From: Ivan Kohler Date: Wed, 16 May 2012 01:25:37 +0000 (-0700) Subject: read only access to message templates, RT#1`7477 X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=commitdiff_plain;h=49fc33db77d202f175a4d8a33e3eab1e52080a4d read only access to message templates, RT#1`7477 --- diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm index 914724cc3..bcf3f64c8 100644 --- a/FS/FS/AccessRight.pm +++ b/FS/FS/AccessRight.pm @@ -330,6 +330,8 @@ tie my %rights, 'Tie::IxHash', 'Edit billing events', { rightname=>'Edit global billing events', global=>1 }, + 'View templates', + { rightname=>'View global templates', global=>1 }, 'Edit templates', { rightname=>'Edit global templates', global=>1 }, diff --git a/httemplate/browse/msg_template.html b/httemplate/browse/msg_template.html index 8a6ccf741..50afc283e 100644 --- a/httemplate/browse/msg_template.html +++ b/httemplate/browse/msg_template.html @@ -1,29 +1,32 @@ <% include( 'elements/browse.html', 'title' => 'Message templates', 'name_singular' => 'template', - 'menubar' => [ 'Add a new template' => - $p.'edit/msg_template.html', - ], - 'query' => { 'table' => 'msg_template', }, - 'count_query' => 'SELECT COUNT(*) FROM msg_template', - 'disableable' => 1, + 'menubar' => \@menubar, + 'query' => { 'table' => 'msg_template', }, + 'count_query' => 'SELECT COUNT(*) FROM msg_template', + 'disableable' => 1, 'disabled_statuspos' => 2, 'agent_virt' => 1, - 'agent_null_right' => ['Edit global templates','Configuration'], + 'agent_null_right' => ['View global templates','Edit global templates'], 'agent_pos' => 1, - 'header' => [ 'Name', '', ('' x scalar @locales) ], - 'fields' => [ 'msgname', @locales ], - 'links' => [ $link, @locale_links ], - 'cell_style' => - [ '', '', ($locale_style) x (scalar @locales) ], + 'header' => [ 'Name', '', map '', @locales ], + 'fields' => [ 'msgname', @locales ], + 'links' => [ $link, @locale_links ], + 'cell_style' => [ '', '', map $locale_style, @locales ], ) %> <%init> +my $curuser = $FS::CurrentUser::CurrentUser; + die "access denied" - unless $FS::CurrentUser::CurrentUser->access_right('Edit templates') - || $FS::CurrentUser::CurrentUser->access_right('Edit global templates') - || $FS::CurrentUser::CurrentUser->access_right('Configuration'); + unless $curuser->access_right([ 'View templates', 'View global templates', + 'Edit templates', 'Edit global templates', ]); + +my @menubar = (); +if ( $curuser->access_right(['Edit templates', 'Edit global templates']) ) { + push @menubar, 'Add a new template' => $p.'edit/msg_template.html'; +} my $link = [ "${p}edit/msg_template.html?msgnum=", 'msgnum' ]; diff --git a/httemplate/edit/elements/edit.html b/httemplate/edit/elements/edit.html index bf4e51f8c..a24f23805 100644 --- a/httemplate/edit/elements/edit.html +++ b/httemplate/edit/elements/edit.html @@ -292,6 +292,9 @@ Example: % #& deprecated weird value hashref used only by reason.html % 'value' => $f->{'value'}, % +% #fixed +% 'noescape' => $f->{'noescape'}, +% % #select(-*) % 'options' => $f->{'options'}, % 'labels' => $f->{'labels'}, @@ -308,6 +311,7 @@ Example: % % #umm. for select-agent_types at least % 'disabled' => $f->{'disabled'}, +% 'fixed' => $f->{'fixed'}, % % #any? % 'colspan' => $f->{'colspan'}, @@ -751,13 +755,15 @@ Example:
- " - > +% unless ($opt{'no_submit'}) { + " + > +% } diff --git a/httemplate/edit/msg_template.html b/httemplate/edit/msg_template.html index 0a02f2af2..f50d66d7c 100644 --- a/httemplate/edit/msg_template.html +++ b/httemplate/edit/msg_template.html @@ -1,14 +1,57 @@ -<% include( 'elements/edit.html', - 'html_init' => '$sidebar
