X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=FS%2FFS%2FClientAPI%2FMyAccount.pm;h=f51174e5d60e5af3bfe697ff185496f8e1ba5d53;hp=445f0ece87972f73c6a4ef56598702133b0bd819;hb=4c4b99f655084122e9b55222dae3e94757b78cae;hpb=95558fc7bcc98138db7f2d54cd5e6724bac3beea diff --git a/FS/FS/ClientAPI/MyAccount.pm b/FS/FS/ClientAPI/MyAccount.pm index 445f0ece8..f51174e5d 100644 --- a/FS/FS/ClientAPI/MyAccount.pm +++ b/FS/FS/ClientAPI/MyAccount.pm @@ -9,8 +9,11 @@ use Cache::SharedMemoryCache; #store in db? use FS::CGI qw(small_custview); #doh use FS::Conf; use FS::Record qw(qsearch qsearchs); +use FS::Msgcat qw(gettext); use FS::svc_acct; use FS::svc_domain; +use FS::svc_external; +use FS::part_svc; use FS::cust_main; use FS::cust_bill; use FS::cust_main_county; @@ -22,6 +25,7 @@ FS::ClientAPI->register_handlers( 'MyAccount/customer_info' => \&customer_info, 'MyAccount/edit_info' => \&edit_info, 'MyAccount/invoice' => \&invoice, + 'MyAccount/list_invoices' => \&list_invoices, 'MyAccount/cancel' => \&cancel, 'MyAccount/payment_info' => \&payment_info, 'MyAccount/process_payment' => \&process_payment, @@ -37,6 +41,7 @@ use vars qw( @cust_main_editable_fields ); county state zip country daytime night fax ship_first ship_last ship_company ship_address1 ship_address2 ship_city ship_state ship_zip ship_country ship_daytime ship_night ship_fax + payby payinfo payname ); #store in db? @@ -44,24 +49,26 @@ my $cache = new Cache::SharedMemoryCache( { 'namespace' => 'FS::ClientAPI::MyAccount', } ); -#false laziness w/FS::ClientAPI::passwd::passwd (needs to handle encrypted pw) +#false laziness w/FS::ClientAPI::passwd::passwd sub login { my $p = shift; my $svc_domain = qsearchs('svc_domain', { 'domain' => $p->{'domain'} } ) - or return { error => "Domain not found" }; + or return { error => 'Domain '. $p->{'domain'}. ' not found' }; - my $svc_acct = - ( length($p->{'password'}) < 13 - && qsearchs( 'svc_acct', { 'username' => $p->{'username'}, - 'domsvc' => $svc_domain->svcnum, - '_password' => $p->{'password'} } ) - ) - || qsearchs( 'svc_acct', { 'username' => $p->{'username'}, - 'domsvc' => $svc_domain->svcnum, - '_password' => $p->{'password'} } ); + my $svc_acct = qsearchs( 'svc_acct', { 'username' => $p->{'username'}, + 'domsvc' => $svc_domain->svcnum, } + ); + return { error => 'User not found.' } unless $svc_acct; - unless ( $svc_acct ) { return { error => 'Incorrect password.' } } + my $conf = new FS::Conf; + my $pkg_svc = $svc_acct->cust_svc->pkg_svc; + return { error => 'Only primary user may log in.' } + if $conf->exists('selfservice_server-primary_only') + && ( ! $pkg_svc || $pkg_svc->primary_svc ne 'Y' ); + + return { error => 'Incorrect password.' } + unless $svc_acct->check_password($p->{'password'}); my $session = { 'svcnum' => $svc_acct->svcnum, @@ -87,16 +94,31 @@ sub login { sub customer_info { my $p = shift; - my $session = $cache->get($p->{'session_id'}) - or return { 'error' => "Can't resume session" }; #better error message - - my %return; - my $custnum = $session->{'custnum'}; + my($session, $custnum, $context); + if ( $p->{'session_id'} ) { + $context = 'customer'; + $session = $cache->get($p->{'session_id'}) + or return { 'error' => "Can't resume session" }; #better