'Cancel customer',
'Complimentary customer', #aka users-allow_comp
'Delete customer', #aka. deletecustomers #Enable customer deletions. Be very careful! Deleting a customer will remove all traces that this customer ever existed! It should probably only be used when auditing a legacy database. Normally, you cancel all of a customers' packages if they cancel service.
- 'Add customer note',
- 'Edit customer note',
+ 'Add customer note', #NEW
+ 'Edit customer note', #NEW
###
# customer package rights
###
+ 'View customer packages', #NEW
'Order customer package',
'One-time charge',
'Change customer package',
'Unsuspend customer package',
'Cancel customer package immediately',
'Cancel customer package later',
- 'Add on-the-fly cancel reason',
- 'Add on-the-fly suspend reason',
+ 'Add on-the-fly cancel reason', #NEW
+ 'Add on-the-fly suspend reason', #NEW
###
# customer service rights
###
- 'Edit usage',
+ 'Edit usage', #NEW
+ 'View customer services', #NEW
'Provision customer service',
- 'Recharge customer service',
+ 'Recharge customer service', #NEW
'Unprovision customer service',
'View/link unlinked services', #not agent-virtualizable without more work
###
'View invoices',
'View customer tax exemptions', #yow
+ 'View customer batched payments', #NEW
###
# customer payment rights
'Delete payment', #aka. deletepayments - Enable deletion of unclosed payments. Be very careful! Only delete payments that were data-entry errors, not adjustments. Optionally specify one or more comma-separated email addresses to be notified when a payment is deleted.
- 'Delete refund',
+ 'Delete refund', #NEW
###
# customer credit rights
# report/listing rights...
###
'List customers',
- 'List zip codes',
+ 'List zip codes', #NEW
'List invoices',
'List packages',
'List services',
# misc rights
###
'Job queue', # these are not currently agent-virtualized
- 'Process batches', #
- 'Reprocess batches', #
+ 'Process batches', # NEW
+ 'Reprocess batches', # NEW
'Import', #
'Export', #
###
# misc misc rights
###
- 'Raw SQL',
+ 'Raw SQL', #NEW
###
# setup/config rights
-%
-%
-%my $conf = new FS::Conf;
-%
-%my($query) = $cgi->keywords;
-%$query =~ /^([^\.\/]*)$/;
-%my $templatename = $1;
-%if ( $templatename && $conf->exists("logo_$templatename.png") ) {
-% $templatename = "_$templatename";
-%} else {
-% $templatename = '';
-%}
-%
-%http_header('Content-Type' => 'image/png' );
-%
<% $conf->config_binary("logo$templatename.png") %>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('View invoices');
+
+my $conf = new FS::Conf;
+
+my($query) = $cgi->keywords;
+$query =~ /^([^\.\/]*)$/;
+my $templatename = $1;
+if ( $templatename && $conf->exists("logo_$templatename.png") ) {
+ $templatename = "_$templatename";
+} else {
+ $templatename = '';
+}
+
+http_header('Content-Type' => 'image/png' );
+
+</%init>
-%
-%
-%#untaint invnum
-%my($query) = $cgi->keywords;
-%$query =~ /^((.+)-)?(\d+)(.pdf)?$/;
-%my $templatename = $2;
-%my $invnum = $3;
-%
-%my $cust_bill = qsearchs('cust_bill',{'invnum'=>$invnum});
-%die "Invoice #$invnum not found!" unless $cust_bill;
-%
-%my $pdf = $cust_bill->print_pdf( '', $templatename);
-%
-%http_header('Content-Type' => 'application/pdf' );
-%http_header('Content-Length' => length($pdf) );
-%http_header('Cache-control' => 'max-age=60' );
-%
<% $pdf %>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('View invoices');
+
+#untaint invnum
+my($query) = $cgi->keywords;
+$query =~ /^((.+)-)?(\d+)(.pdf)?$/;
+my $templatename = $2;
+my $invnum = $3;
+
+my $cust_bill = qsearchs({
+ 'select' => 'cust_bill.*',
+ 'table' => 'cust_bill',
+ 'addl_from' => 'LEFT JOIN cust_main USING ( custnum )',
