_info