X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=FS%2FFS%2FClientAPI%2FMyAccount.pm;h=ab11415b3adec802e0a3153d13065ea4ab7388ff;hp=57d42982da9d948e01402fdbe75c35f3b6d931dd;hb=77baa7974ade41e55d85de22e7d7a54273dd442f;hpb=eaa81907845ce3f316401bce723075b5fe3f735c

diff --git a/FS/FS/ClientAPI/MyAccount.pm b/FS/FS/ClientAPI/MyAccount.pm
index 57d42982d..ab11415b3 100644
--- a/FS/FS/ClientAPI/MyAccount.pm
+++ b/FS/FS/ClientAPI/MyAccount.pm
@@ -87,6 +87,8 @@ sub skin_info {
   my($context, $session, $custnum) = _custoragent_session_custnum($p);
   #return { 'error' => $session } if $context eq 'error';
 
+  my $domain = $session->{'domain'};
+
   my $agentnum = '';
   if ( $context eq 'customer' && $custnum ) {
 
@@ -120,6 +122,8 @@ sub skin_info {
     warn "$me populating skin info cache for agentnum $agentnum\n"
       if $DEBUG > 1;
 
+    my $menu = $conf->config("ng_selfservice-menu", $agentnum );
+
     $skin_info_cache_agent = {
       'agentnum' => $agentnum,
       ( map { $_ => scalar( $conf->config($_, $agentnum) ) }
@@ -143,7 +147,93 @@ sub skin_info {
       ( map { $_ => join("\n", $conf->config("selfservice-$_", $agentnum ) ) }
         qw( head body_header body_footer company_address ) ),
       'money_char' => $conf->config("money_char") || '$',
-      'menu' => join("\n", $conf->config("ng_selfservice-menu", $agentnum ) ) ||
+      'menu'  => _menu($domain,$menu),
+    };
+
+    _cache->set("skin_info_cache_agent$agentnum", $skin_info_cache_agent);
+
+  }
+
+  #{ %$skin_info_cache_agent };
+  $skin_info_cache_agent;
+
+}
+
+## checks if page is in menu listing, if not sends to main with error.
+sub check_access {
+ my $p = shift;
+ my $error;
+
+ return if $p->{'page'} eq "index.php";
+ return if $p->{'page'} eq "ip_login.php";
+
+ return if substr($p->{'page'}, 0, length("process_")) eq "process_";
+
+ my $conf = new FS::Conf;
+
+ my($context, $session, $custnum) = _custoragent_session_custnum($p);
+
+ my $domain = ref($session) ? $session->{'domain'} : '';
+
+ my $agentnum = '';
+ if ( $context eq 'customer' && $custnum ) {
+
+  my $sth = dbh->prepare('SELECT agentnum FROM cust_main WHERE custnum = ?')
+    or die dbh->errstr;
+
+  $sth->execute($custnum) or die $sth->errstr;
+
+  $agentnum = $sth->fetchrow_arrayref->[0]
+    or die "no agentnum for custnum $custnum";
+
+  #} elsif ( $context eq 'agent' ) {
+  } elsif ( defined($p->{'agentnum'}) and $p->{'agentnum'} =~ /^(\d+)$/ ) {
+    $agentnum = $1;
+  }
+  $p->{'agentnum'} = $agentnum;
+
+ my $menu = $conf->config("ng_selfservice-menu", $agentnum );
+
+ my $allowed_pages = _menu($domain,$menu);
+
+ my %allowed;
+ my @lines = split /\n/, $allowed_pages;
+ foreach my $line (@lines) {
+  chomp; # remove newlines
+  $line =~ s/^\s+//;  # remove leading whitespace
+  next unless length($line);
+  my (@pages) = split(/ /, $line, 2);
+  $allowed{$pages[0]} = $pages[1];
+ }
+
+ $error = "You do not have access to the page ".$allowed{$p->{page}} unless $allowed{$p->{page}};
+
+ return { 'error' => $error, };
+
+}
+
+sub _menu {
+ my $p = shift;
+ my $m = shift;
+
+ my $menu;
+
+ if ($p eq 'ip_mac') {
+   $menu =       'main.php Home
+
+                 payment.php Payments
+                 payment_cc.php Credit Card Payment
+                 payment_ach.php Electronic Check Payment
+                 payment_paypal.php PayPal Payment
+                 payment_webpay.php Webpay Payments
+
+                 docs.php FAQs
+
+                 logout.php Logout
+                ';
+ }
+ else {
+   $menu = join("\n", $m ) ||
                 'main.php Home
 
                  services.php Services
@@ -172,16 +262,9 @@ sub skin_info {
                  docs.php FAQs
 
                  logout.php Logout
-                ',
-    };
-
-    _cache->set("skin_info_cache_agent$agentnum", $skin_info_cache_agent);
-
-  }
-
-  #{ %$skin_info_cache_agent };
-  $skin_info_cache_agent;
-
+                ';
+ }
+ return $menu;
 }
 
 sub get_mac_address {
@@ -199,12 +282,11 @@ sub get_mac_address {
   foreach my $part_export (@part_export) {
     push @sessions, ( @{ $part_export->usage_sessions( {
       'ip' => $p->{'ip'},
+      'session_status' => 'open',
     } ) } );
   }
 
-  my $mac = $sessions[0]->{'callingstationid'};
-
-  return { 'mac_address' => $mac, };
+  return { 'mac_address' => $sessions[0]->{'callingstationid'}, };
 }
 
 sub login_info {
@@ -214,8 +296,8 @@ sub login_info {
 
   my %info = (
     %{ skin_info($p) },
-    'phone_login'  => $conf->exists('selfservice_server-phone_login'),
-    'single_domain'=> scalar($conf->config('selfservice_server-single_domain')),
+    'phone_login'      => $conf->exists('selfservice_server-phone_login'),
+    'single_domain'    => scalar($conf->config('selfservice_server-single_domain')),
     'banner_url'       => scalar($conf->config('selfservice-login_banner_url')),
     'banner_image_md5' => 
       md5_hex($conf->config_binary('selfservice-login_banner_image')),
@@ -262,14 +344,20 @@ sub login {
 
   } elsif ( $p->{'domain'} eq 'ip_mac' ) {
 
+      return { error => 'MAC address empty '.$p->{'username'} }
+        unless $p->{'username'};
+
       my $mac_address = $p->{'username'};
-      $mac_address =~ s/\://g;
+      $mac_address =~ s/[\:\,\-\. ]//g;
+      $mac_address =~ tr/[a-z]/[A-Z/;
 
       my $svc_broadband = qsearchs( 'svc_broadband', { 'mac_addr' => $mac_address } );
       return { error => 'MAC address not found '.$p->{'username'} }
         unless $svc_broadband;
       $svc_x = $svc_broadband;
 
+      $session->{'domain'} = $p->{'domain'};
+
   } elsif ( $p->{email}
               && (my $contact = FS::contact->by_selfservice_email($p->{email}))
           )