From 1df8ca6e580bffa11c412b8ae59cd98028ed6470 Mon Sep 17 00:00:00 2001
From: Ivan Kohler <ivan@freeside.biz>
Date: Sat, 19 Jan 2013 18:35:39 -0800
Subject: [PATCH] add separate ACL for line item crediting, RT#18676

---
 FS/FS/AccessRight.pm                                       |  1 +
 FS/FS/access_right.pm                                      |  1 +
 httemplate/edit/credit-cust_bill_pkg.html                  |  2 +-
 httemplate/edit/process/credit-cust_bill_pkg.html          |  2 +-
 httemplate/misc/xmlhttp-cust_bill_pkg-calculate_taxes.html |  2 +-
 httemplate/view/cust_main/payment_history.html             | 14 +++++++++-----
 6 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm
index 66624e179..0148462a6 100644
--- a/FS/FS/AccessRight.pm
+++ b/FS/FS/AccessRight.pm
@@ -212,6 +212,7 @@ tie my %rights, 'Tie::IxHash',
   ###
   'Customer credit and refund rights' => [
     'Post credit',
+    'Credit line items', #NEWNEWNEW
     'Apply credit', #NEWNEW
     { rightname=>'Unapply credit', desc=>'Enable "unapplication" of unclosed credits.' }, #aka unapplycredits
     { rightname=>'Delete credit', desc=>'Enable deletion of unclosed credits. Be very careful!  Only delete credits that were data-entry errors, not adjustments.' }, #aka. deletecredits Optionally specify one or more comma-separated email addresses to be notified when a credit is deleted.
diff --git a/FS/FS/access_right.pm b/FS/FS/access_right.pm
index 397b456ce..126274a2a 100644
--- a/FS/FS/access_right.pm
+++ b/FS/FS/access_right.pm
@@ -198,6 +198,7 @@ sub _upgrade_data { # class method
     'New prospect'                        => 'Generate quotation',
     'Delete invoices'                     => 'Void invoices',
     'List invoices'                       => 'List quotations',
+    'Post credit'                         => 'Credit line items',
 
     'List services'    => [ 'Services: Accounts',
                             'Services: Domains',
diff --git a/httemplate/edit/credit-cust_bill_pkg.html b/httemplate/edit/credit-cust_bill_pkg.html
index e5c56ae4c..a5ecb69e3 100644
--- a/httemplate/edit/credit-cust_bill_pkg.html
+++ b/httemplate/edit/credit-cust_bill_pkg.html
@@ -245,7 +245,7 @@ function calc_total(what) {
 <%init>
 
 my $curuser = $FS::CurrentUser::CurrentUser;
-die "access denied" unless $curuser->access_right('Post credit');
+die "access denied" unless $curuser->access_right('Credit line items');
 
 #a tiny bit of false laziness w/search/cust_bill_pkg.cgi, but we're pretty
 # specialized and a piece of UI, not a report
diff --git a/httemplate/edit/process/credit-cust_bill_pkg.html b/httemplate/edit/process/credit-cust_bill_pkg.html
index cbcf619ca..8e66368d4 100644
--- a/httemplate/edit/process/credit-cust_bill_pkg.html
+++ b/httemplate/edit/process/credit-cust_bill_pkg.html
@@ -10,7 +10,7 @@
 <%init>
 
 die "access denied"
-  unless $FS::CurrentUser::CurrentUser->access_right('Post credit');
+  unless $FS::CurrentUser::CurrentUser->access_right('Credit line items');
 
 my @billpkgnum_setuprecurs =
   map { $_ =~ /^billpkgnum(\d+\-\w*)$/ or die 'gm#23'; $1; } 
diff --git a/httemplate/misc/xmlhttp-cust_bill_pkg-calculate_taxes.html b/httemplate/misc/xmlhttp-cust_bill_pkg-calculate_taxes.html
index 993504619..f618d55ba 100644
--- a/httemplate/misc/xmlhttp-cust_bill_pkg-calculate_taxes.html
+++ b/httemplate/misc/xmlhttp-cust_bill_pkg-calculate_taxes.html
@@ -2,7 +2,7 @@
 <%init>
 
 my $curuser = $FS::CurrentUser::CurrentUser;
-die "access denied" unless $curuser->access_right('Post credit');
+die "access denied" unless $curuser->access_right('Credit line items');
 
 my $DEBUG = 0;
 
diff --git a/httemplate/view/cust_main/payment_history.html b/httemplate/view/cust_main/payment_history.html
index 942b42f54..8745cac87 100644
--- a/httemplate/view/cust_main/payment_history.html
+++ b/httemplate/view/cust_main/payment_history.html
@@ -34,7 +34,7 @@
   <A HREF="<% $p %>edit/cust_pay.cgi?payby=WEST;custnum=<% $custnum %>"><% mt('Enter Western Union payment') |h %></A>
 % } 
 
-<BR>
+<% $s ? '<BR>' : '' %>
 % $s=0;
 
 % if ( ( $payby{'CARD'} || $payby{'DCRD'} )
@@ -58,11 +58,13 @@
   <A HREF="<% $p %>edit/cust_pay.cgi?payby=MCRD;custnum=<% $custnum %>"><% mt('Post manual (offline/POS) credit card payment') |h %></A>
 % } 
 
-<BR>
+<% $s ? '<BR>' : '' %>
 
-%# credit link
+%# credit links
 
+% $s=0;
 % if ( $curuser->access_right('Post credit') ) { 
+  <% $s++ ? ' | ' : '' %>
   <& /elements/popup_link-cust_main.html,
                'label'       => emt('Enter credit'),
                'action'      => "${p}edit/cust_credit.cgi",
@@ -70,7 +72,9 @@
                'actionlabel' => emt('Enter credit'),
                'width'       => 616, #make room for reasons #540 default
   &>
-  |
+% }
+% if ( $curuser->access_right('Credit line items') ) { 
+  <% $s++ ? ' | ' : '' %>
   <& /elements/popup_link-cust_main.html,
                'label'       => emt('Credit line items'),
                #'action'      => "${p}search/cust_bill_pkg.cgi?nottax=1;type=select",
@@ -80,8 +84,8 @@
                'width'       => 968, #763,
                'height'      => 575,
   &>
-  <BR>
 % } 
+<% $s ? '<BR>' : '' %>
 
 %# refund links
 
-- 
2.11.0