+ 'hashref' => { 'invnum' => $invnum },
+ 'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+});
+die "Invoice #$invnum not found!" unless $cust_bill;
+
+my $pdf = $cust_bill->print_pdf( '', $templatename);
+
+http_header('Content-Type' => 'application/pdf' );
+http_header('Content-Length' => length($pdf) );
+http_header('Cache-control' => 'max-age=60' );
+
+</%init>
-%
-%
-%#untaint invnum
-%my($query) = $cgi->keywords;
-%$query =~ /^((.+)-)?(\d+)$/;
-%my $templatename = $2;
-%my $invnum = $3;
-%
-%my $cust_bill = qsearchs('cust_bill',{'invnum'=>$invnum});
-%die "Invoice #$invnum not found!" unless $cust_bill;
-%
-%http_header('Content-Type' => 'application/postscript' );
-%
<% $cust_bill->print_ps( '', $templatename) %>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('View invoices');
+
+#untaint invnum
+my($query) = $cgi->keywords;
+$query =~ /^((.+)-)?(\d+)$/;
+my $templatename = $2;
+my $invnum = $3;
+
+my $cust_bill = qsearchs({
+ 'select' => 'cust_bill.*',
+ 'table' => 'cust_bill',
+ 'addl_from' => 'LEFT JOIN cust_main USING ( custnum )',
+ 'hashref' => { 'invnum' => $invnum },
+ 'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+});
+die "Invoice #$invnum not found!" unless $cust_bill;
+
+http_header('Content-Type' => 'application/postscript' );
+
+</%init>
-%
-%
-%#untaint invnum
-%my($query) = $cgi->keywords;
-%$query =~ /^((.+)-)?(\d+)$/;
-%my $templatename = $2;
-%my $invnum = $3;
-%
-%my $conf = new FS::Conf;
-%
-%my @payby = grep /\w/, $conf->config('payby');
-%#@payby = (qw( CARD DCRD CHEK DCHK LECB BILL CASH WEST COMP ))
-%@payby = (qw( CARD DCRD CHEK DCHK LECB BILL CASH COMP ))
-% unless @payby;
-%my %payby = map { $_=>1 } @payby;
-%
-%my $cust_bill = qsearchs('cust_bill',{'invnum'=>$invnum});
-%die "Invoice #$invnum not found!" unless $cust_bill;
-%my $custnum = $cust_bill->getfield('custnum');
-%
-%#my $printed = $cust_bill->printed;
-%
-%my $link = $templatename ? "$templatename-$invnum" : $invnum;
-%
-%
-
<% include("/elements/header.html",'Invoice View', menubar(
"Main Menu" => $p,
"View this customer (#$custnum)" => "${p}view/cust_main.cgi?$custnum",
)) %>
+
+
% if ( $cust_bill->owed > 0
% && ( $payby{'BILL'} || $payby{'CASH'} || $payby{'WEST'} || $payby{'MCRD'} )
% )
% {
% my $s = 0;
-%
-
Post
% if ( $payby{'BILL'} ) {
<PRE><% join('', $cust_bill->print_text('', $templatename) ) %></PRE>
% }
+<% include('/elements/footer.html') %>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('View invoices');
+
+#untaint invnum
+my($query) = $cgi->keywords;
+$query =~ /^((.+)-)?(\d+)$/;
+my $templatename = $2;
+my $invnum = $3;
+
+my $conf = new FS::Conf;
+
+my @payby = grep /\w/, $conf->config('payby');
+#@payby = (qw( CARD DCRD CHEK DCHK LECB BILL CASH WEST COMP ))
+@payby = (qw( CARD DCRD CHEK DCHK LECB BILL CASH COMP ))
+ unless @payby;
+my %payby = map { $_=>1 } @payby;
+
+my $cust_bill = qsearchs({
+ 'select' => 'cust_bill.*',
+ 'table' => 'cust_bill',
+ 'addl_from' => 'LEFT JOIN cust_main USING ( custnum )',
+ 'hashref' => { 'invnum' => $invnum },
+ 'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+});
+die "Invoice #$invnum not found!" unless $cust_bill;
+
+my $custnum = $cust_bill->custnum;
+
+#my $printed = $cust_bill->printed;
+
+my $link = $templatename ? "$templatename-$invnum" : $invnum;
+
+</%init>
+
-</BODY></HTML>
-%
-%
-%my $conf = new FS::Conf;
-%
-%my $curuser = $FS::CurrentUser::CurrentUser;
-%
-%die "No customer specified (bad URL)!" unless $cgi->keywords;
-%my($query) = $cgi->keywords; # needs parens with my, ->keywords returns array
-%$query =~ /^(\d+)$/;
-%my $custnum = $1;
-%my $cust_main = qsearchs('cust_main',{'custnum'=>$custnum});