', - 'body_etc' => $body_etc, - 'name_singular' => 'template', - 'table' => 'msg_template', - 'viewall_dir' => 'browse', - 'agent_virt' => 1, - 'agent_null' => 1, - 'agent_null_right' => ['Edit global templates', 'Configuration'], +<& elements/edit.html, + 'html_init' => '$sidebar
', + 'body_etc' => $body_etc, + 'name_singular' => 'template', + 'table' => 'msg_template', + 'viewall_dir' => 'browse', + 'agent_virt' => 1, + 'agent_null' => 1, + 'agent_null_right' => [ 'View global templates', 'Edit global templates' ], - 'fields' => [ + 'fields' => \@fields, + 'labels' => { + 'msgnum' => 'Template', + 'agentnum' => 'Agent', + 'msgname' => 'Template name', + 'from_addr' => 'From: ', + 'bcc_addr' => 'Bcc: ', + 'locale' => 'Language', + 'subject' => 'Subject: ', + 'body' => 'Message body', + }, + 'edit_callback' => \&edit_callback, + 'error_callback' => \&edit_callback, + 'html_bottom' => '', + 'html_foot' => ( $no_submit ? '' : "
" ), + 'no_submit' => $no_submit, +&> +<%init> + +my $curuser = $FS::CurrentUser::CurrentUser; + +die "access denied" + unless $curuser->access_right([ 'View templates', 'View global templates', + 'Edit templates', 'Edit global templates', + ]); + +my $body_etc = ''; +$body_etc = q!onload="document.getElementById('locale').onchange()"! + if $cgi->param('locale') eq 'new'; + +my $msgnum = $cgi->param('msgnum'); +my $msg_template = $msgnum ? qsearchs('msg_template', {msgnum=>$msgnum}) : ''; + +my $no_submit = 0; +my @fields = (); +if ( $curuser->access_right('Edit global templates') + || ( $curuser->access_right('Edit templates') + && $msg_template + && $msg_template->agentnum + && $curuser->agentnums_href->{$msg_template->agentnum} + ) + ) +{ + push @fields, { field => 'agentnum', type => 'select-agent', }, @@ -25,33 +68,32 @@ type => 'htmlarea', width => 763 }, - ], - 'labels' => { - 'msgnum' => 'Template', - 'agentnum' => 'Agent', - 'msgname' => 'Template name', - 'from_addr' => 'From: ', - 'bcc_addr' => 'Bcc: ', - 'locale' => 'Language', - 'subject' => 'Subject: ', - 'body' => 'Message body', - }, - 'edit_callback' => \&edit_callback, - 'error_callback' => \&edit_callback, - 'html_bottom' => '', - 'html_foot' => "
", - ) - %> -<%init> + ; +} else { #readonly -die "access denied" - unless $FS::CurrentUser::CurrentUser->access_right('Edit templates') - || $FS::CurrentUser::CurrentUser->access_right('Edit global templates') - || $FS::CurrentUser::CurrentUser->access_right('Configuration'); + $no_submit = 1; -my $body_etc = ''; -$body_etc = q!onload="document.getElementById('locale').onchange()"! - if $cgi->param('locale') eq 'new'; + push @fields, + { field => 'agentnum', + type => 'select-agent', + fixed => 1, + }, + { field => 'msgname', type => 'fixed', }, + { field => 'from_addr', type => 'fixed', }, + { field => 'bcc_addr', type => 'fixed', }, + { type => 'tablebreak-tabs', + include_opt_callback => \&menubar_opt_callback, + }, + # template_content fields + { field => 'locale', type => 'hidden' }, + { field => 'subject', type => 'fixed', }, + { field => 'body', + type => 'fixed', + noescape => 1, + }, + ; + +} sub new_callback { my ($cgi, $object, $fields_listref, $opt_hashref) = @_; diff --git a/httemplate/edit/process/msg_template.html b/httemplate/edit/process/msg_template.html index 47fe978a8..b19f5c542 100644 --- a/httemplate/edit/process/msg_template.html +++ b/httemplate/edit/process/msg_template.html @@ -9,9 +9,7 @@ %> <%init> die "access denied" - unless $FS::CurrentUser::CurrentUser->access_right('Edit templates') - || $FS::CurrentUser::CurrentUser->access_right('Edit global