add separate "Edit customer tax exemptions" access right, RT#21416

diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm
index 6967179..78e6090 100644 (file)
--- a/FS/FS/AccessRight.pm
+++ b/FS/FS/AccessRight.pm
@@ -182,6 +182,7 @@ tie my %rights, 'Tie::IxHash',
     'Resend invoices', #NEWNEW
     'Delete invoices', #new, but no need to phase in
     'View customer tax exemptions', #yow
+    'Edit customer tax exemptions', #NEWNEW
     'Add customer tax adjustment', #new, but no need to phase in
     'View customer batched payments', #NEW
     'View customer pending payments', #NEW

diff --git a/FS/FS/access_right.pm b/FS/FS/access_right.pm
index 3562ae2..4cf12d8 100644 (file)
--- a/FS/FS/access_right.pm
+++ b/FS/FS/access_right.pm
@@ -193,6 +193,8 @@ sub _upgrade_data { # class method
     'Suspend customer package'            => 'Suspend customer',
     'Unsuspend customer package'          => 'Unsuspend customer',
     'Post credit'                         => 'Credit line items',
+    #'View customer tax exemptions'        => 'Edit customer tax exemptions',
+    'Edit customer'                       => 'Edit customer tax exemptions',
 
     'List services'    => [ 'Services: Accounts',
                             'Services: Domains',

diff --git a/httemplate/edit/cust_main/billing.html b/httemplate/edit/cust_main/billing.html
index 4363f2c..fc9fa48 100644 (file)
--- a/httemplate/edit/cust_main/billing.html
+++ b/httemplate/edit/cust_main/billing.html
@@ -444,9 +444,12 @@
 
     <TR><TD>&nbsp;</TD></TR>
 
+%   my $curuser = $FS::CurrentUser::CurrentUser;
 %   my @exempt_groups = grep /\S/, $conf->config('tax-cust_exempt-groups');
-
-%   if ( $conf->exists('tax-cust_exempt-groups-require_individual_nums') ) {
+%   if (    $conf->exists('tax-cust_exempt-groups-require_individual_nums')
+%        || ! $curuser->access_right('Edit customer tax exemptions')
+%      )
+%   {
 
       <INPUT TYPE="hidden" NAME="tax" VALUE="<% $cust_main->tax eq 'Y' ? 'Y' : '' %>">
 
@@ -458,14 +461,16 @@
 
 %   }
 
-%   foreach my $exempt_group ( @exempt_groups ) {
-%     my $cust_main_exemption = $cust_main->tax_exemption($exempt_group);
-%     #escape $exempt_group for NAME etc.
-%     my $checked = ($cust_main_exemption || $cgi->param("tax_$exempt_group"));
-      <TR>
-        <TD>&nbsp;&nbsp;<INPUT TYPE="checkbox" NAME="tax_<% $exempt_group %>" ID="tax_<% $exempt_group %>" VALUE="Y" <% $checked ? 'CHECKED' : '' %> onChange="tax_changed(this)"> Tax Exempt (<% $exempt_group %> taxes)</TD>
-        <TD> - Exemption number <INPUT TYPE="text" NAME="tax_<% $exempt_group %>_num" ID="tax_<% $exempt_group %>_num" VALUE="<% $cgi->param("tax_$exempt_group".'_num') || ( $cust_main_exemption ? $cust_main_exemption->exempt_number : '' ) |h %>" <% $checked ? '' : 'DISABLED' %>></TD>
-      </TR>
+%   if ( $curuser->access_right('Edit customer tax exemptions') ) {
+%     foreach my $exempt_group ( @exempt_groups ) {
+%       my $cust_main_exemption = $cust_main->tax_exemption($exempt_group);
+%       #escape $exempt_group for NAME etc.
+%       my $checked = ($cust_main_exemption || $cgi->param("tax_$exempt_group"));
+        <TR>
+          <TD>&nbsp;&nbsp;<INPUT TYPE="checkbox" NAME="tax_<% $exempt_group %>" ID="tax_<% $exempt_group %>" VALUE="Y" <% $checked ? 'CHECKED' : '' %> onChange="tax_changed(this)"> Tax Exempt (<% $exempt_group %> taxes)</TD>
+          <TD> - Exemption number <INPUT TYPE="text" NAME="tax_<% $exempt_group %>_num" ID="tax_<% $exempt_group %>_num" VALUE="<% $cgi->param("tax_$exempt_group".'_num') || ( $cust_main_exemption ? $cust_main_exemption->exempt_number : '' ) |h %>" <% $checked ? '' : 'DISABLED' %>></TD>
+        </TR>
+%     }
 %   }
 
 % unless ( $conf->exists('emailinvoiceonly') ) {

diff --git a/httemplate/edit/process/cust_main.cgi b/httemplate/edit/process/cust_main.cgi
index 1ac78fe..c6c8ea1 100755 (executable)
--- a/httemplate/edit/process/cust_main.cgi
+++ b/httemplate/edit/process/cust_main.cgi
@@ -16,8 +16,8 @@ my $DEBUG = 0;
 </%once>
 <%init>
 
-die "access denied"
-  unless $FS::CurrentUser::CurrentUser->access_right('Edit customer');
+my $curuser = $FS::CurrentUser::CurrentUser;
+die "access denied" unless $curuser->access_right('Edit customer');
 
 my $conf = new FS::Conf;
 
@@ -137,9 +137,14 @@ foreach my $dfield (qw(
 $new->setfield('paid', $cgi->param('paid') )
   if $cgi->param('paid');
 
-my @exempt_groups = grep /\S/, $conf->config('tax-cust_exempt-groups');
-my @tax_exempt = grep { $cgi->param("tax_$_") eq 'Y' } @exempt_groups;
-my %tax_exempt = map { $_ => scalar($cgi->param("tax_$_".'_num')) } @tax_exempt;
+my %options = ();
+if ( $curuser->access_right('Edit customer tax exemptions') ) { 
+  my @exempt_groups = grep /\S/, $conf->config('tax-cust_exempt-groups');
+  my @tax_exempt = grep { $cgi->param("tax_$_") eq 'Y' } @exempt_groups;
+  $options{'tax_exemption'} = {
+    map { $_ => scalar($cgi->param("tax_$_".'_num')) } @tax_exempt
+  };
+}
 
 #perhaps this stuff should go to cust_main.pm
 if ( $new->custnum eq '' or $duplicate_of ) {
@@ -247,8 +252,8 @@ if ( $new->custnum eq '' or $duplicate_of ) {
   else {
     # create the customer
     $error ||= $new->insert( \%hash, \@invoicing_list,
-                           'tax_exemption'=> \%tax_exempt,
-                           'prospectnum'  => scalar($cgi->param('prospectnum')),
+                             %options,
+                             prospectnum => scalar($cgi->param('prospectnum')),
                            );
 
     my $conf = new FS::Conf;
@@ -305,7 +310,7 @@ if ( $new->custnum eq '' or $duplicate_of ) {
   local($FS::Record::DEBUG)    = $DEBUG if $DEBUG;
 
   $error ||= $new->replace( $old, \@invoicing_list,
-                            'tax_exemption' => \%tax_exempt,
+                            %options,
                           );
 
   warn "$me returned from replace" if $DEBUG;