-%die "Customer not found!" unless $cust_main;
-%
-%
-
-
<% include("/elements/header.html","Customer View: ". $cust_main->name ) %>
-% if ( $curuser->access_right('Edit customer') ) {
+% if ( $curuser->access_right('Edit customer') ) {
<A HREF="<% $p %>edit/cust_main.cgi?<% $custnum %>">Edit this customer</A> |
% }
-
-
<SCRIPT TYPE="text/javascript" SRC="<%$fsurl%>elements/overlibmws.js"></SCRIPT>
<SCRIPT TYPE="text/javascript" SRC="<%$fsurl%>elements/overlibmws_iframe.js"></SCRIPT>
<SCRIPT TYPE="text/javascript" SRC="<%$fsurl%>elements/overlibmws_draggable.js"></SCRIPT>
<BR><BR>
+
+% #XXX enable me# if ( $curuser->access_right('View customer packages') {
<% include('cust_main/packages.html', $cust_main ) %>
-% if ( $conf->config('payby-default') ne 'HIDE' ) {
+% #}
+% if ( $conf->config('payby-default') ne 'HIDE' ) {
<% include('cust_main/payment_history.html', $cust_main ) %>
% }
<% include('/elements/footer.html') %>
+<%init>
+
+my $curuser = $FS::CurrentUser::CurrentUser;
+
+die "access denied"
+ unless $curuser->access_right('View customer');
+
+my $conf = new FS::Conf;
+
+die "No customer specified (bad URL)!" unless $cgi->keywords;
+my($query) = $cgi->keywords; # needs parens with my, ->keywords returns array
+$query =~ /^(\d+)$/;
+my $custnum = $1;
+my $cust_main = qsearchs({
+ 'table' => 'cust_main',
+ 'hashref' => {'custnum'=>$custnum},
+ 'extra_sql' => ' AND '. $curuser->agentnums_sql,
+});
+die "Customer not found!" unless $cust_main;
+
+</%init>
<TR>
<TD ALIGN="right">City</TD>
<TD BGCOLOR="#ffffff"><% $cust_main->get("${pre}city") %></TD>
-% if ( $cust_main->get("${pre}county" ) ) {
+% if ( $cust_main->get("${pre}county") ) {
<TD ALIGN="right">County</TD>
<TD BGCOLOR="#ffffff"><% $cust_main->get("${pre}county") %></TD>
% }
+++ /dev/null
-<!-- mason kludge -->
-%
-%
-%my $conf = new FS::Conf;
-%
-%my %uiview = ();
-%my %uiadd = ();
-%foreach my $part_svc ( qsearch('part_svc',{}) ) {
-% $uiview{$part_svc->svcpart} = popurl(2). "view/". $part_svc->svcdb . ".cgi";
-% $uiadd{$part_svc->svcpart}= popurl(2). "edit/". $part_svc->svcdb . ".cgi";
-%}
-%
-%my ($query) = $cgi->keywords;
-%$query =~ /^(\d+)$/;
-%my $pkgnum = $1;
-%
-%#get package record
-%my $cust_pkg = qsearchs('cust_pkg',{'pkgnum'=>$pkgnum});
-%die "No package!" unless $cust_pkg;
-%my $part_pkg = qsearchs('part_pkg',{'pkgpart'=>$cust_pkg->getfield('pkgpart')});
-%
-%my $custnum = $cust_pkg->getfield('custnum');
-%print header('Package View', menubar(
-% "View this customer (#$custnum)" => popurl(2). "view/cust_main.cgi?$custnum",
-% 'Main Menu' => popurl(2)
-%));
-%
-%#print info
-%my ($susp,$cancel,$expire)=(
-% $cust_pkg->getfield('susp'),
-% $cust_pkg->getfield('cancel'),
-% $cust_pkg->getfield('expire'),
-%);
-%my($pkg,$comment)=($part_pkg->getfield('pkg'),$part_pkg->getfield('comment'));
-%my($setup,$bill)=($cust_pkg->getfield('setup'),$cust_pkg->getfield('bill'));
-%my $otaker = $cust_pkg->getfield('otaker');
-%
-%print <<END;
-%<SCRIPT>
-%function areyousure(href) {
-% if (confirm("Permanently delete included services and cancel this package?") == true)
-% window.location.href = href;
-%}
-%</SCRIPT>
-%END
-%
-%print "Package information";
-%print ' (<A HREF="'. popurl(2). 'misc/unsusp_pkg.cgi?'. $pkgnum.
-% '">unsuspend</A>)'
-% if ( $susp && ! $cancel );
-%
-%print ' (<A HREF="'. popurl(2). 'misc/susp_pkg.cgi?'. $pkgnum.
-% '">suspend</A>)'
-% unless ( $susp || $cancel );
-%
-%print ' (<A HREF="javascript:areyousure(\''. popurl(2). 'misc/cancel_pkg.cgi?'.
-% $pkgnum. '\')">cancel</A>)'
-% unless $cancel;
-%
-%print ' (<A HREF="'. popurl(2). 'edit/REAL_cust_pkg.cgi?'. $pkgnum.
