'Recharge customer service', #NEW
'Unprovision customer service',
'Change customer service', #NEWNEW
+ 'Edit password',
'Edit usage', #NEW
'Edit home dir', #NEW
'Edit www config', #NEW
'disabled', 'char', 'NULL', 1, '', '',
'preserve', 'char', 'NULL', 1, '', '',
'selfservice_access', 'varchar', 'NULL', $char_d, '', '',
+ 'restrict_edit_password','char', 'NULL', 1, '', '',
],
'primary_key' => 'svcpart',
'unique' => [],
'cgp_sendmdnmode', 'varchar', 'NULL', $char_d, '', '',#SendMDNMode
#mail
#XXX RPOP settings
+ #
],
'primary_key' => 'svcnum',
#'unique' => [ [ 'username', 'domsvc' ] ],
'Edit customer contacts',
],
+ 'Provision customer service' => [ 'Edit password' ],
+
;
foreach my $old_acl ( keys %onetime ) {
=item preserve - Preserve after cancellation, empty or 'Y'
+=item selfservice_access - Access allowed to the service via self-service:
+empty for full access, "readonly" for read-only, "hidden" to hide it entirely
+
+=item restrict_edit_password - Require the "Provision customer service" access
+right to change the password field, rather than just "Edit password". Only
+relevant to svc_acct for now.
+
=back
=head1 METHODS
|| $self->ut_enum('disabled', [ '', 'Y' ] )
|| $self->ut_enum('preserve', [ '', 'Y' ] )
|| $self->ut_enum('selfservice_access', [ '', 'hidden', 'readonly' ] )
+ || $self->ut_enum('restrict_edit_password', [ '', 'Y' ] )
;
return $error if $error;
% }
% @dfields ;
% my $rowspan = scalar(@fields) || 1;
+% $rowspan++ if $part_svc->restrict_edit_password;
% my $url = "${p}edit/part_svc.cgi?". $part_svc->svcpart;
%
% if ( $bgcolor eq $bgcolor1 ) {
% } else {
<% $value %>
-% }
+% }
</TD>
% $n1="</TR><TR>";
-% }
-%
+% } #foreach $field
+% if ( $part_svc->restrict_edit_password ) {
+ <TR>
+ <TD CLASS="grid" BGCOLOR="<% $bgcolor %>" COLSPAN=4 ALIGN="left">
+ <B><% emt('Password editing restricted.') %></B>
+ </TD>
+ </TR>
+% }
</TR>
-% }
+% } #foreach $part_svc
</TABLE>
</BODY>
%
% } #foreach my $field (@fields) {
%
+% if ( $layer eq 'svc_acct' ) {
+% # eww, more ugly special-caseyness
+% $html .=
+% '<TR><TD COLSPAN=3 ALIGN="right">'.
+% emt('Require "Provision" access right to edit password').
+% '</TD><TD>'.
+% '<INPUT TYPE="checkbox" NAME="restrict_edit_password" VALUE="Y"'.
+% ($part_svc->restrict_edit_password ? ' CHECKED' : '').
+% '></TD></TR>';
+% } else {
+% $html .=
+% '<INPUT TYPE="hidden" NAME="restrict_edit_password" VALUE="">';
+% }
+%
% $part_svc->svcpart('') if $clone; #undone
% $html .= "</TABLE>";
%
% $html .= include('/elements/progress-init.html',
% $layer, #form name
% [ qw(svc svcpart selfservice_access disabled preserve
-% exportnum),
+% exportnum restrict_edit_password),
% @fields ],
% 'process/part_svc.cgi',
% $p.'browse/part_svc.cgi',
%}
<%init>
-die 'access deined'
+die 'access denied'
unless $FS::CurrentUser::CurrentUser->access_right('Change customer service');
my $svcnum = $cgi->param('svcnum');
<BR>
% }
-<SCRIPT TYPE="text/javascript">
-function randomPass() {
- var i=0;
- var pw_set='<% join('', 'a'..'z', 'A'..'Z', '0'..'9' ) %>';
- var pass='';
- while(i < 8) {
- i++;
- pass += pw_set.charAt(Math.floor(Math.random() * pw_set.length));
- }
- document.OneTrueForm.clear_password.value = pass;
-}
-</SCRIPT>
-
<FORM NAME="OneTrueForm" ACTION="<% $p1 %>process/svc_acct.cgi" METHOD=POST>
<INPUT TYPE="hidden" NAME="svcnum" VALUE="<% $svcnum %>">
<INPUT TYPE="hidden" NAME="pkgnum" VALUE="<% $pkgnum %>">
%if ( $part_svc->part_svc_column('_password')->columnflag ne 'F' ) {
<TR>
+% #XXX eventually should require "Edit Password" ACL
<TD ALIGN="right"><% mt('Password') |h %></TD>
<TD>
- <INPUT TYPE="text" NAME="clear_password" VALUE="<% $password %>" SIZE=<% $pmax2 %> MAXLENGTH=<% $pmax %>>
