force employee logouts, employee session reports, RT#74953

diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm
index 9649e5e..9cccb01 100644 (file)
--- a/FS/FS/AccessRight.pm
+++ b/FS/FS/AccessRight.pm
@@ -329,7 +329,7 @@ tie my %rights, 'Tie::IxHash',
     'Usage: Unrateable CDRs',
     'Usage: Time worked',
     #gone in 4.x as a distinct ACL (for now?) { rightname=>'Employees: Commission Report', global=>1 },
-    { rightname=>'Employees: Audit Report', global=>1 },
+    { rightname=>'Employee Reports', global=>1 },
 
     #{ rightname => 'List customers of all agents', global=>1 },
   ],

diff --git a/FS/FS/access_right.pm b/FS/FS/access_right.pm
index 29c91b0..3926faf 100644 (file)
--- a/FS/FS/access_right.pm
+++ b/FS/FS/access_right.pm
@@ -155,6 +155,7 @@ sub _upgrade_data { # class method
     'Refund payment'  => [ 'Refund credit card payment', 'Refund Echeck payment' ],
     'Regular void'    => [ 'Void payments' ],
     'Unvoid'          => [ 'Unvoid payments', 'Unvoid invoices' ],
+    'Employees: Audit Report' => [ 'Employee Reports' ],
   );
 
   foreach my $oldright (keys %migrate) {
@@ -233,9 +234,7 @@ sub _upgrade_data { # class method
                             'Usage: Unrateable CDRs',
                           ],
     'Provision customer service' => [ 'Edit password' ],
-    'Financial reports' => [ 'Employees: Commission Report',
-                             'Employees: Audit Report',
-                           ],
+    'Financial reports' => 'Employee Reports',
     'Change customer package' => 'Detach customer package',
     'Services: Accounts' => 'Services: Cable Subscribers',
     'Bulk change customer packages' => 'Bulk move customer services',

diff --git a/httemplate/elements/menu.html b/httemplate/elements/menu.html
index 58a7d57..cadbd86 100644 (file)
--- a/httemplate/elements/menu.html
+++ b/httemplate/elements/menu.html
@@ -428,8 +428,6 @@ $report_logs{'Billing events'} =  [ $fsurl.'search/report_cust_event.html', 'Sea
   if $curuser->access_right('Billing event reports');
 $report_logs{'Credit limit incidents'} = [ $fsurl.'search/report_cust_main_credit_limit.html', '' ]
   if $curuser->access_right('List rating data');
-$report_logs{'Employee activity'} = [ $fsurl.'search/report_employee_audit.html', '' ]
-  if $curuser->access_right('Employees: Audit Report');
 $report_logs{'System log'} = [ $fsurl.'search/log.html', 'View system events and debugging information.' ],
   if $curuser->access_right('View system logs')
   || $curuser->access_right('Configuration');
@@ -437,6 +435,12 @@ $report_logs{'Outgoing messages'} = [ $fsurl.'search/cust_msg.html', 'View outgo
   if $curuser->access_right('View email logs')
   || $curuser->access_right('Configuration');
 
+tie my %report_employee, 'Tie::IxHash',
+  'Employee activity' => [ $fsurl.'search/report_employee_audit.html', '' ],
+  'Employee sessions' => [ $fsurl.'search/report_access_user_session_log.html', '' ],
+  'Access log statistics' => [ $fsurl.'search/report_access_user_log.html?group_by=path', '' ],
+;
+
 tie my %report_menu, 'Tie::IxHash';
 $report_menu{'Saved searches'} = [ \%report_saved_searches, 'My saved searches' ]
   if keys(%report_saved_searches);
@@ -475,6 +479,8 @@ $report_menu{'Financial (Receivables)'} = [ \%report_financial, 'Financial repor
 $report_menu{'Financial (Payables)'} = [ \%report_payable, 'Financial reports (Payables)' ]
   if $curuser->access_right('Financial reports');
 
+$report_menu{'Employees'}      = [ \%report_employee, 'Employee reports' ]
+  if $curuser->access_right('Employee Reports');
 $report_menu{'Logs'}           = [ \%report_logs, 'System and email logs' ]
   if (keys %report_logs); # empty if the user has no rights to it
 $report_menu{'SQL Query'}      = [ $fsurl.'search/report_sql.html', 'SQL Query']
@@ -554,8 +560,6 @@ $tools_system{'Status'} = [ $fsurl.'view/Status.html', 'System status' ]
   if $curuser->access_right('Configuration'); # 'View system status');
 $tools_system{'Job Queue'} =  [ $fsurl.'search/queue.html', 'View pending job queue' ]
   if $curuser->access_right('Job queue');
-$tools_system{'Access log statistics'} = [ $fsurl.'search/report_access_user_log.html?group_by=path', '' ]
-  if $curuser->access_right('Configuration'); # 'View profiling data');
 
 tie my %tools_menu, 'Tie::IxHash', ();
 $tools_menu{'Customers'} = [ \%tools_customers, 'Customer tools' ]

diff --git a/httemplate/search/employee_audit.html b/httemplate/search/employee_audit.html
index 2bc6ff4..991758c 100644 (file)
--- a/httemplate/search/employee_audit.html
+++ b/httemplate/search/employee_audit.html
@@ -7,7 +7,7 @@
 <%init>
 
 die "access denied"
-  unless $FS::CurrentUser::CurrentUser->access_right('Employees: Audit Report');
+  unless $FS::CurrentUser::CurrentUser->access_right('Employee Reports');
 
 my %tables = (
     cust_pay        => 'Payments',

diff --git a/httemplate/search/report_access_user_log.html b/httemplate/search/report_access_user_log.html
index 0c8acb3..d43c742 100644 (file)
--- a/httemplate/search/report_access_user_log.html
+++ b/httemplate/search/report_access_user_log.html
@@ -27,7 +27,7 @@
 <%init>
 
 die "access denied"
-  unless $FS::CurrentUser::CurrentUser->access_right('Configuration');
+  unless $FS::CurrentUser::CurrentUser->access_right('Employee Reports');
 
 my $group_by = '';
 if ( $cgi->param('group_by') =~ /^(\w+)$/ ) {

diff --git a/httemplate/search/report_employee_audit.html b/httemplate/search/report_employee_audit.html
index 461849b..6008e1c 100644 (file)
--- a/httemplate/search/report_employee_audit.html
+++ b/httemplate/search/report_employee_audit.html
@@ -23,7 +23,7 @@
 <%init>
 
 die "access denied"
-  unless $FS::CurrentUser::CurrentUser->access_right('Employees: Audit Report');
+  unless $FS::CurrentUser::CurrentUser->access_right('Employee Reports');
 
 my %tables = (
     cust_pay        => 'Payments',