-% '">edit dates</A>)';
-%
-%print &ntable("#cccccc"), '<TR><TD>', &ntable("#cccccc",2),
-% '<TR><TD ALIGN="right">Package number</TD><TD BGCOLOR="#ffffff">',
-% $pkgnum, '</TD></TR>',
-% '<TR><TD ALIGN="right">Package</TD><TD BGCOLOR="#ffffff">',
-% $pkg, '</TD></TR>',
-% '<TR><TD ALIGN="right">Comment</TD><TD BGCOLOR="#ffffff">',
-% $comment, '</TD></TR>',
-% '<TR><TD ALIGN="right">Setup date</TD><TD BGCOLOR="#ffffff">',
-% ( $setup ? time2str("%D",$setup) : "(Not setup)" ), '</TD></TR>';
-%
-%print '<TR><TD ALIGN="right">Last bill date</TD><TD BGCOLOR="#ffffff">',
-% ( $cust_pkg->get('last_bill') ? time2str("%D",$cust_pkg->get('last_bill')) : " " ),
-% '</TD></TR>'
-% if $cust_pkg->dbdef_table->column('last_bill');
-%
-%print '<TR><TD ALIGN="right">Next bill date</TD><TD BGCOLOR="#ffffff">',
-% ( $bill ? time2str("%D",$bill) : " " ), '</TD></TR>';
-%
-%print '<TR><TD ALIGN="right">Suspension date</TD><TD BGCOLOR="#ffffff">',
-% time2str("%D",$susp), '</TD></TR>' if $susp;
-%print '<TR><TD ALIGN="right">Expiration date</TD><TD BGCOLOR="#ffffff">',
-% time2str("%D",$expire), '</TD></TR>' if $expire;
-%print '<TR><TD ALIGN="right">Cancellation date</TD><TD BGCOLOR="#ffffff">',
-% time2str("%D",$cancel), '</TD></TR>' if $cancel;
-%print '<TR><TD ALIGN="right">Order taker</TD><TD BGCOLOR="#ffffff">',
-% $otaker, '</TD></TR>',
-% '</TABLE></TD></TR></TABLE>';
-%
-%unless ($expire) {
-% print <<END;
-%<FORM ACTION="../misc/expire_pkg.cgi" METHOD="post">
-%<INPUT TYPE="hidden" NAME="pkgnum" VALUE="$pkgnum">
-%Expire (date): <INPUT TYPE="text" NAME="date" VALUE="" >
-%<INPUT TYPE="submit" VALUE="Cancel later">
-%END
-%}
-%
-%unless ($cancel) {
-%
-% #services
-% print '<BR>Service Information', &table();
-%
-% #list of services this pkgpart includes
-% my $pkg_svc;
-% my %pkg_svc;
-% #foreach $pkg_svc ( qsearch('pkg_svc',{'pkgpart'=> $cust_pkg->pkgpart }) ) {
-% foreach $pkg_svc ( $cust_pkg->part_pkg->pkg_svc ) {
-% $pkg_svc{$pkg_svc->svcpart} = $pkg_svc->quantity if $pkg_svc->quantity;
-% }
-%
-% #list of records from cust_svc
-% my $svcpart;
-% foreach $svcpart (sort {$a <=> $b} keys %pkg_svc) {
-%
-% my($svc)=qsearchs('part_svc',{'svcpart'=>$svcpart})->getfield('svc');
-%
-% my(@cust_svc)=qsearch('cust_svc',{'pkgnum'=>$pkgnum,
-% 'svcpart'=>$svcpart,
-% });
-%
-% my($enum);
-% for $enum ( 1 .. $pkg_svc{$svcpart} ) {
-%
-% my($cust_svc);
-% if ( $cust_svc=shift @cust_svc ) {
-% my($svcnum)=$cust_svc->svcnum;
-% my($label, $value, $svcdb) = $cust_svc->label;
-% print <<END;
-%<TR><TD><A HREF="$uiview{$svcpart}?$svcnum">(View/Edit) $svc: $value<A></TD></TR>
-%END
-% } else {
-% print qq!<TR><TD>!.
-% qq!<A HREF="$uiadd{$svcpart}?pkgnum$pkgnum-svcpart$svcpart">!.
-% qq!(Provision) $svc</A>!;
-%
-% print qq! or <A HREF="../misc/link.cgi?pkgnum$pkgnum-svcpart$svcpart">!.
-% qq!(Link to legacy) $svc</A>!
-% if $conf->exists('legacy_link');
-%
-% print '</TD></TR>';
-% }
-%
-% }
-% warn "WARNING: Leftover services pkgnum $pkgnum!" if @cust_svc;;
-% }
-%
-% print "</TABLE><FONT SIZE=-1>",
-% "Choose (View/Edit) to view or edit an existing service<BR>",
-% "Choose (Provision) to setup a new service<BR>";
-%
-% print "Choose (Link to legacy) to link to a legacy (pre-Freeside) service"
-% if $conf->exists('legacy_link');
-%
-% print "</FONT>";
-%}
-%
-%#formatting
-%print <<END;
-% </BODY>
-%</HTML>
-%END
-%
-%
-
-%
-%
% # options example...