error message + $custnum = $session->{'custnum'}; + } elsif ( $p->{'agent_session_id'} ) { + $context = 'agent'; + my $agent_cache = new Cache::SharedMemoryCache( { + 'namespace' => 'FS::ClientAPI::Agent', + } ); + $session = $agent_cache->get($p->{'agent_session_id'}) + or return { 'error' => "Can't resume session" }; #better error message + $custnum = $p->{'custnum'}; + } else { + return { 'error' => "Can't resume session" }; #better error message + } + my %return; if ( $custnum ) { #customer record - my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } ) + my $search = { 'custnum' => $custnum }; + $search->{'agentnum'} = $session->{'agentnum'} if $context eq 'agent'; + my $cust_main = qsearchs('cust_main', $search ) or return { 'error' => "unknown custnum $custnum" }; $return{balance} = $cust_main->balance; @@ -120,6 +142,16 @@ sub customer_info { $return{$_} = $cust_main->get($_); } + if ( $cust_main->payby =~ /^(CARD|DCRD)$/ ) { + $return{payinfo} = $cust_main->payinfo_masked; + @return{'month', 'year'} = $cust_main->paydate_monthyear; + } + + $return{'invoicing_list'} = + join(', ', grep { $_ ne 'POST' } $cust_main->invoicing_list ); + $return{'postal_invoicing'} = + 0 < ( grep { $_ eq 'POST' } $cust_main->invoicing_list ); + } else { #no customer record my $svc_acct = qsearchs('svc_acct', { 'svcnum' => $session->{'svcnum'} } ) @@ -149,7 +181,26 @@ sub edit_info { my $new = new FS::cust_main { $cust_main->hash }; $new->set( $_ => $p->{$_} ) foreach grep { exists $p->{$_} } @cust_main_editable_fields; - my $error = $new->replace($cust_main); + + if ( $p->{'payby'} =~ /^(CARD|DCRD)$/ ) { + $new->paydate($p->{'year'}. '-'. $p->{'month'}. '-01'); + if ( $new->payinfo eq $cust_main->payinfo_masked ) { + $new->payinfo($cust_main->payinfo); + } else { + $new->paycvv($p->{'paycvv'}); + } + } + + my @invoicing_list; + if ( exists $p->{'invoicing_list'} || exists $p->{'postal_invoicing'} ) { + #false laziness with httemplate/edit/process/cust_main.cgi + @invoicing_list = split( /\s*\,\s*/, $p->{'invoicing_list'} ); + push @invoicing_list, 'POST' if $p->{'postal_invoicing'}; + } else { + @invoicing_list = $cust_main->invoicing_list; + } + + my $error = $new->replace($cust_main, \@invoicing_list); return { 'error' => $error } if $error; #$cust_main = $new; @@ -161,7 +212,41 @@ sub payment_info { my $session = $cache->get($p->{'session_id'}) or return { 'error' => "Can't resume session" }; #better error message - my %return; + ## + #generic + ## + + my $conf = new FS::Conf; + my %states = map { $_->state => 1 } + qsearch('cust_main_county', { + 'country' => $conf->config('defaultcountry') || 'US' + } ); + + use vars qw($payment_info); #cache for performance + $payment_info ||= { + + #list all counties/states/countries + 'cust_main_county' => + [ map { $_->hashref } qsearch('cust_main_county', {}) ], + + #shortcut for one-country folks + 'states' => + [ sort { $a cmp $b } keys %states ], + + 'card_types' => { + 'VISA' => 'VISA card', + 'MasterCard' => 'MasterCard', + 'Discover' => 'Discover card', + 'American Express' => 'American Express card', + }, + + }; + + ## + #customer-specific + ## + + my %return = %$payment_info; my $custnum = $session->{'custnum'}; @@ -178,36 +263,14 @@ sub payment_info { $return{payby} = $cust_main->payby; if ( $cust_main->payby =~ /^(CARD|DCRD)$/ ) { - warn $return{card_type} = cardtype($cust_main->payinfo); + #warn $return{card_type} = cardtype($cust_main->payinfo); $return{payinfo} = $cust_main->payinfo; - if ( $cust_main->paydate =~ /^(\d{4})-(\d{2})-\d{2}$/ ) { #Pg date format - @return{'month', 'year'} = ( $2, $1 ); - } elsif ( $cust_main->paydate =~ /^(\d{1,2})-(\d{1,2}-)?