ACLs

diff --git a/httemplate/view/cust_bill.cgi b/httemplate/view/cust_bill.cgi
index c5373ff..9517255 100755 (executable)
--- a/httemplate/view/cust_bill.cgi
+++ b/httemplate/view/cust_bill.cgi
@@ -1,5 +1,4 @@
 <% include("/elements/header.html",'Invoice View', menubar(
-  "Main Menu" => $p,
   "View this customer (#$custnum)" => "${p}view/cust_main.cgi?$custnum",
 )) %>
 

diff --git a/httemplate/view/cust_main/payment_history.html b/httemplate/view/cust_main/payment_history.html
index 5af34c0..19332f3 100644 (file)
--- a/httemplate/view/cust_main/payment_history.html
+++ b/httemplate/view/cust_main/payment_history.html
@@ -126,10 +126,12 @@
 %    #completely unapplied
 %    $pre = '<B><FONT COLOR="#FF0000">Unapplied ';
 %    $post = '</FONT></B>';
-%    $apply = qq! (<A HREF="javascript:void(0);" onClick="overlib( OLiframeContent('${p}edit/cust_bill_pay.cgi?!.
-%             $cust_pay->paynum.
-%             qq!', 392, 336, 'cust_bill_pay_popup' ), CAPTION, 'Apply payment', STICKY, AUTOSTATUSCAP, MIDX, 0, MIDY, 0, DRAGGABLE, CLOSECLICK ); return false;">apply</A>)!;
-%
+%    if ( $curuser->access_right('Apply payment') # ) {
+%         || $curuser->access_right('Post payment') ) { #remove after 1.7.3
+%      $apply = qq! (<A HREF="javascript:void(0);" onClick="overlib( OLiframeContent('${p}edit/cust_bill_pay.cgi?!.
+%               $cust_pay->paynum.
+%               qq!', 392, 336, 'cust_bill_pay_popup' ), CAPTION, 'Apply payment', STICKY, AUTOSTATUSCAP, MIDX, 0, MIDY, 0, DRAGGABLE, CLOSECLICK ); return false;">apply</A>)!;
+%    }
 %  } elsif (    scalar(@cust_bill_pay)   == 1
 %            && scalar(@cust_pay_refund) == 0
 %            && $cust_pay->unapplied == 0     ) {
@@ -163,11 +165,14 @@
 %    if ( $cust_pay->unapplied > 0 ) {
 %      $desc .= '&nbsp;&nbsp;'.
 %               '<B><FONT COLOR="#FF0000">$'.
-%               $cust_pay->unapplied. ' unapplied</FONT></B>'.
-%               qq! (<A HREF="javascript:void(0);" onClick="overlib( OLiframeContent('${p}edit/cust_bill_pay.cgi?!.
-%               $cust_pay->paynum. 
-%               qq!', 392, 336, 'cust_bill_pay_popup' ), CAPTION, 'Apply payment', STICKY, AUTOSTATUSCAP, MIDX, 0, MIDY, 0, DRAGGABLE, CLOSECLICK ); return false;">apply</A>)!.
-%               '<BR>';
+%               $cust_pay->unapplied. ' unapplied</FONT></B>';
+%      if ( $curuser->access_right('Apply payment') # ) {
+%           || $curuser->access_right('Post payment') ) { #remove after 1.7.3
+%        $desc .= qq! (<A HREF="javascript:void(0);" onClick="overlib( OLiframeContent('${p}edit/cust_bill_pay.cgi?!.
