X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=FS%2FFS%2FClientAPI%2FMyAccount.pm;h=c1b6ec2042790762138b0a0cba6a113f77b4aa60;hp=af747eb03aca34e3843914cc4290b2249f25aff5;hb=646a070648d2d05cac0a847e2505c45783390c6b;hpb=74e6dd693162bb44bcb9ee45c49f6d48d7b2072e diff --git a/FS/FS/ClientAPI/MyAccount.pm b/FS/FS/ClientAPI/MyAccount.pm index af747eb03..c1b6ec204 100644 --- a/FS/FS/ClientAPI/MyAccount.pm +++ b/FS/FS/ClientAPI/MyAccount.pm @@ -11,7 +11,7 @@ use Digest::SHA qw(sha512_hex); use Date::Format; use Time::Duration; use Time::Local qw(timelocal_nocheck); -use Business::CreditCard; +use Business::CreditCard 0.35; use HTML::Entities; use Text::CSV_XS; use Spreadsheet::WriteExcel; @@ -23,7 +23,7 @@ use FS::Conf; #use FS::UID qw(dbh); use FS::Record qw(qsearch qsearchs dbh); use FS::Msgcat qw(gettext); -use FS::Misc qw(card_types); +use FS::Misc qw(card_types money_pretty); use FS::Misc::DateTime qw(parse_datetime); use FS::TicketSystem; use FS::ClientAPI_SessionCache; @@ -46,8 +46,13 @@ use FS::payby; use FS::acct_rt_transaction; use FS::msg_template; use FS::contact; +use FS::cust_location; -$DEBUG = 1; +# for code organization +use FS::ClientAPI::MyAccount::contact; +use FS::ClientAPI::MyAccount::quotation; + +$DEBUG = 0; $me = '[FS::ClientAPI::MyAccount]'; use vars qw( @cust_main_editable_fields @location_editable_fields ); @@ -81,6 +86,8 @@ sub skin_info { my($context, $session, $custnum) = _custoragent_session_custnum($p); #return { 'error' => $session } if $context eq 'error'; + my $domain = $session->{'domain'}; + my $agentnum = ''; if ( $context eq 'customer' ) { @@ -99,7 +106,7 @@ sub skin_info { $p->{'agentnum'} = $agentnum; my $conf = new FS::Conf; - + my $timeout = $conf->config('selfservice-session_timeout') || '1 hour'; #false laziness w/Signup.pm my $skin_info_cache_agent = _cache->get("skin_info_cache_agent$agentnum"); @@ -114,6 +121,8 @@ sub skin_info { warn "$me populating skin info cache for agentnum $agentnum\n" if $DEBUG > 1; + my $menu = $conf->config("ng_selfservice-menu", $agentnum ); + $skin_info_cache_agent = { 'agentnum' => $agentnum, ( map { $_ => scalar( $conf->config($_, $agentnum) ) } @@ -126,7 +135,7 @@ sub skin_info { ), 'menu_disable' => [ $conf->config('selfservice-menu_disable',$agentnum) ], ( map { $_ => $conf->exists("selfservice-$_", $agentnum ) } - qw( menu_skipblanks menu_skipheadings menu_nounderline no_logo ) + qw( menu_skipblanks menu_skipheadings menu_nounderline no_logo enable_payment_without_balance ) ), ( map { $_ => scalar($conf->config_binary("selfservice-$_", $agentnum)) } qw( title_left_image title_right_image @@ -136,7 +145,94 @@ sub skin_info { 'logo' => scalar($conf->config_binary('logo.png', $agentnum )), ( map { $_ => join("\n", $conf->config("selfservice-$_", $agentnum ) ) } qw( head body_header body_footer company_address ) ), - 'menu' => join("\n", $conf->config("ng_selfservice-menu", $agentnum ) ) || + 'money_char' => $conf->config("money_char") || '$', + 'menu' => _menu($domain,$menu), + }; + + _cache->set("skin_info_cache_agent$agentnum", $skin_info_cache_agent, $timeout); + + } + + #{ %$skin_info_cache_agent }; + $skin_info_cache_agent; + +} + +## checks if page is in menu listing, if not sends to main with error. +sub check_access { + my $p = shift; + my $error; + + return if $p->{'page'} eq "index.php"; + return if $p->{'page'} eq "ip_login.php"; + + return if substr($p->{'page'}, 0, length("process_")) eq "process_"; + + my $conf = new FS::Conf; + + my($context, $session, $custnum) = _custoragent_session_custnum($p); + + my $domain = ref($session) ? $session->{'domain'} : ''; + + my $agentnum = ''; + if ( $context eq 'customer' && $custnum ) { + + my $sth = dbh->prepare('SELECT agentnum FROM cust_main WHERE custnum = ?') + or die dbh->errstr; + + $sth->execute($custnum) or die $sth->errstr; + + $agentnum = $sth->fetchrow_arrayref->[0] + or die "no agentnum for custnum $custnum"; + + #} elsif ( $context eq 'agent' ) { + } elsif ( defined($p->{'agentnum'}) and $p->{'agentnum'} =~ /^(\d+)$/ ) { + $agentnum = $1; + } + $p->{'agentnum'} = $agentnum; + + my $menu = $conf->config("ng_selfservice-menu", $agentnum ); + + my $allowed_pages = _menu($domain,$menu); + + my %allowed; + my @lines = split /\n/, $allowed_pages; + foreach my $line (@lines) { + chomp; # remove newlines + $line =~ s/^\s+//; # remove leading whitespace + next unless length($line); + my (@pages) = split(/ /, $line, 2); + $allowed{$pages[0]} = $pages[1]; + } + + $error = "You do not have access to the page ".$allowed{$p->{page}} unless $allowed{$p->{page}}; + + return { 'error' => $error, }; + +} + +sub _menu { + my $p = shift; + my $m = shift; + + my $menu; + + if ($p eq 'ip_mac') { + $menu = 'main.php Home + + payment.php Payments + payment_cc.php Credit Card Payment + payment_ach.php Electronic Check Payment + payment_paypal.php PayPal Payment + payment_webpay.php Webpay Payments + + docs.php FAQs + + logout.php Logout + '; + } + else { + $menu = join("\n", $m ) || 'main.php Home services.php Services @@ -165,16 +261,31 @@ sub skin_info { docs.php FAQs logout.php Logout - ', - }; + '; + } + return $menu; +} - _cache->set("skin_info_cache_agent$agentnum", $skin_info_cache_agent); +sub get_mac_address { + my $p = shift; - } +## access radius exports acct tables to get mac + my @part_export = (); + @part_export = ( + qsearch( 'part_export', { 'exporttype' => 'sqlradius' } ), + qsearch( 'part_export', { 'exporttype' => 'sqlradius_withdomain' } ), + qsearch( 'part_export', { 'exporttype' => 'broadband_sqlradius' } ), + ); - #{ %$skin_info_cache_agent }; - $skin_info_cache_agent; + my @sessions; + foreach my $part_export (@part_export) { + push @sessions, ( @{ $part_export->usage_sessions( { + 'ip' => $p->{'ip'}, + 'session_status' => 'open', + } ) } ); + } + return { 'mac_address' => $sessions[0]->{'callingstationid'}, }; } sub login_info { @@ -184,8 +295,8 @@ sub login_info { my %info = ( %{ skin_info($p) }, - 'phone_login' => $conf->exists('selfservice_server-phone_login'), - 'single_domain'=> scalar($conf->config('selfservice_server-single_domain')), + 'phone_login' => $conf->exists('selfservice_server-phone_login'), + 'single_domain' => scalar($conf->config('selfservice_server-single_domain')), 'banner_url' => scalar($conf->config('selfservice-login_banner_url')), 'banner_image_md5' => md5_hex($conf->config_binary('selfservice-login_banner_image')), @@ -230,6 +341,22 @@ sub login { $svc_x = $svc_phone; + } elsif ( $p->{'domain'} eq 'ip_mac' ) { + + return { error => 'MAC address empty '.$p->{'username'} } + unless $p->{'username'}; + + my $mac_address = $p->{'username'}; + $mac_address =~ s/[\:\,\-\. ]//g; + $mac_address =~ tr/[a-z]/[A-Z/; + + my $svc_broadband = qsearchs( 'svc_broadband', { 'mac_addr' => $mac_address } ); + return { error => 'MAC address not found '.$p->{'username'} } + unless $svc_broadband; + $svc_x = $svc_broadband; + + $session->{'domain'} = $p->{'domain'}; + } elsif ( $p->{email} && (my $contact = FS::contact->by_selfservice_email($p->{email})) ) @@ -237,6 +364,8 @@ sub login { return { error => 'Incorrect contact password.' } unless $contact->authenticate_password($p->{'password'}); + $session->{'contactnum'} = $contact->contactnum; + $session->{'custnum'} = $contact->custnum; } else { @@ -246,16 +375,39 @@ sub login { my $svc_domain = qsearchs('svc_domain', { 'domain' => $p->{'domain'} } ) or return { error => 'Domain '. $p->{'domain'}. ' not found' }; - my $svc_acct = qsearchs( 'svc_acct', { 'username' => $p->{'username'}, - 'domsvc' => $svc_domain->svcnum, } - ); - return { error => 'User not found.' } unless $svc_acct; + my @svc_acct = qsearch( 'svc_acct', { 'username' => $p->{'username'}, + 'domsvc' => $svc_domain->svcnum, } + ); - if($conf->exists('selfservice_server-login_svcpart')) { - my @svcpart = $conf->config('selfservice_server-login_svcpart'); - my $svcpart = $svc_acct->cust_svc->svcpart; - return { error => 'Invalid user.' } - unless grep($_ eq $svcpart, @svcpart); + if ( $conf->exists('selfservice_server-login_svcpart') ) { + my @svcpart = $conf->config('selfservice_server-login_svcpart'); + @svc_acct = grep { my $svcpart = $_->cust_svc->svcpart; + scalar( grep( $_ eq $svcpart, @svcpart ) ); + } + @svc_acct; + } + + if ( $conf->exists('selfservice_server-primary_only') ) { + @svc_acct = + grep { + my $cust_svc = $_->cust_svc; + $cust_svc->cust_pkg->part_pkg->svcpart([qw( svc_acct svc_phone )]) + == $cust_svc->svcpart + } + @svc_acct; + } + + return { error => 'User not found.' } unless @svc_acct; + + #return { error => 'Multiple users.' } if scalar(@svc_acct) > 1; + + my $svc_acct = $svc_acct[0]; + + if ( $conf->exists('selfservice_server-login_svcpart') ) { + my @svcpart = $conf->config('selfservice_server-login_svcpart'); + my $svcpart = $svc_acct->cust_svc->svcpart; + return { error => 'Invalid user.' } + unless grep($_ eq $svcpart, @svcpart); } return { error => 'Incorrect password.' } @@ -303,16 +455,18 @@ sub login { return { 'error' => '', 'session_id' => $session_id, + %$session, }; } sub logout { my $p = shift; + my $skin_info = skin_info($p); if ( $p->{'session_id'} ) { _cache->remove($p->{'session_id'}); - return { %{ skin_info($p) }, 'error' => '' }; + return { %$skin_info, 'error' => '' }; } else { - return { %{ skin_info($p) }, 'error' => "Can't resume session" }; #better error message + return { %$skin_info, 'error' => "Can't resume session" }; #better error message } } @@ -439,11 +593,13 @@ sub customer_info { if ( $session->{'pkgnum'} ) { #XXX open invoices in the pkg-balances case } else { + $return{'money_char'} = $conf->config("money_char") || '$'; my @open = map { { - invnum => $_->invnum, - date => time2str("%b %o, %Y", $_->_date), - owed => $_->owed, + invnum => $_->invnum, + date => time2str("%b %o, %Y", $_->_date), + owed => $_->owed, + charged => $_->charged, }; } $cust_main->open_cust_bill; $return{open_invoices} = \@open; @@ -548,6 +704,7 @@ sub customer_info_short { $return{next_bill_date} ? time2str('%m/%d/%Y', $return{next_bill_date} ) : '(none)'; } + $return{balance_pretty} = money_pretty($return{balance}); $return{countrydefault} = scalar($conf->config('countrydefault')); @@ -565,6 +722,8 @@ sub customer_info_short { for (@cust_main_editable_fields) { $return{$_} = $cust_main->get($_); } + $return{$_} = $cust_main->masked($_) for qw/ss stateid/; + #maybe a little more expensive, but it should be cached by now for (@location_editable_fields) { $return{$_} = $cust_main->bill_location->get($_); @@ -599,6 +758,34 @@ sub customer_info_short { } + # this is here because this routine is called by both fs_ and ng_ main pages, where it appears + # it is not customer-specific, though it is only shown to authenticated customers + # it is not currently agent-specific, though at some point it might be + $return{'announcement'} = join(' ',$conf->config('selfservice-announcement')) || ''; + + return { 'error' => '', + 'custnum' => $custnum, + %return, + }; +} + +sub customer_recurring { + my $p = shift; + + my($context, $session, $custnum) = _custoragent_session_custnum($p); + return { 'error' => $session } if $context eq 'error'; + + my %return; + + my $conf = new FS::Conf; + + my $search = { 'custnum' => $custnum }; + $search->{'agentnum'} = $session->{'agentnum'} if $context eq 'agent'; + my $cust_main = qsearchs('cust_main', $search ) + or return { 'error' => "customer_info_short: unknown custnum $custnum" }; + + $return{'display_recurring'} = [ $cust_main->display_recurring ]; + return { 'error' => '', 'custnum' => $custnum, %return, @@ -627,78 +814,22 @@ sub billing_history { } $return{balance} = $cust_main->balance; + $return{balance_pretty} = money_pretty($return{balance}); $return{next_bill_date} = $cust_main->next_bill_date; $return{next_bill_date_pretty} = $return{next_bill_date} ? time2str('%m/%d/%Y', $return{next_bill_date} ) : '(none)'; - my @history = (); - my $conf = new FS::Conf; - if ( $conf->exists('selfservice-billing_history-line_items') ) { - - foreach my $cust_bill ( $cust_main->cust_bill ) { - - push @history, { - 'type' => 'Line item', - 'description' => $_->desc( $cust_main->locale ). - ( $_->sdate && $_->edate - ? ' '. time2str('%d-%b-%Y', $_->sdate). - ' To '. time2str('%d-%b-%Y', $_->edate) - : '' - ), - 'amount' => sprintf('%.2f', $_->setup + $_->recur ), - 'date' => $cust_bill->_date, - 'date_pretty' => time2str('%m/%d/%Y', $cust_bill->_date ), - } - foreach $cust_bill->cust_bill_pkg; - - } - - } else { + $return{'history'} = [ + $cust_main->payment_history( + 'line_items' => $conf->exists('selfservice-billing_history-line_items'), + 'reverse_sort' => 1, + ) + ]; - push @history, { - 'type' => 'Invoice', - 'description' => 'Invoice #'. $_->display_invnum, - 'amount' => sprintf('%.2f', $_->charged ), - 'date' => $_->_date, - 'date_pretty' => time2str('%m/%d/%Y', $_->_date ), - } - foreach $cust_main->cust_bill; - - } - - push @history, { - 'type' => 'Payment', - 'description' => 'Payment', #XXX type - 'amount' => sprintf('%.2f', 0 - $_->paid ), - 'date' => $_->_date, - 'date_pretty' => time2str('%m/%d/%Y', $_->_date ), - } - foreach $cust_main->cust_pay; - - push @history, { - 'type' => 'Credit', - 'description' => 'Credit', #more info? - 'amount' => sprintf('%.2f', 0 -$_->amount ), - 'date' => $_->_date, - 'date_pretty' => time2str('%m/%d/%Y', $_->_date ), - } - foreach $cust_main->cust_credit; - - push @history, { - 'type' => 'Refund', - 'description' => 'Refund', #more info? type, like payment? - 'amount' => $_->refund, - 'date' => $_->_date, - 'date_pretty' => time2str('%m/%d/%Y', $_->_date ), - } - foreach $cust_main->cust_refund; - - @history = sort { $b->{'date'} <=> $a->{'date'} } @history; - - $return{'history'} = \@history; + $return{'money_char'} = $conf->config("money_char") || '$', return \%return; @@ -715,6 +846,11 @@ sub edit_info { my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } ) or return { 'error' => "unknown custnum $custnum" }; + my $conf = new FS::Conf; + if (($p->{payby} eq "CHEK" || $p->{payby} eq "DCHK") && $conf->exists('selfservice-ACH_info_readonly')) { + return { 'error' => "You do not have authority to add a bank account" }; + } + my $new = new FS::cust_main { $cust_main->hash }; $new->set( $_ => $p->{$_} ) @@ -749,24 +885,22 @@ sub edit_info { $payby = $1; } - my $conf = new FS::Conf; - if ( $payby =~ /^(CARD|DCRD)$/ ) { $new->paydate($p->{'year'}. '-'. $p->{'month'}. '-01'); if ( $new->payinfo eq $cust_main->paymask ) { $new->payinfo($cust_main->payinfo); + $new->paycvv( $p->{'paycvv'} || $cust_main->paycvv ); } else { $new->payinfo($p->{'payinfo'}); + return { 'error' => 'CVV2 is required' } + if ! $p->{'paycvv'} && $conf->exists('selfservice-onfile_require_cvv'); + $new->paycvv( $p->{'paycvv'} ) } $new->set( 'payby' => $p->{'auto'} ? 'CARD' : 'DCRD' ); - if ( $conf->exists('selfservice-onfile_require_cvv') ){ - return { 'error' => 'CVV2 is required' } unless $p->{'paycvv'}; - } - } elsif ( $payby =~ /^(CHEK|DCHK)$/ ) { my $payinfo; @@ -860,8 +994,8 @@ sub payment_info { 'show_paystate' => $conf->exists('show_bankstate'), 'save_unchecked' => $conf->exists('selfservice-save_unchecked'), + 'ach_read_only' => $conf->exists('selfservice-ACH_info_readonly'), - 'credit_card_surcharge_percentage' => scalar($conf->config('credit-card-surcharge-percentage')), }; } @@ -872,6 +1006,8 @@ sub payment_info { my %return = %$payment_info; + delete $return{'cust_main_county'} if $p->{'omit_cust_main_county'}; + my $custnum = $session->{'custnum'}; my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } ) @@ -922,6 +1058,9 @@ sub payment_info { $return{payunique} = "webui-MyAccount-$_date-$$-". rand() * 2**32; #new $return{paybatch} = $return{payunique}; #back compat + $return{credit_card_surcharge_percentage} = $conf->config('credit-card-surcharge-percentage', $cust_main->agentnum); + $return{credit_card_surcharge_flatfee} = $conf->config('credit-card-surcharge-flatfee', $cust_main->agentnum); + return { 'error' => '', %return, }; @@ -1000,6 +1139,16 @@ sub validate_payment { $payinfo = $cust_main->payinfo if $cust_main->paymask eq $payinfo; + + my $achonfile = 0; + if ( $cust_main->paymask eq $payinfo ) { + $payinfo = $cust_main->payinfo; + $achonfile = 1; + } + + if ($conf->exists('selfservice-ACH_info_readonly') && !