X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=FS%2FFS%2FAccessRight.pm;h=66624e1797587d51049e0e8b40600b34472aa1f3;hp=13dbd7f5b29f5ed7ef84dcf4ebd0552aeab6416d;hb=20f03d52cc6c930f610c0b4466eeeeda54fdbb40;hpb=167b4b17fae06fbf56dd4b2655489643f35bfd8b diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm index 13dbd7f5b..5badba76c 100644 --- a/FS/FS/AccessRight.pm +++ b/FS/FS/AccessRight.pm @@ -53,7 +53,6 @@ assigned to users and/or groups. # 'billing' => [ # '_desc' => 'Access to billing configuration', # 'payment_gateway' => {}, -# 'part_bill_event' => {}, # 'prepay_credit' => {}, # 'rate' => {}, # 'cust_main_county' => {}, @@ -85,6 +84,20 @@ assigned to users and/or groups. #well, this is what we have for now. getting better. tie my %rights, 'Tie::IxHash', + + ### + # contact rights + ### + 'Contact and Prospect rights' => [ + 'New prospect', + 'View prospect', + 'Edit prospect', + 'Edit contact', #! + #'New contact', + #'View customer contacts', + 'Generate quotation', + 'Disable quotation', + ], ### # basic customer rights @@ -94,12 +107,19 @@ tie my %rights, 'Tie::IxHash', 'View customer', #'View Customer | View tickets', 'Edit customer', + 'Edit customer tags', + 'Edit referring customer', + 'Edit customer invoice terms', + 'View customer history', + 'Suspend customer', + 'Unsuspend customer', 'Cancel customer', 'Complimentary customer', #aka users-allow_comp - { rightname=>'Delete customer', desc=>"Enable customer deletions. Be very careful! Deleting a customer will remove all traces that this customer ever existed! It should probably only be used when auditing a legacy database. Normally, you cancel all of a customer's packages if they cancel service." }, #aka. deletecustomers - 'Add customer note', #NEW - 'Edit customer note', #NEW + 'Merge customer', + 'Merge customer across agents', 'Bill customer now', #NEW + 'Bulk send customer notices', #NEW + { rightname=>'View customers of all agents', global=>1 }, ], ### @@ -109,17 +129,35 @@ tie my %rights, 'Tie::IxHash', 'View customer packages', #NEW 'Order customer package', 'One-time charge', + 'Modify one-time charge', 'Change customer package', + 'Detach customer package', 'Bulk change customer packages', 'Edit customer package dates', + 'Discount customer package', #NEW + 'Custom discount customer package', #NEW 'Customize customer package', 'Suspend customer package', 'Suspend customer package later', 'Unsuspend customer package', 'Cancel customer package immediately', 'Cancel customer package later', + 'Un-cancel customer package', + 'Delay suspension events', + 'Customize billing during suspension', 'Add on-the-fly cancel reason', #NEW 'Add on-the-fly suspend reason', #NEW + 'Edit customer package invoice details', #NEW + 'Edit customer package comments', #NEW + 'Qualify service', #NEW + 'Waive setup fee', #NEW + 'View appointments', #NEWNEW + 'Make appointment', + 'View package definition costs', #NEWNEW + 'Change package start date', + 'Change package contract end date', + 'Unmask customer DL', + 'Unmask customer SSN', ], ### @@ -128,14 +166,18 @@ tie my %rights, 'Tie::IxHash', 'Customer service rights' => [ 'View customer services', #NEW 'Provision customer service', + 'Bulk provision customer service', + 'Bulk move customer services', #NEWNEW 'Recharge customer service', #NEW 'Unprovision customer service', 'Change customer service', #NEWNEW + 'Edit password', 'Edit usage', #NEW 'Edit home dir', #NEW 'Edit www config', #NEW 'Edit domain catchall', #NEW 'Edit domain nameservice', #NEW + 'Manage domain registration', { rightname=>'View/link unlinked services', global=>1 }, #not agent-virtualizable without more work ], @@ -146,24 +188,34 @@ tie my %rights, 'Tie::IxHash', 'Customer invoice / financial info rights' => [ 'View invoices', 'Resend invoices', #NEWNEW + { rightname=>'Print and mail invoices', desc=>"Print and mail via Freeside's web service", }, ##NEWER than NEWNEWNEW + 'Void invoices', + 'Unvoid invoices', 'View customer tax exemptions', #yow + 'Edit customer tax exemptions', #NEWNEW + 'Add customer tax adjustment', #new, but no need to phase in 'View customer batched payments', #NEW + 'View customer pending payments', #NEW + 'Edit customer pending payments', #NEW 'View customer billing events', #NEW + 'View legacy typeset statements', #new, but no need to phase in ], ### # customer payment rights ### 'Customer payment rights' => [ - 'Post payment', + 'View payments', + { rightname=>'Post payment', desc=>'Make check or cash payments.' }, + { rightname=>'Backdate payment', desc=>'Enable payments to be posted for days other than today.' }, + 'Post check payment', + 'Post