+%                 $cust_pay->paynum. 
+%                 qq!', 392, 336, 'cust_bill_pay_popup' ), CAPTION, 'Apply payment', STICKY, AUTOSTATUSCAP, MIDX, 0, MIDY, 0, DRAGGABLE, CLOSECLICK ); return false;">apply</A>)!;
+%      }
+%      $desc .= '<BR>';
 %    }
 %  }
 %
@@ -301,9 +306,12 @@
 %    #completely unapplied
 %    $pre = '<B><FONT COLOR="#FF0000">Unapplied ';
 %    $post = '</FONT></B>';
-%    $apply = qq! (<A HREF="javascript:void(0);" onClick="overlib( OLiframeContent('${p}edit/cust_credit_bill.cgi?!.
-%             $cust_credit->crednum.
-%             qq!', 392, 336, 'cust_credit_bill_popup' ), CAPTION, 'Apply credit', STICKY, AUTOSTATUSCAP, MIDX, 0, MIDY, 0, DRAGGABLE, CLOSECLICK ); return false;">apply</A>)!;
+%    if ( $curuser->access_right('Apply credit') # ) {
+%         || $curuser->access_right('Post credit') ) { #remove after 1.7.3
+%      $apply = qq! (<A HREF="javascript:void(0);" onClick="overlib( OLiframeContent('${p}edit/cust_credit_bill.cgi?!.
+%               $cust_credit->crednum.
+%               qq!', 392, 336, 'cust_credit_bill_popup' ), CAPTION, 'Apply credit', STICKY, AUTOSTATUSCAP, MIDX, 0, MIDY, 0, DRAGGABLE, CLOSECLICK ); return false;">apply</A>)!;
+%    }
 %  } elsif (    scalar(@cust_credit_bill)   == 1
 %            && scalar(@cust_credit_refund) == 0
 %            && $cust_credit->credited == 0      ) {
@@ -336,11 +344,14 @@
 %    }
 %    if ( $cust_credit->credited > 0 ) {
 %      $desc .= '&nbsp;&nbsp;<B><FONT COLOR="#FF0000">$'.
-%               $cust_credit->credited. ' unapplied</FONT></B>'.
-%               qq! (<A HREF="javascript:void(0);" onClick="overlib( OLiframeContent('${p}edit/cust_credit_bill.cgi?!.
-%               $cust_credit->crednum.
-%               qq!', 392, 336, 'cust_credit_bill_popup' ), CAPTION, 'Apply credit', STICKY, AUTOSTATUSCAP, MIDX, 0, MIDY, 0, DRAGGABLE, CLOSECLICK ); return false;">apply</A>)!.
-%               '<BR>';
+%               $cust_credit->credited. ' unapplied</FONT></B>';
+%      if ( $curuser->access_right('Apply credit') # ) {
+%           || $curuser->access_right('Post credit') ) { #remove after 1.7.3
+%        $desc .= qq! (<A HREF="javascript:void(0);" onClick="overlib( OLiframeContent('${p}edit/cust_credit_bill.cgi?!.
+%                 $cust_credit->crednum.
+%                 qq!', 392, 336, 'cust_credit_bill_popup' ), CAPTION, 'Apply credit', STICKY, AUTOSTATUSCAP, MIDX, 0, MIDY, 0, DRAGGABLE, CLOSECLICK ); return false;">apply</A>)!;
+%      }
+%      $desc .= '<BR>';
 %    }
 %  }
 %#