$achonfile) { + return { 'error' => "You are not allowed to change your payment information." }; + } } elsif ( $payby eq 'CARD' || $payby eq 'DCRD' ) { @@ -1128,36 +1277,6 @@ sub do_process_payment { my $payby = delete $validate->{'payby'}; - my $error = $cust_main->realtime_bop( $FS::payby::payby2bop{$payby}, $amount, - 'quiet' => 1, - 'selfservice' => 1, - 'paynum_ref' => \$paynum, - %$validate, - ); - return { 'error' => $error } if $error; - - #no error, so order the fee package if applicable... - my $conf = new FS::Conf; - my $fee_pkgpart = $conf->config('selfservice_process-pkgpart', $cust_main->agentnum); - my $fee_skip_first = $conf->exists('selfservice_process-skip_first'); - - if ( $fee_pkgpart and ! $fee_skip_first || scalar($cust_main->cust_pay) ) { - - my $cust_pkg = new FS::cust_pkg { 'pkgpart' => $fee_pkgpart }; - - $error = $cust_main->order_pkg( 'cust_pkg' => $cust_pkg ); - return { 'error' => "payment processed successfully, but error ordering fee: $error" } - if $error; - - #and generate an invoice for it now too - $error = $cust_main->bill( 'pkg_list' => [ $cust_pkg ] ); - return { 'error' => "payment processed and fee ordered sucessfully, but error billing fee: $error" } - if $error; - - } - - $cust_main->apply_payments; - if ( $validate->{'save'} ) { my $new = new FS::cust_main { $cust_main->hash }; if ($payby eq 'CARD' || $payby eq 'DCRD') { @@ -1178,7 +1297,7 @@ sub do_process_payment { stateid stateid_state ); $new->set( 'payby' => $validate->{'auto'} ? 'CHEK' : 'DCHK' ); } - $new->set( 'payinfo' => $cust_main->card_token || $validate->{'payinfo'} ); + $new->payinfo( $validate->{'payinfo'} ); #to properly set paymask $new->set( 'paydate' => $validate->{'paydate'} ); my $error = $new->replace($cust_main); if ( $error ) { @@ -1186,18 +1305,48 @@ sub do_process_payment { #return { 'error' => $error }; #XXX just warn verosely for now so i can figure out how these happen in # the first place, eventually should redirect them to the "change - #address" page but indicate the payment did process?? + #address" page but indicate if the payment processed? delete($validate->{'payinfo'}); #don't want to log this! warn "WARNING: error changing customer info when processing payment (not returning to customer as a processing error): $error\n". "NEW: ". Dumper($new)."\n". "OLD: ". Dumper($cust_main)."\n". "PACKET: ". Dumper($validate)."\n"; - #} else { - #not needed... - #$cust_main = $new; + } else { + $cust_main = $new; } } + my $error = $cust_main->realtime_bop( $FS::payby::payby2bop{$payby}, $amount, + 'quiet' => 1, + 'manual' => 1, + 'selfservice' => 1, + 'paynum_ref' => \$paynum, + %$validate, + ); + return { 'error' => $error } if $error; + + #no error, so order the fee package if applicable... + my $conf = new FS::Conf; + my $fee_pkgpart = $conf->config('selfservice_process-pkgpart', $cust_main->agentnum); + my $fee_skip_first = $conf->exists('selfservice_process-skip_first'); + + if ( $fee_pkgpart and ! $fee_skip_first || scalar($cust_main->cust_pay) ) { + + my $cust_pkg = new FS::cust_pkg { 'pkgpart' => $fee_pkgpart }; + + $error = $cust_main->order_pkg( 'cust_pkg' => $cust_pkg ); + return { 'error' => "payment processed successfully, but error ordering fee: $error" } + if $error; + + #and generate an invoice for it now too + $error = $cust_main->bill( 'pkg_list' => [ $cust_pkg ] ); + return { 'error' => "payment processed and fee ordered successfully, but error billing fee: $error" } + if $error; + + } + + $cust_main->apply_payments; + my $cust_pay = ''; my $receipt_html = ''; if ($paynum) { @@ -1549,25 +1698,31 @@ sub list_invoices { my @cust_bill = grep ! $_->hide, $cust_main->cust_bill; my $balance = 0; + my $invoices = [ + map { + #not super efficient, we also run cust_bill_pay/cust_credited inside owed + my @payments_and_credits = sort {$b->_date <=> $a->_date} ($_->cust_bill_pay,$_->cust_credited); + my $owed = $_->owed; + $balance += $owed; + +{ 'invnum' => $_->invnum, + '_date' => $_->_date, + 'date' => time2str("%b %o, %Y", $_->_date), + 'date_short' => time2str("%m-%d-%Y", $_->_date), + 'previous' => sprintf('%.2f', ($_->previous)[0]), + 'charged' => sprintf('%.2f', $_->charged), + 'owed' => sprintf('%.2f', $owed), + 'balance' => sprintf('%.2f', $balance), + 'lastpay' => @payments_and_credits + ? time2str("%b %o, %Y", $payments_and_credits[0]->_date) + : '', + } + } @cust_bill + ]; return { 'error' => '', 'balance' => $cust_main->balance, - 'invoices' => [ - map { - my $owed = $_->owed; - $balance += $owed; - +{ 'invnum' => $_->invnum, - '_date' => $_->_date, - 'date' => time2str("%b %o, %Y", $_->_date), - 'date_short' => time2str("%m-%d-%Y", $_->_date), - 'previous' => sprintf('%.2f', ($_->previous)[0]), - 'charged' => sprintf('%.2f', $_->charged), - 'owed' => sprintf('%.2f', $owed), - 'balance' => sprintf('%.2f', $balance), - } - } - @cust_bill - ], + 'money_char' => $conf->config("money_char") || '$', + 'invoices' => $invoices, 'legacy_invoices' => [ map { +{ 'legacyinvnum' => $_->legacyinvnum, @@ -1585,6 +1740,164 @@ sub list_invoices { }; } +sub list_payments { + my $p = shift; + my $session = _cache->get($p->{'session_id'}) + or return { 'error' => "Can't resume session" }; #better error message + + my $custnum = $session->{'custnum'}; + + my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } ) + or return { 'error' => "unknown custnum $custnum" }; + + return { 'error' => '', + 'balance' => $cust_main->balance, + 'money_char' => FS::Conf->new->config("money_char") || '$', + 'payments' => [ map $_->SSAPI_getinfo, $cust_main->cust_pay ], + }; +} + +sub payment_receipt { + my $p = shift; + my $session = _cache->get($p->{'session_id'}) + or return { 'error' => "Can't resume session" }; #better error message + + my $custnum = $session->{'custnum'}; + + my $cust_pay = qsearchs('cust_pay', { 'custnum' => $custnum, + 'paynum' => $p->{'paynum'}, + } + ) + or