% #
% # 'table' => 'svc_something'
% # # defaults to "edit/$table.cgi?", will have svcnum appended
% # 'edit_url' =>
%
-% my(%opt) = @_;
-%
-% my $table = $opt{'table'};
-%
-% my $fields = $opt{'fields'}
-% #|| [ grep { $_ ne 'svcnum' } dbdef->table($table)->columns ];
-% || [ grep { $_ ne 'svcnum' } fields($table) ];
-%
-% my $svcnum;
-% if ( $cgi->param('svcnum') ) {
-% $cgi->param('svcnum') =~ /^(\d+)$/ or die "unparsable svcnum";
-% $svcnum = $1;
-% } else {
-% my($query) = $cgi->keywords;
-% $query =~ /^(\d+)$/ or die "no svcnum";
-% $svcnum = $1;
-% }
-% my $svc_x = qsearchs( $opt{'table'}, { 'svcnum' => $svcnum } )
-% or die "Unknown svcnum $svcnum in ". $opt{'table'}. " table\n";
-%
-% my $cust_svc = $svc_x->cust_svc;
-% my($label, $value, $svcdb) = $cust_svc->label;
-%
-% my $pkgnum = $cust_svc->pkgnum;
-%
-% my($cust_pkg, $custnum);
-% if ($pkgnum) {
-% $cust_pkg = $cust_svc->cust_pkg;
-% $custnum = $cust_pkg->custnum;
-% } else {
-% $cust_pkg = '';
-% $custnum = '';
-% }
-%
%
% if ( $custnum ) {
<% joblisting({'svcnum'=>$svcnum}, 1) %>
<% include('/elements/footer.html') %>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
+ || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
+
+my(%opt) = @_;
+
+my $table = $opt{'table'};
+
+my $fields = $opt{'fields'}
+ #|| [ grep { $_ ne 'svcnum' } dbdef->table($table)->columns ];
+ || [ grep { $_ ne 'svcnum' } fields($table) ];
+
+my $svcnum;
+if ( $cgi->param('svcnum') ) {
+ $cgi->param('svcnum') =~ /^(\d+)$/ or die "unparsable svcnum";
+ $svcnum = $1;
+} else {
+ my($query) = $cgi->keywords;
+ $query =~ /^(\d+)$/ or die "no svcnum";
+ $svcnum = $1;
+}
+my $svc_x = qsearchs({
+ 'select' => $opt{'table'}.'.*',
+ 'table' => $opt{'table'},
+ 'addl_from' => ' LEFT JOIN cust_svc USING ( svcnum ) '.
+ ' LEFT JOIN cust_pkg USING ( pkgnum ) '.
+ ' LEFT JOIN cust_main USING ( custnum ) ',
+ 'hashref' => { 'svcnum' => $svcnum },
+ 'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+}) or die "Unknown svcnum $svcnum in ". $opt{'table'}. " table\n";
+
+my $cust_svc = $svc_x->cust_svc;
+my($label, $value, $svcdb) = $cust_svc->label;
+
+my $pkgnum = $cust_svc->pkgnum;
+
+my($cust_pkg, $custnum);
+if ($pkgnum) {
+ $cust_pkg = $cust_svc->cust_pkg;
+ $custnum = $cust_pkg->custnum;
+} else {
+ $cust_pkg = '';
+ $custnum = '';
+}
+
+</%init>
+<% include('elements/svc_Common.html',
+ 'table' => $table,
+ 'edit_url' => $p."edit/svc_Common.html?svcdb=$table;svcnum=",
+ %opt,
+ )
+%>
<%init>
# false laziness w/edit/svc_Common.html
}
</%init>
-<% include('elements/svc_Common.html',
- 'table' => $table,
- 'edit_url' => $p."edit/svc_Common.html?svcdb=$table;svcnum=",
- %opt,
- )
-%>
-%
-%
-%my $conf = new FS::Conf;
-%
-%my($query) = $cgi->keywords;
-%$query =~ /^(\d+)$/;
-%my $svcnum = $1;
-%my $svc_acct = qsearchs('svc_acct',{'svcnum'=>$svcnum});
-%die "Unknown svcnum" unless $svc_acct;
-%
-%#false laziness w/all svc_*.cgi
-%my $cust_svc = qsearchs( 'cust_svc' , { 'svcnum' => $svcnum } );
-%my $pkgnum = $cust_svc->getfield('pkgnum');
-%my($cust_pkg, $custnum);
-%if ($pkgnum) {
-% $cust_pkg = qsearchs( 'cust_pkg', { 'pkgnum' => $pkgnum } );
-% $custnum = $cust_pkg->custnum;
-%} else {
-% $cust_pkg = '';
-% $custnum = '';
-%}
-%#eofalse
-%
-%my $part_svc = qsearchs('part_svc',{'svcpart'=> $cust_svc->svcpart } );
-%die "Unknown svcpart" unless $part_svc;
-%my $svc = $part_svc->svc;
-%
-%die 'Empty domsvc for svc_acct.svcnum '. $svc_acct->svcnum
-% unless $svc_acct->domsvc;
-%my $svc_domain = qsearchs('svc_domain', { 'svcnum' => $svc_acct->domsvc } );
-%die 'Unknown domain (domsvc '. $svc_acct->domsvc.
-% ' for svc_acct.svcnum '. $svc_acct->svcnum. ')'
-% unless $svc_domain;
-%my $domain = $svc_domain->domain;
-%
-%
% if ( $custnum ) {
-
<% include("/elements/header.html","View $svc account") %>
-
<% include( '/elements/small_custview.html', $custnum, '', 1,
"${p}view/cust_main.cgi") %>
<BR>
-% } else {
+% } else {
<SCRIPT>
function areyousure(href) {
<% include("/elements/header.html",'Account View', menubar(
"Cancel this (unaudited) account" =>
"javascript:areyousure(\'${p}misc/cancel-unaudited.cgi?$svcnum\')",
- "Main menu" => $p,
)) %>
+
% }
+
% if ( $part_svc->part_export_usage ) {
%
% my $last_bill;
<% joblisting({'svcnum'=>$svcnum}, 1) %>
-</BODY>
-</HTML>
+<% include('/elements/footer.html') %>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
+ || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
+
+my $conf = new FS::Conf;
+
+my($query) = $cgi->keywords;
+$query =~ /^(\d+)$/;
+my $svcnum = $1;
+my $svc_acct = qsearchs({
+ 'select' => 'svc_acct.*',
+ 'table' => 'svc_acct',
+ 'addl_from' => ' LEFT JOIN cust_svc USING ( svcnum ) '.