diff --git a/httemplate/view/elements/svc_Common.html b/httemplate/view/elements/svc_Common.html
index f5b65ac..0500248 100644 (file)
--- a/httemplate/view/elements/svc_Common.html
+++ b/httemplate/view/elements/svc_Common.html
@@ -90,8 +90,7 @@ Service #<B><% $svcnum %></B>
 <%init>
 
 die "access denied"
-  unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
-      || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
+  unless $FS::CurrentUser::CurrentUser->access_right('View customer services');
 
 my(%opt) = @_;
 

diff --git a/httemplate/view/svc_acct.cgi b/httemplate/view/svc_acct.cgi
index d764afe..e6d2b69 100755 (executable)
--- a/httemplate/view/svc_acct.cgi
+++ b/httemplate/view/svc_acct.cgi
@@ -90,38 +90,42 @@
   </TD></TR></TABLE><BR>
 % } 
 
-
-<SCRIPT TYPE="text/javascript">
-function enable_change () {
-  if ( document.OneTrueForm.svcpart.selectedIndex > 1 ) {
-    document.OneTrueForm.submit.disabled = false;
-  } else {
-    document.OneTrueForm.submit.disabled = true;
-  }
-}
-</SCRIPT>
-<FORM NAME="OneTrueForm" ACTION="<%$p%>edit/process/cust_svc.cgi">
-<INPUT TYPE="hidden" NAME="svcnum" VALUE="<% $svcnum %>">
-<INPUT TYPE="hidden" NAME="pkgnum" VALUE="<% $pkgnum %>">
-% #print qq!<BR><A HREF="../misc/sendconfig.cgi?$svcnum">Send account information</A>!; 
+% my @part_svc = ();
+% if ($FS::CurrentUser::CurrentUser->access_right('Change customer service')) {
+
+    <SCRIPT TYPE="text/javascript">
+      function enable_change () {
+        if ( document.OneTrueForm.svcpart.selectedIndex > 1 ) {
+          document.OneTrueForm.submit.disabled = false;
+        } else {
+          document.OneTrueForm.submit.disabled = true;
+        }
+      }
+    </SCRIPT>
+
+    <FORM NAME="OneTrueForm" ACTION="<%$p%>edit/process/cust_svc.cgi">
+    <INPUT TYPE="hidden" NAME="svcnum" VALUE="<% $svcnum %>">
+    <INPUT TYPE="hidden" NAME="pkgnum" VALUE="<% $pkgnum %>">
+
+%   #print qq!<BR><A HREF="../misc/sendconfig.cgi?$svcnum">Send account information</A>!; 
 % 
-%  my @part_svc = ();
-%  if ( $pkgnum ) { 
-%    @part_svc = grep {    $_->svcdb   eq 'svc_acct'
-%                       && $_->svcpart != $part_svc->svcpart }
-%                $cust_pkg->available_part_svc;
-%  } else {
-%    @part_svc = qsearch('part_svc', {
-%      svcdb    => 'svc_acct',
-%      disabled => '',
-%      svcpart  => { op=>'!=', value=>$part_svc->svcpart },
-%    } );
-%  }
+%   if ( $pkgnum ) { 
+%     @part_svc = grep {    $_->svcdb   eq 'svc_acct'
+%                        && $_->svcpart != $part_svc->svcpart }
+%                 $cust_pkg->available_part_svc;
+%   } else {
+%     @part_svc = qsearch('part_svc', {
+%       svcdb    => 'svc_acct',
+%       disabled => '',
+%       svcpart  => { op=>'!=', value=>$part_svc->svcpart },
+%     } );
+%   }
 %
-
+% }
 
 Service #<B><% $svcnum %></B>
 | <A HREF="<%$p%>edit/svc_acct.cgi?<%$svcnum%>">Edit this service</A>
+
 % if ( @part_svc ) { 
 
 | <SELECT NAME="svcpart" onChange="enable_change()">
@@ -134,6 +138,7 @@ Service #<B><% $svcnum %></B>
 
   </SELECT>
   <INPUT NAME="submit" TYPE="submit" VALUE="Change" disabled>
+
 % } 
 
 
@@ -330,8 +335,7 @@ Service #<B><% $svcnum %></B>
 <%init>
 
 die "access denied"
-  unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
-      || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
+  unless $FS::CurrentUser::CurrentUser->access_right('View customer services');
 
 my $conf = new FS::Conf;
 

diff --git a/httemplate/view/svc_broadband.cgi b/httemplate/view/svc_broadband.cgi
index a76e5a3..e614fe4 100644 (file)
--- a/httemplate/view/svc_broadband.cgi
+++ b/httemplate/view/svc_broadband.cgi
@@ -4,8 +4,7 @@
       )                                                                       
     : ( "Cancel this (unaudited) website" =>
           "${p}misc/cancel-unaudited.cgi?$svcnum" )
-  ),
-  "Main menu" => $p,
+  )
 ))
 %>
 
@@ -144,8 +143,7 @@ Add router named
 <%init>
 
 die "access denied"
-  unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
-      || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
+  unless $FS::CurrentUser::CurrentUser->access_right('View customer services');
 
 my($query) = $cgi->keywords;
 $query =~ /^(\d+)$/;

diff --git a/httemplate/view/svc_domain.cgi b/httemplate/view/svc_domain.cgi
index 8653c4f..a58d75e 100755 (executable)
--- a/httemplate/view/svc_domain.cgi
+++ b/httemplate/view/svc_domain.cgi
@@ -4,14 +4,19 @@
       )
     : ( "Delete this (unaudited) domain" =>
           "javascript:areyousure('${p}misc/cancel-unaudited.cgi?$svcnum', 'Delete $domain and all records?' )" )
-  ),
-  "Main menu" => $p,
+  )
 )) %>
 