return { 'error' => "unknown payment ". $p->{'paynum'} }; + + return { + 'error' => '', + %{ $cust_pay->SSAPI_getinfo }, + }; +} + +sub list_payby { + my $p = shift; + + my($context, $session, $custnum) = _custoragent_session_custnum($p); + return { 'error' => $session } if $context eq 'error'; + + my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } ) + or return { 'error' => "unknown custnum $custnum" }; + + return { + 'payby' => [ map { + my $cust_payby = $_; + +{ + map { $_ => $cust_payby->$_ } + qw( custpaybynum weight payby paymask paydate + payname paystate paytype + ) + }; + } + $cust_main->cust_payby + ], + }; +} + +sub insert_payby { + my $p = shift; + + my($context, $session, $custnum) = _custoragent_session_custnum($p); + return { 'error' => $session } if $context eq 'error'; + + #XXX payinfo1 + payinfo2 for CHEK? + #or take the opportunity to use separate, more well- named fields? + # my $payinfo; + # $p->{'payinfo1'} =~ /^([\dx]+)$/ + # or return { 'error' => "illegal account number ". $p->{'payinfo1'} }; + # my $payinfo1 = $1; + # $p->{'payinfo2'} =~ /^([\dx\.]+)$/ # . turned on by echeck-country CA ? + # or return { 'error' => "illegal ABA/routing number ". $p->{'payinfo2'} }; + # my $payinfo2 = $1; + # $payinfo = $payinfo1. '@'. $payinfo2; + + my $cust_payby = new FS::cust_payby { + 'custnum' => $custnum, + map { $_ => $p->{$_} } qw( weight payby payinfo paycvv paydate payname + paystate paytype payip + ), + }; + + my $error = $cust_payby->insert; + if ( $error ) { + return { 'error' => $error }; + } else { + return { 'custpaybynum' => $cust_payby->custpaybynum }; + } + +} + +sub update_payby { + my $p = shift; + + my($context, $session, $custnum) = _custoragent_session_custnum($p); + return { 'error' => $session } if $context eq 'error'; + + my $cust_payby = qsearchs('cust_payby', { + 'custnum' => $custnum, + 'custpaybynum' => $p->{'custpaybynum'}, + }) + or return { 'error' => 'unknown custpaybynum '. $p->{'custpaybynum'} }; + + foreach my $field ( + qw( weight payby payinfo paycvv paydate payname paystate paytype payip ) + ) { + next unless exists($p->{$field}); + $cust_payby->set($field,$p->{$field}); + } + + my $error = $cust_payby->replace; + if ( $error ) { + return { 'error' => $error }; + } else { + return { 'custpaybynum' => $cust_payby->custpaybynum }; + } + +} + +sub verify_payby { + my $p = shift; + + my($context, $session, $custnum) = _custoragent_session_custnum($p); + return { 'error' => $session } if $context eq 'error'; + + my $cust_payby = qsearchs('cust_payby', { + 'custnum' => $custnum, + 'custpaybynum' => $p->{'custpaybynum'}, + }) + or return { 'error' => 'unknown custpaybynum '. $p->{'custpaybynum'} }; + + return { 'error' => $cust_payby->verify }; + +} + +sub delete_payby { + my $p = shift; + + my($context, $session, $custnum) = _custoragent_session_custnum($p); + return { 'error' => $session } if $context eq 'error'; + + my $cust_payby = qsearchs('cust_payby', { + 'custnum' => $custnum, + 'custpaybynum' => $p->{'custpaybynum'}, + }) + or return { 'error' => 'unknown custpaybynum '. $p->{'custpaybynum'} }; + + my $conf = new FS::Conf; + if (($cust_payby->payby eq "DCHK" || $cust_payby->payby eq "CHEK") && $conf->exists('selfservice-ACH_info_readonly')) { + return { 'error' => "Sorry you do not have permission to delete bank information." }; + } + else { + return { 'error' => $cust_payby->delete }; + } +} + sub cancel { my $p = shift; my $session = _cache->get($p->{'session_id'}) @@ -1603,6 +1916,30 @@ sub cancel { } +sub pkg_info { + my $p = shift; + + my($context, $session, $custnum) = _custoragent_session_custnum($p); + return { 'error' => $session } if $context eq 'error'; + + my $pkg = qsearchs({ + 'table' => 'cust_pkg', + 'addl_from' => 'LEFT JOIN part_pkg USING ( pkgpart )', + 'hashref' => { + 'custnum' => $custnum, + 'pkgnum' => $p->{'pkgnum'}, + }, + }) + or return {'error' => 'unknown pkg num $pkgnum'}; + + return { + pkg_label => $pkg->pkg, + pkgpart => $pkg->pkgpart, + classnum => $pkg->classnum, + }; + +} + sub list_pkgs { my $p = shift; @@ -1761,6 +2098,7 @@ sub list_svcs { # @svc_x; my @svcs; # stuff to return to the client + my %bytes_used_total; # for _used columns only foreach my $cust_svc (@cust_svc) { my $svc_x = $cust_svc->svc_x; my($label, $value) = $cust_svc->label; @@ -1782,6 +2120,24 @@ sub list_svcs { # would it make sense to put this in a svc_* method? + if (!$hide_usage and grep(/^$svcdb$/, qw(svc_acct svc_broadband)) and $part_svc->part_export_usage) { + my $last_bill = $cust_pkg->last_bill || 0; + my $now = time; + my $up_used = $cust_svc->attribute_since_sqlradacct($last_bill,$now,'AcctInputOctets'); + my $down_used = $cust_svc->attribute_since_sqlradacct($last_bill,$now,'AcctOutputOctets'); + %hash = ( + %hash, + 'seconds_used' => $cust_svc->seconds_since_sqlradacct($last_bill,$now), + 'upbytes_used' => display_bytecount($up_used), + 'downbytes_used' => display_bytecount($down_used), + 'totalbytes_used' => display_bytecount($up_used + $down_used) + ); + $bytes_used_total{'seconds_used'} += $hash{'seconds_used'}; + $bytes_used_total{'upbytes_used'} += $up_used; + $bytes_used_total{'downbytes_used'} += $down_used; + $bytes_used_total{'totalbytes_used'} += $up_used + $down_used; + } + if ( $svcdb eq 'svc_acct' ) { foreach (qw(username email finger seconds)) { $hash{$_} = $svc_x->$_; @@ -1818,18 +2174,20 @@ sub list_svcs { } # no usage to hide here - } elsif ( $svcdb eq 'svc_phone' ) { + } elsif ( $svcdb eq 'svc_phone' or $svcdb eq 'svc_pbx' ) { if (!