- <INPUT TYPE="button" VALUE="<% mt('Generate') |h %>" onclick="randomPass();">
+ <INPUT TYPE="text" ID="clear_password" NAME="clear_password" VALUE="<% $password %>" SIZE=<% $pmax2 %> MAXLENGTH=<% $pmax %>>
+ <& /elements/random_pass.html, 'clear_password' &>
</TD>
</TR>
%}else{
<%init>
my $curuser = $FS::CurrentUser::CurrentUser;
-die "access denied" unless $curuser->access_right('Edit password');
$cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum";
my $svcnum = $1;
my $svc_acct = FS::svc_acct->by_key($svcnum)
or die "svc_acct $svcnum not found";
+my $part_svc = $svc_acct->part_svc;
+die "access denied" unless (
+ $curuser->access_right('Provision customer service') or
+ ( $curuser->access_right('Edit password') and
+ ! $part_svc->restrict_edit_password )
+ );
my $error = $svc_acct->set_password($cgi->param('password'))
|| $svc_acct->replace;
<% mt('Service #') |h %><B><% $svcnum %></B>
% my $url = $opt{'edit_url'} || $p. 'edit/'. $opt{'table'}. '.cgi?';
-| <& /view/elements/svc_edit_link.html, 'svc' => $svc_x &>
+<& /view/elements/svc_edit_link.html, 'svc' => $svc_x &>
<BR>
<% ntable("#cccccc") %><TR><TD><% ntable("#cccccc",2) %>
window.location.href = '<% $cancel_url %>';
}
</SCRIPT>
-<A HREF="<% $edit_url %>"><% mt("Edit this [_1]", $label) |h %></A> |
-<A HREF="javascript:areyousure_delete()"><% mt('Unprovision this Service') |h %></A>
+% if ( $curuser->access_right('Provision customer service') ) {
+| <A HREF="<% $edit_url %>"><% mt("Edit this [_1]", $label) |h %></A>
+% }
+% if ( $curuser->access_right('Unprovision customer service') ) {
+| <A HREF="javascript:areyousure_delete()"><% mt('Unprovision this Service') |h %></A>
+% }
% }
<%init>
my %opt = @_;
my $cust_svc = $svc_x->cust_svc; # always exists
my $cancel_date = $cust_svc->pkg_cancel_date;
my ($label) = $cust_svc->label;
+my $curuser = $FS::CurrentUser::CurrentUser;
</%init>
&>
<% mt('Service #') |h %><B><% $svcnum %></B>
-|
<& /view/elements/svc_edit_link.html, 'svc' => $svc_acct &>
<& svc_acct/change_svc.html,
'part_svc' => \@part_svc,
my $addl_from = ' LEFT JOIN cust_svc USING ( svcnum ) '.
' LEFT JOIN cust_pkg USING ( pkgnum ) '.
' LEFT JOIN cust_main USING ( custnum ) ';
-
-my($query) = $cgi->keywords;
+my $query;
+if ( $cgi->keywords ) {
+ ($query) = $cgi->keywords;
+} else {
+ $query = $cgi->param('svcnum');
+}
$query =~ /^(\d+)$/;
my $svcnum = $1;
my $svc_acct = qsearchs({
% if ( $password =~ /^\*\w+\* (.*)$/ ) {
% $password = $1;
% $show_pw .= '<I>('. mt('login disabled') .')</I> ';
-% }
+% }
% if ( ! $password
% && $svc_acct->_password_encryption ne 'plain'
% && $svc_acct->_password
% {
% $show_pw .= '<I>('. uc($svc_acct->_password_encryption). ' '.mt('encrypted').')</I>';
% } elsif ( $conf->exists('showpasswords') ) {
-% $show_pw .= '<PRE>'. encode_entities($password). '</PRE>';
+% $show_pw .= '<SPAN >'. encode_entities($password). '</PRE>';
% } else {
+% $password = '';
% $show_pw .= '<I>('. mt('hidden') .')</I>';
-% }
-% $password = '';
-<& /view/elements/tr.html, label=>mt('Password'), value=>$show_pw &>
-
+% }
+<TR>
+ <TD ALIGN="right"><% mt('Password') %></TD>
+ <TD STYLE="background-color: #ffffff; white-space: nowrap">
+ <% $show_pw %>
+% my $curuser = $FS::CurrentUser::CurrentUser;
+% if ( $curuser->access_right('Provision customer service') or
+% ($curuser->access_right('Edit password') and
+% ! $part_svc->restrict_edit_password) )
+% {
+ <& /elements/change_password.html,
+ 'svc_acct' => $svc_acct,
+ 'curr_value' => $password,
+ &>
+% }
+ </TD>
+</TR>
% if ( $conf->exists('security_phrase') ) {
<& /view/elements/tr.html, label=>mt('Security phrase'), value=>$svc_acct->sec_phrase &>