(\d{4}$)/ ) { - @return{'month', 'year'} = ( $1, $3 ); - } + @return{'month', 'year'} = $cust_main->paydate_monthyear; } - #list all counties/states/countries - $return{'cust_main_county'} = - [ map { $_->hashref } qsearch('cust_main_county', {}) ], - - #shortcut for one-country folks - my $conf = new FS::Conf; - my %states = map { $_->state => 1 } - qsearch('cust_main_county', { - 'country' => $conf->config('defaultcountry') || 'US' - } ); - $return{'states'} = [ sort { $a cmp $b } keys %states ]; - - $return{card_types} = { - 'VISA' => 'VISA card', - 'MasterCard' => 'MasterCard', - 'Discover' => 'Discover card', - 'American Express' => 'American Express card', - }; - + #doubleclick protection my $_date = time; $return{paybatch} = "webui-MyAccount-$_date-$$-". rand() * 2**32; @@ -217,7 +280,10 @@ sub payment_info { }; +#some false laziness with httemplate/process/payment.cgi - look there for +#ACH and CVV support stuff sub process_payment { + my $p = shift; my $session = $cache->get($p->{'session_id'}) @@ -230,6 +296,69 @@ sub process_payment { my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } ) or return { 'error' => "unknown custnum $custnum" }; + $p->{'payname'} =~ /^([\w \,\.\-\']+)$/ + or return { 'error' => gettext('illegal_name'). " payname: ". $p->{'payname'} }; + my $payname = $1; + + $p->{'paybatch'} =~ /^([\w \!\@\#\$\%\&\(\)\-\+\;\:\'\"\,\.\?\/\=]*)$/ + or return { 'error' => gettext('illegal_text'). " paybatch: ". $p->{'paybatch'} }; + my $paybatch = $1; + + my $payinfo; + my $paycvv = ''; + #if ( $payby eq 'CHEK' ) { + # + # $p->{'payinfo1'} =~ /^(\d+)$/ + # or return { 'error' => "illegal account number ". $p->{'payinfo1'} }; + # my $payinfo1 = $1; + # $p->{'payinfo2'} =~ /^(\d+)$/ + # or return { 'error' => "illegal ABA/routing number ". $p->{'payinfo2'} }; + # my $payinfo2 = $1; + # $payinfo = $payinfo1. '@'. $payinfo2; + # + #} elsif ( $payby eq 'CARD' ) { + + $payinfo = $p->{'payinfo'}; + $payinfo =~ s/\D//g; + $payinfo =~ /^(\d{13,16})$/ + or return { 'error' => gettext('invalid_card') }; # . ": ". $self->payinfo + $payinfo = $1; + validate($payinfo) + or return { 'error' => gettext('invalid_card') }; # . ": ". $self->payinfo + return { 'error' => gettext('unknown_card_type') } + if cardtype($payinfo) eq "Unknown"; + + if ( defined $cust_main->dbdef_table->column('paycvv') ) { + if ( length($p->{'paycvv'} ) ) { + if ( cardtype($payinfo) eq 'American Express card' ) { + $p->{'paycvv'} =~ /^(\d{4})$/ + or return { 'error' => "CVV2 (CID) for American Express cards is four digits." }; + $paycvv = $1; + } else { + $p->{'paycvv'} =~ /^(\d{3})$/ + or return { 'error' => "CVV2 (CVC2/CID) is three digits." }; + $paycvv = $1; + } + } + } + + #} else { + # die "unknown payby $payby"; + #} + + my $error = $cust_main->realtime_bop( 'CC', $p->{'amount'}, + 'quiet' => 1, + 'payinfo' => $payinfo, + 'paydate' => $p->{'year'}. '-'. $p->{'month'}. '-01', + 'payname' => $payname, + 'paybatch' => $paybatch, + 'paycvv' => $paycvv, + map { $_ => $p->{$_} } qw( address1 address2 city state zip ) + ); + return { 'error' => $error } if $error; + + $cust_main->apply_payments; + if ( $p->{'save'} ) { my $new = new FS::cust_main { $cust_main->hash }; $new->set( $_ => $p->{$_} ) @@ -241,15 +370,6 @@ sub process_payment { $cust_main = $new; } - my $error = $cust_main->realtime_bop( 'CC', $p->{'amount'}, quiet=>1, - 'paydate' => $p->{'year'}. '-'. $p->{'month'}. '-01', - map { $_ => $p->{$_} } - qw( payname address1 address2 city state zip payinfo paybatch ) - ); - return { 'error' => $error } if $error; - - $cust_main->apply_payments; - return { 'error' => '' }; } @@ -276,6 +396,27 @@ sub invoice { } +sub list_invoices { + my $p = shift; + my $session = $cache->get($p->{'session_id'}) + or return { 'error' => "Can't resume session" }; #better error message + + my $custnum = $session->{'custnum'}; + + my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } ) + or return { 'error' => "unknown custnum $custnum" }; + + my @cust_bill = $cust_main->cust_bill; + + return { 'error' => '', + 'invoices' => [ map { { 'invnum' => $_->invnum, + '_date' => $_->_date, + } + } @cust_bill + ] + }; +} + sub cancel { my $p = shift; my $session = $cache->get($p->{'session_id'}) @@ -310,12 +451,30 @@ sub list_pkgs { sub order_pkg { my $p = shift; - my $session = $cache->get($p->{'session_id'}) - or return { 'error' => "Can't resume session" }; #better error message - my $custnum = $session->{'custnum'}; + my($session, $custnum, $context); + + if ( $p->{'session_id'} ) { + $context = 'customer'; + $session = $cache->get($p->{'session_id'}) + or return { 'error' => "Can't resume session" }; #better error message + $custnum = $session->{'custnum'}; + } elsif ( $p->{'agent_session_id'} ) { + $context = 'agent'; + my $agent_cache = new Cache::SharedMemoryCache( { + 'namespace' => 'FS::ClientAPI::Agent', + } ); + $session = $agent_cache->get($p->{'agent_session_id'}) + or return { 'error' => "Can't resume session" }; #better error message + $custnum = $p->{'custnum'}; + } else { + return { 'error' => "Can't resume session" }; #better error message + } - my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } ) + my $search = { 'custnum' => $custnum }; + $search->{'agentnum'} = $session->{'agentnum'} if $context eq 'agent'; + + my $cust_main = qsearchs('cust_main', $search ) or return { 'error' => "unknown custnum $custnum" }; #false laziness w/ClientAPI/Signup.pm @@ -327,35 +486,61 @@ sub order_pkg { my $error = $cust_pkg->check; return { 'error' => $error } if $error; - my $svc_acct = new FS::svc_acct ( { - 'svcpart' => $p->{'svcpart'} || $cust_pkg->part_pkg->svcpart('svc_acct'), - map { $_ => $p->{$_} } - qw( username _password sec_phrase popnum ), - } ); + my @svc = (); + unless ( $p->{'svcpart'} eq 'none' ) { - my @acct_snarf; - my $snarfnum = 1; - while ( length($p->{"snarf_machine$snarfnum"}) ) { - my $acct_snarf = new FS::acct_snarf ( { - 'machine' => $p->{"snarf_machine$snarfnum"}, - 