$hide_usage) { # could potentially show lots of things... $hash{'outbound'} = 1; $hash{'inbound'} = 0; - if ( $part_pkg->plan eq 'voip_inbound' ) { - $hash{'outbound'} = 0; - $hash{'inbound'} = 1; - } elsif ( $part_pkg->option('selfservice_inbound_format') - or $conf->config('selfservice-default_inbound_cdr_format') - ) { - $hash{'inbound'} = 1; + if ( $svcdb eq 'svc_phone' ) { + if ( $part_pkg->plan eq 'voip_inbound' ) { + $hash{'outbound'} = 0; + $hash{'inbound'} = 1; + } elsif ( $part_pkg->option('selfservice_inbound_format') + or $conf->config('selfservice-default_inbound_cdr_format') + ) { + $hash{'inbound'} = 1; + } } foreach (qw(inbound outbound)) { # hmm...we can't filter by status here, because there might @@ -1852,12 +2210,19 @@ sub list_svcs { push @svcs, \%hash; } # foreach $cust_svc + foreach my $field (keys %bytes_used_total) { + if ($field =~ /bytes/) { + $bytes_used_total{$field} = display_bytecount($bytes_used_total{$field}); + } + } + return { 'svcnum' => $session->{'svcnum'}, 'custnum' => $custnum, 'date_format' => $conf->config('date_format') || '%m/%d/%Y', 'view_usage_nodomain' => $conf->exists('selfservice-view_usage_nodomain'), 'svcs' => \@svcs, + 'bytes_used_total' => \%bytes_used_total, 'usage_pools' => [ map { $usage_pools{$_} } sort { $a cmp $b } @@ -2124,11 +2489,11 @@ sub _list_cdr_usage { # XXX CDR type support... # XXX any way to do a paged search on this? # we have to return the results all at once... - my($svc_phone, $begin, $end, %opt) = @_; + my($svc_x, $begin, $end, %opt) = @_; map [ $_->downstream_csv(%opt, 'keeparray' => 1) ], - $svc_phone->get_cdrs( - 'begin'=>$begin, - 'end'=>$end, + $svc_x->get_cdrs( + 'begin' => $begin, + 'end' => $end, 'disable_charged_party' => 1, %opt ); @@ -2136,9 +2501,7 @@ sub _list_cdr_usage { sub list_cdr_usage { my $p = shift; - _usage_details( \&_list_cdr_usage, $p, - 'svcdb' => 'svc_phone', - ); + _usage_details( \&_list_cdr_usage, $p ); } sub _usage_details { @@ -2155,17 +2518,17 @@ sub _usage_details { my $search = { 'svcnum' => $p->{'svcnum'} }; $search->{'agentnum'} = $session->{'agentnum'} if $context eq 'agent'; - my $svcdb = $opt{'svcdb'} || 'svc_acct'; - - my $svc_x = qsearchs( $svcdb, $search ); + my $cust_svc = qsearchs( 'cust_svc', $search ); return { 'error' => 'No service selected in list_svc_usage' } - unless $svc_x; + unless $cust_svc; - my $cust_pkg = $svc_x->cust_svc->cust_pkg; + my $svc_x = $cust_svc->svc_x; + my $svcdb = $svc_x->table; + my $cust_pkg = $cust_svc->cust_pkg; my $freq = $cust_pkg->part_pkg->freq; my %callback_opt; my $header = []; - if ( $svcdb eq 'svc_phone' ) { + if ( $svcdb eq 'svc_phone' or $svcdb eq 'svc_pbx' ) { my $format = ''; if ( $p->{inbound} ) { $format = $cust_pkg->part_pkg->option('selfservice_inbound_format') @@ -2266,11 +2629,23 @@ sub order_pkg { or return { 'error' => "unknown custnum $custnum" }; my $status = $cust_main->status; + + my %order_pkg_options = (); + if ( $p->{locationnum} > 0 ) { + $order_pkg_options{locationnum} = delete($p->{locationnum}); + } elsif ( $p->{address1} ) { + $order_pkg_options{'cust_location'} = new FS::cust_location { + map { $_ => $p->{$_} } + qw( address1 address2 city county state zip country ) + }; + } + #false laziness w/ClientAPI/Signup.pm my $cust_pkg = new FS::cust_pkg ( { - 'custnum' => $custnum, - 'pkgpart' => $p->{'pkgpart'}, + 'custnum' => $custnum, + 'pkgpart' => $p->{'pkgpart'}, + 'quantity' => $p->{'quantity'} || 1, } ); my $error = $cust_pkg->check; return { 'error' => $error } if $error; @@ -2329,17 +2704,18 @@ sub order_pkg { } - use Tie::RefHash; - tie my %hash, 'Tie::RefHash'; - %hash = ( $cust_pkg => \@svc ); - #msgcat - $error = $cust_main->order_pkgs( \%hash, 'noexport' => 1 ); + $error = $cust_main->order_pkg( + 'cust_pkg' => $cust_pkg, + 'svcs' => \@svc, + 'noexport' => 1, + %order_pkg_options, + ); return { 'error' => $error } if $error; my $conf = new FS::Conf; if ( $conf->exists('signup_server-realtime') ) { - my $bill_error = _do_bop_realtime( $cust_main, $status ); + my $bill_error = _do_bop_realtime( $cust_main, $status, 'collect'=>$p->{run_bill_events} ); if ($bill_error) { $cust_pkg->cancel('quiet'=>1); @@ -2382,29 +2758,33 @@ sub change_pkg { return { error=>"Can't change a suspended package", pkgnum=>$cust_pkg->pkgnum} if $cust_pkg->status eq 'suspended'; - my @newpkg; - my $error = FS::cust_pkg::order( $custnum, - [$p->{pkgpart}], - [$p->{pkgnum}], - \@newpkg, - ); + my $err_or_cust_pkg = $cust_pkg->change( 'pkgpart' => $p->{'pkgpart'}, + 'quantity' => $p->{'quantity'} || 1, + ); + + my $new_pkg = qsearchs('part_pkg', { 'pkgpart' => $p->{pkgpart} } ) + or return { 'error' => "unknown package $p->{pkgpart}" }; + + return { error=>$err_or_cust_pkg, pkgnum=>$cust_pkg->pkgnum } + unless ref($err_or_cust_pkg); + if ( $conf->exists('signup_server-realtime') ) { - my $bill_error = _do_bop_realtime( $cust_main, $status, 'no_credit'=>1 ); + my $bill_error = _do_bop_realtime( $cust_main, $status, 'no_invoice_void'=>1 ); if ($bill_error) { - $newpkg[0]->suspend; + $err_or_cust_pkg->suspend; return $bill_error; } else { - $newpkg[0]->reexport; + $err_or_cust_pkg->reexport; } } else { - $newpkg[0]->reexport; + $err_or_cust_pkg->reexport; } - return { error => '', pkgnum => $cust_pkg->pkgnum }; + return { error => '', pkg => $new_pkg->pkg, pkgnum => $err_or_cust_pkg->pkgnum }; } @@ -2465,35 +2845,45 @@ sub order_recharge { sub _do_bop_realtime { my ($cust_main, $status, %opt) = @_; - my $old_balance = $cust_main->balance; - - my $bill_error = $cust_main->bill - || $cust_main->apply_payments_and_credits; - - $bill_error ||= $cust_main->realtime_collect('selfservice' => 1) - if $cust_main->payby =~ /^(CARD|CHEK)$/; - - if ( $cust_main->balance > $old_balance - && $cust_main->balance > 0 - && ( $cust_main->payby !