cash payment', 'Post payment batch', 'Apply payment', #NEWNEW { rightname=>'Unapply payment', desc=>'Enable "unapplication" of unclosed payments from specific invoices.' }, #aka. unapplypayments - 'Process payment', - 'Refund payment', - - { rightname=>'Delete payment', desc=>'Enable deletion of unclosed payments. Be very careful! Only delete payments that were data-entry errors, not adjustments.' }, #aka. deletepayments Optionally specify one or more comma-separated email addresses to be notified when a payment is deleted. - + { rightname=>'Process payment', desc=>'Process credit card or e-check payments' }, + 'Process credit card payment', + 'Process Echeck payment', ], ### @@ -171,38 +223,118 @@ tie my %rights, 'Tie::IxHash', ### 'Customer credit and refund rights' => [ 'Post credit', + { rightname=>'Backdate credit', desc=>'Enable credits to be posted for days other than today.' }, + 'Credit line items', #NEWNEWNEW 'Apply credit', #NEWNEW + 'Void credit', #NEWER than things marked NEWNEWNEW + 'Unvoid credit', #NEWER than things marked NEWNEWNEW { rightname=>'Unapply credit', desc=>'Enable "unapplication" of unclosed credits.' }, #aka unapplycredits - { rightname=>'Delete credit', desc=>'Enable deletion of unclosed credits. Be very careful! Only delete credits that were data-entry errors, not adjustments.' }, #aka. deletecredits Optionally specify one or more comma-separated email addresses to be notified when a credit is deleted. + 'View refunds', + { rightname=>'Post refund', desc=>'Enable posting of check and cash refunds.' }, + 'Post check refund', + 'Post cash refund', +# { rightname=>'Process refund', desc=>'Enable processing of generic credit card/ACH refunds (i.e. not associated with a specific prior payment).' }, + { rightname=>'Refund payment', desc=>'Enable refund of existing customer credit card or e-check payments.' }, + 'Refund credit card payment', + 'Refund Echeck payment', 'Delete refund', #NEW 'Add on-the-fly credit reason', #NEW + 'Add on-the-fly void reason', + 'Add on-the-fly refund reason', #NEW ], ### # customer voiding rights.. ### - 'Customer void rights' => [ - { rightname=>'Credit card void', desc=>'Enable local-only voiding of echeck payments in addition to refunds against the payment gateway.' }, #aka. cc-void + 'Customer payment void rights' => [ + { rightname=>'Credit card void', desc=>'Enable local-only voiding of credit card payments in addition to refunds against the payment gateway.' }, #aka. cc-void { rightname=>'Echeck void', desc=>'Enable local-only voiding of echeck payments in addition to refunds against the payment gateway.' }, #aka. echeck-void - 'Regular void', - { rightname=>'Unvoid', desc=>'Enable unvoiding of voided payments' }, #aka. unvoid + 'Void payments', + { rightname=>'Unvoid payments', desc=>'Enable unvoiding of voided payments' }, #aka. unvoid ], + + ### + # note/attachment rights... + ### + 'Customer note and attachment rights' => [ + 'Add customer note', #NEW + 'Edit customer note', #NEW + 'Delete customer note', #NEWEST + 'View attachments', #NEW + 'Browse attachments', #NEW + 'Download attachment', #NEW + 'Add attachment', #NEW + 'Edit attachment', #NEW + 'Delete attachment', #NEW + 'View deleted attachments', #NEW + 'Undelete attachment', #NEW + 'Purge attachment', #NEW + ], ### # report/listing rights... ### - 'Reprting/listing rights' => [ + 'Reporting/listing rights' => [ + 'List prospects', + 'List contacts', 'List customers', + 'List all customers', + 'Advanced customer search', 'List zip codes', #NEW + 'List quotations', 'List invoices', 'List packages', + 'Summarize packages', 'List services', + 'List service passwords', { rightname=> 'List rating data', desc=>'Usage reports', global=>1 }, 'Billing event reports', + 'Receivables report', + 'Basic payment and refund reports', 'Financial reports', + { rightname=>'Send reports to customers', global=>1 }, + { rightname=> 'List inventory', global=>1 }, + { rightname=>'View email logs', global=>1 }, + { rightname=>'View system logs' }, + + 'Download report data', + 'Customers: Customer churn report', + 'Services: Accounts', + 'Services: Accounts: Advanced search', + 'Services: Domains', + 'Services: Certificates', + 'Services: Mail forwards', + 'Services: Virtual hosting services', + 'Services: Wireless broadband services', + 'Services: Wireless broadband services: Advanced search', + 'Services: DSLs', + 'Services: Cable subscribers', + 'Services: Conferencing', + 'Services: Dish services', + 'Services: Hardware', + 'Services: Hardware: Advanced search', + 'Services: Phone numbers', + 'Services: Phone numbers: Advanced search', + 'Services: PBXs', + 'Services: Ports', + 'Services: Mailing lists', + 'Services: Alarm services', + 'Services: Video', + 'Services: Circuits', + 'Services: Fiber', + 'Services: Fiber: Advanced search', + 'Services: External services', + 'Usage: RADIUS sessions', + 'Usage: Call Detail Records (CDRs)', + 'Usage: Unrateable CDRs', + 'Usage: Time worked', + #gone in 4.x as a distinct ACL (for now?) { rightname=>'Employees: Commission Report', global=>1 }, + { rightname=>'Employee Reports', global=>1 }, + + #{ rightname => 'List customers of all agents', global=>1 }, ], ### @@ -211,10 +343,16 @@ tie my %rights, 'Tie::IxHash', 'Miscellaneous rights' => [ { rightname=>'Job queue', global=>1 }, { rightname=>'Time queue', global=>1 }, - { rightname=>'Process batches', global=>1 }, - { rightname=>'Reprocess batches', global=>1 }, + { rightname=>'Process batches', }, #Process payment batches + { rightname=>'Process global batches', global=>1 }, #Process global payment batches + { rightname=>'Reprocess batches', global=>1 }, #Reprocess payment batches + { rightname=>'Redownload resolved batches', global=>1 }, #Redownload resolved payment batches + { rightname=>'Process invoice batches', }, + { rightname=>'Process global invoice batches', global=>1 }, { rightname=>'Import', global=>1 }, #some of these are ag-virt'ed now? give em their own ACLs { rightname=>'Export', global=>1 }, + { rightname=> 'Edit rating data', desc=>'Delete CDRs', global=>1 }, + { rightname=>'Delete fees', }, #], # ### @@ -222,6 +360,16 @@ tie my %rights, 'Tie::IxHash', ### #'Database access rights' => [ { rightname=>'Raw SQL', global=>1 }, #NEW + #] + + #'Employee preference rights' => [ + { rightname=>'Employee preference telephony integration' }, + #] + + #'RT preference rights' => [ + { rightname=>'RT activity notification' }, + #] + ], ### @@ -231,13 +379,57 @@ tie my %rights, 'Tie::IxHash', 'Edit advertising sources', { rightname=>'Edit global advertising sources', global=>1 }, + 'Edit sales people', + 'Edit package definitions', { rightname=>'Edit global package definitions', global=>1 }, - + 'Edit package definition costs', + + 'Bulk edit package definitions', + + 'Edit FCC report configuration', + { rightname => 'Edit FCC report configuration for all agents', global=>1 }, + + 'Edit CDR rates', + #{ rightname=>'Edit global CDR rates', global=>1, }, + + 'Edit fee definitions', + { rightname=>'Edit global fee definitions', global=>1 }, + 'Edit billing events', { rightname=>'Edit global billing events', global=>1 }, + + 'View templates', + { rightname=>'View global templates', global=>1 }, + 'Edit templates', + { rightname=>'Edit global templates', global=>1 }, + + 'Edit inventory', + { rightname=>'Edit global inventory', global=>1 }, + { rightname=>'Dialup configuration' }, + { rightname=>'Dialup global configuration', global=>1 }, + + { rightname=>'Broadband configuration' }, + { rightname=>'Broadband global configuration', global=>1 }, + + { rightname=>'Alarm configuration' }, + { rightname=>'Alarm global configuration', global=>1 }, + + { rightname=>'Edit hardware classes and types' }, + + { rightname=> 'Configure network monitoring', global=>1 }, + + #{ rightname=>'Edit employees', global=>1, }, + #{ rightname=>'Edit employee groupss', global=>1, }, + + { rightname=>'Edit custom fields', global=>1 }, + { rightname=>'Configuration', global=>1 }, #most of the rest of the configuraiton is not agent-virtualized + + { rightname=>'Configuration download', }, #description of how it affects + #search/elements/search.html + ], ; @@ -248,14 +440,47 @@ tie my %rights, 'Tie::IxHash', =item rights -Returns a list of right names. +Returns the full list of right names. =cut - sub rights { +sub rights { #my $class = shift; map { ref($_) ? $_->{'rightname'} : $_ } map @{ $rights{$_} }, keys %rights; - } +} + +=item default_superuser_rights + +Most (but not all) right names. + +=cut + +sub default_superuser_rights { + my $class = shift; + my %omit = map { $_=>1 } ( + 'Delete refund', #? + 'Edit customer package dates', + 'Time queue', + 'Usage: Time worked', + 'Redownload resolved batches', + 'Raw SQL', + 'Configuration download', + 'View customers of all agents', + 'View/link unlinked services', + 'Edit usage', + 'Credit card void', + 'Echeck void', + 'Void invoices',#people are overusing this when credits are more appropriate + 'Backdate credit', + 'View legacy typeset statments', + 'Detach customer package', + 'Delete fees', + 'Employee preference telephony integration', + ); + + no warnings 'uninitialized'; + grep { ! $omit{$_} } $class->rights; +} =item rights_info @@ -292,4 +517,3 @@ L, L, L =cut 1; -