+ ' LEFT JOIN cust_pkg USING ( pkgnum ) '.
+ ' LEFT JOIN cust_main USING ( custnum ) ',
+ 'hashref' => {'svcnum'=>$svcnum},
+ 'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+});
+die "Unknown svcnum" unless $svc_acct;
+
+#false laziness w/all svc_*.cgi
+my $cust_svc = qsearchs( 'cust_svc' , { 'svcnum' => $svcnum } );
+my $pkgnum = $cust_svc->getfield('pkgnum');
+my($cust_pkg, $custnum);
+if ($pkgnum) {
+ $cust_pkg = qsearchs( 'cust_pkg', { 'pkgnum' => $pkgnum } );
+ $custnum = $cust_pkg->custnum;
+} else {
+ $cust_pkg = '';
+ $custnum = '';
+}
+#eofalse
+
+my $part_svc = qsearchs('part_svc',{'svcpart'=> $cust_svc->svcpart } );
+die "Unknown svcpart" unless $part_svc;
+my $svc = $part_svc->svc;
+
+die 'Empty domsvc for svc_acct.svcnum '. $svc_acct->svcnum
+ unless $svc_acct->domsvc;
+my $svc_domain = qsearchs('svc_domain', { 'svcnum' => $svc_acct->domsvc } );
+die 'Unknown domain (domsvc '. $svc_acct->domsvc.
+ ' for svc_acct.svcnum '. $svc_acct->svcnum. ')'
+ unless $svc_domain;
+my $domain = $svc_domain->domain;
+
+</%init>
-<!-- mason kludge -->
-%
-%
-%my($query) = $cgi->keywords;
-%$query =~ /^(\d+)$/;
-%my $svcnum = $1;
-%my $svc_broadband = qsearchs( 'svc_broadband', { 'svcnum' => $svcnum } )
-% or die "svc_broadband: Unknown svcnum $svcnum";
-%
-%#false laziness w/all svc_*.cgi
-%my $cust_svc = qsearchs( 'cust_svc', { 'svcnum' => $svcnum } );
-%my $pkgnum = $cust_svc->getfield('pkgnum');
-%my($cust_pkg, $custnum);
-%if ($pkgnum) {
-% $cust_pkg = qsearchs( 'cust_pkg', { 'pkgnum' => $pkgnum } );
-% $custnum = $cust_pkg->custnum;
-%} else {
-% $cust_pkg = '';
-% $custnum = '';
-%}
-%#eofalse
-%
-%my $addr_block = $svc_broadband->addr_block;
-%my $router = $addr_block->router;
-%
-%if (not $router) { die "Could not lookup router for svc_broadband (svcnum $svcnum)" };
-%
-%my (
-% $routername,
-% $routernum,
-% $speed_down,
-% $speed_up,
-% $ip_addr,
-% $ip_gateway,
-% $ip_netmask,
-% $mac_addr,
-% $latitude,
-% $longitude,
-% $altitude,
-% $vlan_profile,
-% $auth_key,
-% $description,
-% ) = (
-% $router->getfield('routername'),
-% $router->getfield('routernum'),
-% $svc_broadband->getfield('speed_down'),
-% $svc_broadband->getfield('speed_up'),
-% $svc_broadband->getfield('ip_addr'),
-% $addr_block->ip_gateway,
-% $addr_block->NetAddr->mask,
-% $svc_broadband->mac_addr,
-% $svc_broadband->latitude,
-% $svc_broadband->longitude,
-% $svc_broadband->altitude,
-% $svc_broadband->vlan_profile,
-% $svc_broadband->auth_key,
-% $svc_broadband->description,
-% );
-%
-
-
<%include("/elements/header.html",'Broadband Service View', menubar(
( ( $custnum )
? ( "View this customer (#$custnum)" => "${p}view/cust_main.cgi?$custnum",
<BR>
<%joblisting({'svcnum'=>$svcnum}, 1)%>
- </BODY>
-</HTML>
+<% include('/elements/footer.html') %>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
+ || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
+
+my($query) = $cgi->keywords;
+$query =~ /^(\d+)$/;
+my $svcnum = $1;
+my $svc_broadband = qsearchs({
+ 'select' => 'svc_broadband.*',
+ 'table' => 'svc_broadband',
+ 'addl_from' => ' LEFT JOIN cust_svc USING ( svcnum ) '.