~ /^(BILL|DCRD|DCHK)$/ - || $status eq 'suspended' - ) - ) - { - unless ( $opt{'no_credit'} ) { - #this makes sense. credit is "un-doing" the invoice - my $conf = new FS::Conf; - $cust_main->credit( sprintf("%.2f", $cust_main->balance-$old_balance ), - 'self-service decline', - reason_type=>$conf->config('signup_credit_type'), - ); - $cust_main->apply_credits( 'order' => 'newest' ); + my $old_balance = $cust_main->balance; + + my @cust_bill; + my $bill_error = $cust_main->bill( + 'return_bill' => \@cust_bill, + ); + + $bill_error ||= $cust_main->apply_payments_and_credits; + + $bill_error ||= $cust_main->realtime_collect('selfservice' => 1) + if $cust_main->payby =~ /^(CARD|CHEK)$/; + + if ( $cust_main->balance > $old_balance + && $cust_main->balance > 0 + && ( $cust_main->payby !~ /^(BILL|DCRD|DCHK)$/ + || $status eq 'suspended' + ) + ) + { + unless ( $opt{'no_invoice_void'} ) { + + #this used to apply a credit, but now we can void invoices... + foreach my $cust_bill (@cust_bill) { + my $voiderror = $cust_bill->void('automatic payment failed'); + warn "Error voiding cust bill after decline: $voiderror" if $voiderror; } - return { 'error' => '_decline', 'bill_error' => $bill_error }; } - ''; + return { 'error' => '_decline', 'bill_error' => $bill_error }; + } + + if ( $opt{'collect'} ) { + my $collect_error = $cust_main->collect(); + return { 'error' => '_decline', 'bill_error' => $collect_error } + if $collect_error; #? + } + + ''; } sub renew_info { @@ -2599,27 +2989,27 @@ sub cancel_pkg { or return { 'error' => "Can't resume session" }; #better error message my $custnum = $session->{'custnum'}; - my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } ) or return { 'error' => "unknown custnum $custnum" }; my $pkgnum = $p->{'pkgnum'}; - my $cust_pkg = qsearchs('cust_pkg', { 'custnum' => $custnum, 'pkgnum' => $pkgnum, } ) or return { 'error' => "unknown pkgnum $pkgnum" }; - my $error = $cust_pkg->cancel('quiet' => 1); + my $error = $cust_pkg->cancel( 'quiet' => 1, + 'date' => $p->{'date'}, + ); return { 'error' => $error }; - } sub provision_phone { - my $p = shift; - my @bulkdid; - @bulkdid = @{$p->{'bulkdid'}} if $p->{'bulkdid'}; + my $p = shift; + my @bulkdid; + @bulkdid = @{$p->{'bulkdid'}} if $p->{'bulkdid'}; - if($p->{'svcnum'} && $p->{'svcnum'} =~ /^\d+$/){ + #editing an existing phone number + if ( $p->{'svcnum'} && $p->{'svcnum'} =~ /^\d+$/ ) { my($context, $session, $custnum) = _custoragent_session_custnum($p); return { 'error' => $session } if $context eq 'error'; @@ -2636,8 +3026,8 @@ sub provision_phone { return { 'error' => $svc_phone->replace }; } -# single DID LNP - unless($p->{'lnp'}) { + # single DID LNP + unless ( $p->{'lnp'} ) { $p->{'lnp_desired_due_date'} = parse_datetime($p->{'lnp_desired_due_date'}); $p->{'lnp_status'} = "portingin"; return _provision( 'FS::svc_phone', @@ -2647,19 +3037,19 @@ sub provision_phone { $p, @_ ); - } + } -# single DID order - unless (scalar(@bulkdid)) { + # single DID order (the usual case) + unless (scalar(@bulkdid)) { return _provision( 'FS::svc_phone', [qw(phonenum countrycode)], [qw(phonenum countrycode)], $p, @_ ); - } + } -# bulk DID order case + # bulk DID order case my $error; foreach my $did ( @bulkdid ) { $did =~ s/[^0-9]//g; @@ -2679,6 +3069,21 @@ sub provision_phone { { 'bulkdid' => [ @bulkdid ], 'svc' => $error->{'svc'} } } +sub provision_pbx { + my $p = shift; + warn "provision_pbx called\n" + if $DEBUG; + + warn "provision_pbx calling _provision\n" + if $DEBUG; + _provision( 'FS::svc_pbx', + [qw(id title max_extensions max_simultaneous ip_addr)], + [qw(id title max_extensions max_simultaneous ip_addr)], + $p, + @_ + ); +} + sub provision_acct { my $p = shift; warn "provision_acct called\n" @@ -2717,6 +3122,15 @@ sub provision_external { ); } +sub provision_forward { + my $p = shift; + _provision( 'FS::svc_forward', + ['srcsvc','src','dstsvc','dst'], + [], + $p, + ); +} + sub _provision { my( $class, $fields, $return_fields, $p ) = splice(@_, 0, 4); warn "_provision called for $class\n" @@ -2744,6 +3158,9 @@ sub _provision { my $part_svc = qsearchs('part_svc', { 'svcpart' => $p->{'svcpart'} } ) or return { 'error' => "unknown svcpart $p->{'svcpart'}" }; + return { error=> 'svcpart '. $p->{'svcpart'}. " is not a $class definition" } + if $class ne 'FS::'. $part_svc->svcdb; + warn "creating $class record\n" if $DEBUG; my $svc_x = $class->new( { @@ -2751,9 +3168,21 @@ sub _provision { 'svcpart' => $p->{'svcpart'}, map { $_ => $p->{$_} } @$fields } ); + + my %insert_args = (); + #i shouldn't be a special case here (pass an option or something) + if ( $class eq 'FS::svc_phone' + && grep length($p->{$_}), @location_editable_fields + ) + { + $insert_args{'cust_location'} = new FS::cust_location { + map { $_ => $p->{$_} } @location_editable_fields + }; + } + warn "inserting $class record\n" if $DEBUG; - my $error = $svc_x->insert; + my $error = $svc_x->insert(%insert_args); unless ( $error ) { warn "finding inserted record for svcnum ". $svc_x->svcnum. "\n" @@ -2827,6 +3256,10 @@ sub part_svc_info { } } + if ($ret->{'svcdb'} eq 'svc_forward') { + $ret->{'forward_emails'} = {$cust_pkg->forward_emails()}; + } + $ret; } @@ -2896,13 +3329,9 @@ sub myaccount_passwd { ) && ! $svc_acct->check_password($p->{'old_password'}); - $error = 'Password too short.' - if