'protocol' => $p->{"snarf_protocol$snarfnum"}, - 'username' => $p->{"snarf_username$snarfnum"}, - '_password' => $p->{"snarf_password$snarfnum"}, + my $svcdb; + my $svcpart = ''; + if ( $p->{'svcpart'} =~ /^(\d+)$/ ) { + $svcpart = $1; + my $part_svc = qsearchs('part_svc', { 'svcpart' => $svcpart } ); + return { 'error' => "Unknown svcpart $svcpart" } unless $part_svc; + $svcdb = $part_svc->svcdb; + } else { + $svcdb = 'svc_acct'; + } + $svcpart ||= $cust_pkg->part_pkg->svcpart($svcdb); + + my %fields = ( + 'svc_acct' => [ qw( username _password sec_phrase popnum ) ], + 'svc_domain' => [ qw( domain ) ], + 'svc_external' => [ qw( id title ) ], + ); + + my $svc_x = "FS::$svcdb"->new( { + 'svcpart' => $svcpart, + map { $_ => $p->{$_} } @{$fields{$svcdb}} } ); - $snarfnum++; - push @acct_snarf, $acct_snarf; - } - $svc_acct->child_objects( \@acct_snarf ); + + if ( $svcdb eq 'svc_acct' ) { + my @acct_snarf; + my $snarfnum = 1; + while ( length($p->{"snarf_machine$snarfnum"}) ) { + my $acct_snarf = new FS::acct_snarf ( { + 'machine' => $p->{"snarf_machine$snarfnum"}, + 'protocol' => $p->{"snarf_protocol$snarfnum"}, + 'username' => $p->{"snarf_username$snarfnum"}, + '_password' => $p->{"snarf_password$snarfnum"}, + } ); + $snarfnum++; + push @acct_snarf, $acct_snarf; + } + $svc_x->child_objects( \@acct_snarf ); + } + + my $y = $svc_x->setdefault; # arguably should be in new method + return { 'error' => $y } if $y && !ref($y); + + $error = $svc_x->check; + return { 'error' => $error } if $error; - my $y = $svc_acct->setdefault; # arguably should be in new method - return { 'error' => $y } if $y && !ref($y); + push @svc, $svc_x; - $error = $svc_acct->check; - return { 'error' => $error } if $error; + } use Tie::RefHash; tie my %hash, 'Tie::RefHash'; - %hash = ( $cust_pkg => [ $svc_acct ] ); + %hash = ( $cust_pkg => \@svc ); #msgcat $error = $cust_main->order_pkgs( \%hash, '', 'noexport' => 1 ); return { 'error' => $error } if $error; @@ -370,9 +555,16 @@ sub order_pkg { $cust_main->apply_credits; $bill_error = $cust_main->collect; - if ( $cust_main->balance > $old_balance ) { + if ( $cust_main->balance > $old_balance + && $cust_main->balance > 0 + && $cust_main->payby !~ /^(BILL|DCRD|DCHK)$/ ) { + #this makes sense. credit is "un-doing" the invoice + $cust_main->credit( sprintf("%.2f", $cust_main->balance - $old_balance ), + 'self-service decline' ); + $cust_main->apply_credits( 'order' => 'newest' ); + $cust_pkg->cancel('quiet'=>1); - return { 'error' => '_decline' }; + return { 'error' => '_decline', 'bill_error' => $bill_error }; } else { $cust_pkg->reexport; } @@ -381,7 +573,7 @@ sub order_pkg { $cust_pkg->reexport; } - return { error => '' }; + return { error => '', pkgnum => $cust_pkg->pkgnum }; } @@ -395,13 +587,13 @@ sub cancel_pkg { my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } ) or return { 'error' => "unknown custnum $custnum" }; - my $pkgnum = $session->{'pkgnum'}; + my $pkgnum = $p->{'pkgnum'}; my $cust_pkg = qsearchs('cust_pkg', { 'custnum' => $custnum, 'pkgnum' => $pkgnum, } ) or return { 'error' => "unknown pkgnum $pkgnum" }; - my $error = $cust_main->cancel( 'quiet'=>1 ); + my $error = $cust_pkg->cancel( 'quiet'=>1 ); return { 'error' => $error }; }