 Service #<% $svcnum %>
 <BR>Service: <B><% $part_svc->svc %></B>
 <BR>Domain name: <B><% $domain %></B>
-<BR>Catch all email <A HREF="<% ${p} %>misc/catchall.cgi?<% $svcnum %>">(change)</A>:
+<BR>Catch all email 
+% if ( $FS::CurrentUser::CurrentUser->access_right('Edit domain catchall') ) {
+    <BR>Catch all email<A HREF="<% ${p} %>misc/catchall.cgi?<% $svcnum %>">(change)</A>:
+} else {
+    <BR>Catch all email:
+% }
+
 <% $email ? "<B>$email</B>" : "<I>(none)<I>" %>
 <BR><BR><A HREF="<% ${p} %>misc/whois.cgi?custnum=<%$custnum%>;svcnum=<%$svcnum%>;domain=<%$domain%>">View whois information.</A>
 <BR><BR>
@@ -50,7 +55,9 @@ Service #<% $svcnum %>
       <td CLASS="grid" BGCOLOR="<% $bgcolor %>"><% $type %></td>
       <td CLASS="grid" BGCOLOR="<% $bgcolor %>"><% $domain_record->recdata %>
 
-% unless ( $domain_record->rectype eq 'SOA' ) { 
+% unless ( $domain_record->rectype eq 'SOA'
+%          || ! $FS::CurrentUser::CurrentUser->access_right('Edit domain nameservice')
+%        ) { 
 %   ( my $recdata = $domain_record->recdata ) =~ s/"/\\'\\'/g;
       (<A HREF="javascript:areyousure('<%$p%>misc/delete-domain_record.cgi?<%$domain_record->recnum%>', 'Delete \'<% $domain_record->reczone %> <% $type %> <% $recdata %>\' ?' )">delete</A>)
 % } 
@@ -69,42 +76,50 @@ Service #<% $svcnum %>
   </table>
 % } 
 
+% if ( $FS::CurrentUser::CurrentUser->access_right('Edit domain nameservice') ) {
+    <BR>
+    <FORM METHOD="POST" ACTION="<%$p%>edit/process/domain_record.cgi">
+      <INPUT TYPE="hidden" NAME="svcnum" VALUE="<%$svcnum%>">
+      <INPUT TYPE="text" NAME="reczone"> 
+      <INPUT TYPE="hidden" NAME="recaf" VALUE="IN"> IN 
+      <SELECT NAME="rectype">
+%       foreach (qw( A NS CNAME MX PTR TXT) ) { 
+          <OPTION VALUE="<%$_%>"><%$_%></OPTION>
+%       } 
+      </SELECT>
+      <INPUT TYPE="text" NAME="recdata">
+      <INPUT TYPE="submit" VALUE="Add record">
+    </FORM>
+
+    <BR><BR>
+    or
+    <BR><BR>
+
+    <FORM NAME="SlaveForm" METHOD="POST" ACTION="<%$p%>edit/process/domain_record.cgi">
+      <INPUT TYPE="hidden" NAME="svcnum" VALUE="<%$svcnum%>">
+%     if ( @records ) { 
+         Delete all records and 
+%     } 
+      Slave from nameserver IP 
+      <INPUT TYPE="hidden" NAME="svcnum" VALUE="<%$svcnum%>">
+      <INPUT TYPE="hidden" NAME="reczone" VALUE="@"> 
+      <INPUT TYPE="hidden" NAME="recaf" VALUE="IN">
+      <INPUT TYPE="hidden" NAME="rectype" VALUE="_mstr">
+      <INPUT TYPE="text" NAME="recdata">
+      <INPUT TYPE="submit" VALUE="Slave domain" onClick="return slave_areyousure()">
+    </FORM>
+
+% }
 