+ ' LEFT JOIN cust_pkg USING ( pkgnum ) '.
+ ' LEFT JOIN cust_main USING ( custnum ) ',
+ 'hashref' => { 'svcnum' => $svcnum },
+ 'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+}) or die "svc_broadband: Unknown svcnum $svcnum";
+
+#false laziness w/all svc_*.cgi
+my $cust_svc = qsearchs( 'cust_svc', { 'svcnum' => $svcnum } );
+my $pkgnum = $cust_svc->getfield('pkgnum');
+my($cust_pkg, $custnum);
+if ($pkgnum) {
+ $cust_pkg = qsearchs( 'cust_pkg', { 'pkgnum' => $pkgnum } );
+ $custnum = $cust_pkg->custnum;
+} else {
+ $cust_pkg = '';
+ $custnum = '';
+}
+#eofalse
+
+my $addr_block = $svc_broadband->addr_block;
+my $router = $addr_block->router;
+
+if (not $router) { die "Could not lookup router for svc_broadband (svcnum $svcnum)" };
+
+my (
+ $routername,
+ $routernum,
+ $speed_down,
+ $speed_up,
+ $ip_addr,
+ $ip_gateway,
+ $ip_netmask,
+ $mac_addr,
+ $latitude,
+ $longitude,
+ $altitude,
+ $vlan_profile,
+ $auth_key,
+ $description,
+ ) = (
+ $router->getfield('routername'),
+ $router->getfield('routernum'),
+ $svc_broadband->getfield('speed_down'),
+ $svc_broadband->getfield('speed_up'),
+ $svc_broadband->getfield('ip_addr'),
+ $addr_block->ip_gateway,
+ $addr_block->NetAddr->mask,
+ $svc_broadband->mac_addr,
+ $svc_broadband->latitude,
+ $svc_broadband->longitude,
+ $svc_broadband->altitude,
+ $svc_broadband->vlan_profile,
+ $svc_broadband->auth_key,
+ $svc_broadband->description,
+ );
+
+</%init>
-<!-- mason kludge -->
-%
-%
-%my($query) = $cgi->keywords;
-%$query =~ /^(\d+)$/;
-%my $svcnum = $1;
-%my $svc_domain = qsearchs('svc_domain',{'svcnum'=>$svcnum});
-%die "Unknown svcnum" unless $svc_domain;
-%
-%my $cust_svc = qsearchs('cust_svc',{'svcnum'=>$svcnum});
-%my $pkgnum = $cust_svc->getfield('pkgnum');
-%my($cust_pkg, $custnum);
-%if ($pkgnum) {
-% $cust_pkg=qsearchs('cust_pkg',{'pkgnum'=>$pkgnum});
-% $custnum=$cust_pkg->getfield('custnum');
-%} else {
-% $cust_pkg = '';
-% $custnum = '';
-%}
-%
-%my $part_svc = qsearchs('part_svc',{'svcpart'=> $cust_svc->svcpart } );
-%die "Unknown svcpart" unless $part_svc;
-%
-%my $email = '';
-%if ($svc_domain->catchall) {
-% my $svc_acct = qsearchs('svc_acct',{'svcnum'=> $svc_domain->catchall } );
-% die "Unknown svcpart" unless $svc_acct;
-% $email = $svc_acct->email;
-%}
-%
-%my $domain = $svc_domain->domain;
-%
-%
-
-
<% include("/elements/header.html",'Domain View', menubar(
( ( $pkgnum || $custnum )
? ( "View this customer (#$custnum)" => "${p}view/cust_main.cgi?$custnum",
<INPUT TYPE="text" NAME="recdata"> <INPUT TYPE="submit" VALUE="Slave domain" onClick="return slave_areyousure()">
</FORM>
<BR><BR><% joblisting({'svcnum'=>$svcnum}, 1) %>
-</BODY></HTML>
+
+<% include('/elements/footer.html') %>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
+ || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
+
+my($query) = $cgi->keywords;
+$query =~ /^(\d+)$/;
+my $svcnum = $1;
+my $svc_domain = qsearchs({
+ 'select' => 'svc_domain.*',
+ 'table' => 'svc_domain',
+ 'addl_from' => ' LEFT JOIN cust_svc USING ( svcnum ) '.
+ ' LEFT JOIN cust_pkg USING ( pkgnum ) '.