length($p->{'new_password'}) < ($conf->config('passwordmin') || 6); - $error = 'Password too long.' - if length($p->{'new_password'}) > ($conf->config('passwordmax') || 8); - - $svc_acct->set_password($p->{'new_password'}); - $error ||= $svc_acct->replace(); + $error ||= $svc_acct->is_password_allowed($p->{'new_password'}) + || $svc_acct->set_password($p->{'new_password'}) + || $svc_acct->replace(); #regular pw change in self-service should change contact pw too, otherwise its #way too confusing. hell its confusing they're separate at all, but alas. @@ -2911,6 +3340,8 @@ sub myaccount_passwd { my $contact = FS::contact->by_selfservice_email($svc_acct->email); if ( $contact && $contact->custnum == $custnum ) { #svc_acct was successful but this one returns an error? "shouldn't happen" + #don't recheck is_password_allowed here; if the svc_acct password was + #legal, that's good enough $error ||= $contact->change_password($p->{'new_password'}); } @@ -2923,53 +3354,6 @@ sub myaccount_passwd { } -# sub contact_passwd { -# my $p = shift; -# my($context, $session, $custnum) = _custoragent_session_custnum($p); -# return { 'error' => $session } if $context eq 'error'; -# -# return { 'error' => 'Not logged in as a contact.' } -# unless $session->{'contactnum'}; -# -# return { 'error' => "New passwords don't match." } -# if $p->{'new_password'} ne $p->{'new_password2'}; -# -# return { 'error' => 'Enter new password' } -# unless length($p->{'new_password'}); -# -# #my $search = { 'custnum' => $custnum }; -# #$search->{'agentnum'} = $session->{'agentnum'} if $context eq 'agent'; -# $custnum =~ /^(\d+)$/ or die "illegal custnum"; -# my $search = " AND selfservice_access IS NOT NULL ". -# " AND selfservice_access = 'Y' ". -# " AND ( disabled IS NULL OR disabled = '' )". -# " AND custnum IS NOT NULL AND custnum = $1"; -# $search .= " AND agentnum = ". $session->{'agentnum'} if $context eq 'agent'; -# -# my $contact = qsearchs( { -# 'table' => 'contact', -# 'addl_from' => 'LEFT JOIN cust_main USING ( custnum ) ', -# 'hashref' => { 'contactnum' => $session->{'contactnum'}, }, -# 'extra_sql' => $search, #important -# } ) -# or return { 'error' => "Email not found" }; #? how did we get logged in? -# # deleted since then? -# -# my $error = ''; -# -# # use these svc_acct length restrictions?? -# my $conf = new FS::Conf; -# $error = 'Password too short.' -# if length($p->{'new_password'}) < ($conf->config('passwordmin') || 6); -# $error = 'Password too long.' -# if length($p->{'new_password'}) > ($conf->config('passwordmax') || 8); -# -# $error ||= $contact->change_password($p->{'new_password'}); -# -# return { 'error' => $error, }; -# -# } - sub reset_passwd { my $p = shift; @@ -2993,7 +3377,7 @@ sub reset_passwd { my($username, $domain) = split('@', $p->{'email'}); my $svc_domain = qsearchs('svc_domain', { 'domain' => $domain } ); if ( $svc_domain ) { - $svc_acct = qsearchs('svc_acct', { 'username' => $p->{'username'}, + $svc_acct = qsearchs('svc_acct', { 'username' => $username, 'domsvc' => $svc_domain->svcnum } ); if ( $svc_acct ) { @@ -3078,7 +3462,7 @@ sub reset_passwd { my $reset_session = { 'svcnum' => $svc_acct->svcnum, - 'agentnum' => + 'agentnum' => $svc_acct->cust_main->agentnum, }; my $timeout = '1 hour'; #? @@ -3213,8 +3597,9 @@ sub process_reset_passwd { if ( $svc_acct ) { - $svc_acct->set_password($p->{'new_password'}); - my $error = $svc_acct->replace(); + my $error ||= $svc_acct->is_password_allowed($p->{'new_password'}) + || $svc_acct->set_password($p->{'new_password'}) + || $svc_acct->replace(); return { %$info, 'error' => $error } if $error; @@ -3228,7 +3613,8 @@ sub process_reset_passwd { if ( $contact ) { - my $error = $contact->change_password($p->{'new_password'}); + my $error = $contact->is_password_allowed($p->{'new_password'}) + || $contact->change_password($p->{'new_password'}); return { %$info, 'error' => $error }; # if $error; @@ -3241,6 +3627,52 @@ sub process_reset_passwd { } +sub validate_passwd { + my $p = shift; + + my %result; + %result = ( 'fieldid' => $p->{'fieldid'} ) + if $p->{'fieldid'} =~ /^\w+$/; + + return { %result, 'password_invalid' => 'Enter new password' } + unless length($p->{'check_password'}); + + my $svc_acct; + if ($p->{'svcnum'}) { + # false laziness with myaccount_passwd + my($context, $session, $custnum) = _custoragent_session_custnum($p); + return { %result, 'error' => $session } if $context eq 'error'; + + $custnum =~ /^(\d+)$/ or die "illegal custnum"; + my $search = " AND custnum = $1"; + $search .= " AND agentnum = ". $session->{'agentnum'} if $context eq 'agent'; + + $svc_acct = qsearchs( { + 'table' => 'svc_acct', + 'addl_from' => 'LEFT JOIN cust_svc USING ( svcnum ) '. + 'LEFT JOIN cust_pkg USING ( pkgnum ) '. + 'LEFT JOIN cust_main USING ( custnum ) ', + 'hashref' => { 'svcnum' => $p->{'svcnum'}, }, + 'extra_sql' => $search, #important + } ) + or return { %result, 'error' => "Service not found" }; + # end false laziness + } + + unless ($svc_acct) { + my $conf = new FS::Conf; + my $agentnum = $p->{'agentnum'}; + return { %result, 'password_valid' => 1 } + if $conf->config_bool('password-insecure', $p->{'agentnum'}); + } + + $svc_acct ||= new FS::svc_acct {}; + + my $error = $svc_acct->is_password_allowed($p->{'check_password'}); + return { %result, 'password_invalid' => $error } if $error; + return { %result, 'password_valid' => 1 }; +} + sub list_tickets { my $p = shift; my($context, $session, $custnum) = _custoragent_session_custnum($p); @@ -3572,4 +4004,3 @@ sub _custoragent_session_custnum { } 1; -