-<BR>
-<FORM METHOD="POST" ACTION="<%$p%>edit/process/domain_record.cgi">
-<INPUT TYPE="hidden" NAME="svcnum" VALUE="<%$svcnum%>">
-<INPUT TYPE="text" NAME="reczone"> 
-<INPUT TYPE="hidden" NAME="recaf" VALUE="IN"> IN 
- <SELECT NAME="rectype">
-% foreach (qw( A NS CNAME MX PTR TXT) ) { 
-
-  <OPTION VALUE="<%$_%>"><%$_%></OPTION>
-% } 
-
- </SELECT>
-<INPUT TYPE="text" NAME="recdata"> <INPUT TYPE="submit" VALUE="Add record">
-</FORM><BR><BR>or<BR><BR>
-<FORM NAME="SlaveForm" METHOD="POST" ACTION="<%$p%>edit/process/domain_record.cgi">
-<INPUT TYPE="hidden" NAME="svcnum" VALUE="<%$svcnum%>">
-% if ( @records ) { 
- Delete all records and 
-% } 
+<BR><BR>
 
-Slave from nameserver IP 
-<INPUT TYPE="hidden" NAME="svcnum" VALUE="<%$svcnum%>">
-<INPUT TYPE="hidden" NAME="reczone" VALUE="@"> 
-<INPUT TYPE="hidden" NAME="recaf" VALUE="IN">
-<INPUT TYPE="hidden" NAME="rectype" VALUE="_mstr">
-<INPUT TYPE="text" NAME="recdata"> <INPUT TYPE="submit" VALUE="Slave domain" onClick="return slave_areyousure()">
-</FORM>
-<BR><BR><% joblisting({'svcnum'=>$svcnum}, 1) %>
+<% joblisting({'svcnum'=>$svcnum}, 1) %>
 
 <% include('/elements/footer.html') %>
 <%init>
 
 die "access denied"
-  unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
-      || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
+  unless $FS::CurrentUser::CurrentUser->access_right('View customer services');
 
 my($query) = $cgi->keywords;
 $query =~ /^(\d+)$/;

diff --git a/httemplate/view/svc_external.cgi b/httemplate/view/svc_external.cgi
index b87166a..553d236 100644 (file)
--- a/httemplate/view/svc_external.cgi
+++ b/httemplate/view/svc_external.cgi
@@ -5,7 +5,6 @@
     : ( "Cancel this (unaudited) external service" =>
           "${p}misc/cancel-unaudited.cgi?$svcnum" )
   ),
-  "Main menu" => $p,
 )) %>
 
 <A HREF="<%$p%>edit/svc_external.cgi?<%$svcnum%>">Edit this information</A><BR>
@@ -30,8 +29,7 @@
 <%init>
 
 die "access denied"
-  unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
-      || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
+  unless $FS::CurrentUser::CurrentUser->access_right('View customer services');
 
 my($query) = $cgi->keywords;
 $query =~ /^(\d+)$/;

diff --git a/httemplate/view/svc_forward.cgi b/httemplate/view/svc_forward.cgi
index 487ebb2..7451477 100755 (executable)
--- a/httemplate/view/svc_forward.cgi
+++ b/httemplate/view/svc_forward.cgi
@@ -1,6 +1,5 @@
 % die "access denied"
-% unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
-%     || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
+%   unless $FS::CurrentUser::CurrentUser->access_right('View customer services');
 %
 %my $conf = new FS::Conf;
 %
@@ -38,8 +37,7 @@
 %      )
 %    : ( "Cancel this (unaudited) mail forward" =>
 %          "${p}misc/cancel-unaudited.cgi?$svcnum" )
-%  ),
-%  "Main menu" => $p,
+%  )
 %));
 %
 %my($srcsvc,$dstsvc,$dst) = (

diff --git a/httemplate/view/svc_www.cgi b/httemplate/view/svc_www.cgi
index 37f1864..d6d458c 100644 (file)
--- a/httemplate/view/svc_www.cgi
+++ b/httemplate/view/svc_www.cgi
@@ -1,6 +1,5 @@
 % die "access denied"
-% unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
-%     || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
+% unless $FS::CurrentUser::CurrentUser->access_right('View customer services');
 %
 %my($query) = $cgi->keywords;
 %$query =~ /^(\d+)$/;