+ ' LEFT JOIN cust_main USING ( custnum ) ',
+ 'hashref' => {'svcnum'=>$svcnum},
+ 'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+});
+die "Unknown svcnum" unless $svc_domain;
+
+my $cust_svc = qsearchs('cust_svc',{'svcnum'=>$svcnum});
+my $pkgnum = $cust_svc->getfield('pkgnum');
+my($cust_pkg, $custnum);
+if ($pkgnum) {
+ $cust_pkg=qsearchs('cust_pkg',{'pkgnum'=>$pkgnum});
+ $custnum=$cust_pkg->getfield('custnum');
+} else {
+ $cust_pkg = '';
+ $custnum = '';
+}
+
+my $part_svc = qsearchs('part_svc',{'svcpart'=> $cust_svc->svcpart } );
+die "Unknown svcpart" unless $part_svc;
+
+my $email = '';
+if ($svc_domain->catchall) {
+ my $svc_acct = qsearchs('svc_acct',{'svcnum'=> $svc_domain->catchall } );
+ die "Unknown svcpart" unless $svc_acct;
+ $email = $svc_acct->email;
+}
+
+my $domain = $svc_domain->domain;
+
+</%init>
-%
-%
-%my($query) = $cgi->keywords;
-%$query =~ /^(\d+)$/;
-%my $svcnum = $1;
-%my $svc_external = qsearchs( 'svc_external', { 'svcnum' => $svcnum } )
-% or die "svc_external: Unknown svcnum $svcnum";
-%
-%my $conf = new FS::Conf;
-%
-%#false laziness w/all svc_*.cgi
-%my $cust_svc = qsearchs( 'cust_svc', { 'svcnum' => $svcnum } );
-%my $pkgnum = $cust_svc->getfield('pkgnum');
-%my($cust_pkg, $custnum);
-%if ($pkgnum) {
-% $cust_pkg = qsearchs( 'cust_pkg', { 'pkgnum' => $pkgnum } );
-% $custnum = $cust_pkg->custnum;
-%} else {
-% $cust_pkg = '';
-% $custnum = '';
-%}
-%#eofalse
-%
-%
-%
-
-
<% include("/elements/header.html",'External Service View', menubar(
( ( $custnum )
? ( "View this customer (#$custnum)" => "${p}view/cust_main.cgi?$custnum",
</TABLE></TD></TR></TABLE>
<BR><% joblisting({'svcnum'=>$svcnum}, 1) %>
-</BODY></HTML>
+
+<% include('/elements/footer.html') %>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
+ || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
+
+my($query) = $cgi->keywords;
+$query =~ /^(\d+)$/;
+my $svcnum = $1;
+my $svc_external = qsearchs({
+ 'select' => 'svc_external.*',
+ 'table' => 'svc_external',
+ 'addl_from' => ' LEFT JOIN cust_svc USING ( svcnum ) '.
+ ' LEFT JOIN cust_pkg USING ( pkgnum ) '.
+ ' LEFT JOIN cust_main USING ( custnum ) ',
+ 'hashref' => { 'svcnum' => $svcnum },
+ 'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+}) or die "svc_external: Unknown svcnum $svcnum";
+
+my $conf = new FS::Conf;
+
+#false laziness w/all svc_*.cgi
+my $cust_svc = qsearchs( 'cust_svc', { 'svcnum' => $svcnum } );
+my $pkgnum = $cust_svc->getfield('pkgnum');
+my($cust_pkg, $custnum);
+if ($pkgnum) {
+ $cust_pkg = qsearchs( 'cust_pkg', { 'pkgnum' => $pkgnum } );
+ $custnum = $cust_pkg->custnum;
+} else {
+ $cust_pkg = '';
+ $custnum = '';
+}
+#eofalse
+
+</%init>
-<!-- mason kludge -->
-%
+% die "access denied"
+% unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
+% || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
%
%my $conf = new FS::Conf;
%
%my($query) = $cgi->keywords;
%$query =~ /^(\d+)$/;
%my $svcnum = $1;
-%my $svc_forward = qsearchs('svc_forward',{'svcnum'=>$svcnum});
+%my $svc_forward = qsearchs({
+% 'select' => 'svc_forward.*',
+% 'table' => 'svc_forward',
+% 'addl_from' => ' LEFT JOIN cust_svc USING ( svcnum ) '.
+% ' LEFT JOIN cust_pkg USING ( pkgnum ) '.
+% ' LEFT JOIN cust_main USING ( custnum ) ',
+% 'hashref' => {'svcnum'=>$svcnum},
+% 'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+%});
%die "Unknown svcnum" unless $svc_forward;
%
%my $cust_svc = qsearchs('cust_svc',{'svcnum'=>$svcnum});
-<!-- mason kludge -->
-%
+% die "access denied"
+% unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
+% || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
%
%my($query) = $cgi->keywords;
%$query =~ /^(\d+)$/;
%my $svcnum = $1;
-%my $svc_www = qsearchs( 'svc_www', { 'svcnum' => $svcnum } )
-% or die "svc_www: Unknown svcnum $svcnum";
+%my $svc_www = qsearchs({
+% 'select' => 'svc_www.*',
+% 'table' => 'svc_www',
+% 'addl_from' => ' LEFT JOIN cust_svc USING ( svcnum ) '.
+% ' LEFT JOIN cust_pkg USING ( pkgnum ) '.
+% ' LEFT JOIN cust_main USING ( custnum ) ',
+% 'hashref' => { 'svcnum' => $svcnum },
+% 'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+%}) or die "svc_www: Unknown svcnum $svcnum";
%
%#false laziness w/all svc_*.cgi
%my $cust_svc = qsearchs( 'cust_svc', { 'svcnum' => $svcnum } );
projects / freeside.git / commitdiff