templates') - || $FS::CurrentUser::CurrentUser->access_right('Configuration'); + unless $FS::CurrentUser::CurrentUser->access_right(['Edit templates','Edit global templates']); sub precheck_callback { my $cgi = shift; diff --git a/httemplate/elements/menu.html b/httemplate/elements/menu.html index fcc17eaa2..cf79af9d5 100644 --- a/httemplate/elements/menu.html +++ b/httemplate/elements/menu.html @@ -532,7 +532,7 @@ $config_billing{'Billing events'} = [ $fsurl.'browse/part_event.html', 'Billing || $curuser->access_right('Edit global billing events'); if ( $curuser->access_right('Configuration') ) { #$config_billing{'Invoice events'} = [ $fsurl.'browse/part_bill_event.cgi', 'Deprecated, old-style actions for overdue invoices' ]; - $config_billing{'Invoice templates'} = [ $fsurl.'browse/invoice_template.html', 'Edit templates for HTML, plaintext and typeset invoices' ]; +#this doesn't work right# $config_billing{'Invoice templates'} = [ $fsurl.'browse/invoice_template.html', 'Edit templates for HTML, plaintext and typeset invoices' ]; $config_billing{'Prepaid cards'} = [ $fsurl.'search/prepay_credit.html', 'View outstanding cards, generate new cards' ]; $config_billing{'Call rates and regions'} = [ \%config_billing_rates, 'Manage rate plans, regions and prefixes for VoIP and call billing' ]; @@ -565,9 +565,8 @@ tie my %config_nms, 'Tie::IxHash', tie my %config_misc, 'Tie::IxHash'; $config_misc{'Message templates'} = [ $fsurl.'browse/msg_template.html', 'Templates for customer notices' ] - if $curuser->access_right('Edit templates') - || $curuser->access_right('Edit global templates') - || $curuser->access_right('Configuration'); + if $curuser->access_right(['View templates', 'View global templates', + 'Edit templates', 'Edit global templates', ]); $config_misc{'Advertising sources'} = [ $fsurl.'browse/part_referral.html', 'Where a customer heard about your service.' ] if $curuser->access_right('Edit advertising sources') || $curuser->access_right('Edit global advertising sources'); diff --git a/httemplate/elements/tr-fixed.html b/httemplate/elements/tr-fixed.html index f358343dd..dd07d90b6 100644 --- a/httemplate/elements/tr-fixed.html +++ b/httemplate/elements/tr-fixed.html @@ -13,13 +13,15 @@ my %opt = @_; my $style = $opt{'cell_style'} ? 'STYLE="'. $opt{'cell_style'}. '"' : ''; my $value = $opt{'formatted_value'} || $opt{'curr_value'} || $opt{'value'}; -#compatibility with select-table and friends -if ( $opt{'multiple'} ) { - $value = [ split(/\s*,\s*/, $value) ] if !ref $value; - $value = join('
', map {encode_entities($_)} @$value); -} -else { - $value = encode_entities($value) + +unless ( $opt{'noescape'} ) { + #compatibility with select-table and friends + if ( $opt{'multiple'} ) { + $value = [ split(/\s*,\s*/, $value) ] if !ref $value; + $value = join('
', map {encode_entities($_)} @$value); + } else { + $value = encode_entities($value) + } } diff --git a/httemplate/elements/tr-select-agent.html b/httemplate/elements/tr-select-agent.html index ce03c40f5..321bd6b32 100644 --- a/httemplate/elements/tr-select-agent.html +++ b/httemplate/elements/tr-select-agent.html @@ -22,7 +22,7 @@ Example: ); -% if ( scalar(@agents) == 1 ) { +% if ( scalar(@agents) == 1 || $opt{'fixed'} ) { -%# YUCK. empty row so we don't throw g_row in edit.html off :/ - - +% if ( scalar(@agents) != 1 ) { + + <% $opt{'label'} || emt('Agent') %> + > +% my $agent = qsearchs('agent', { 'agentnum' => $agentnum }); + <% $agent ? $agent->agent : '(all)' |h %> + + + +% } else { # YUCK. empty row so we don't throw g_row in edit.html off :/ + + +% } +% % } else {