From 41a6a1b1811e337be2fca47504ff9687b6b46cf8 Mon Sep 17 00:00:00 2001 From: ivan Date: Mon, 19 Jun 2006 11:25:14 +0000 Subject: [PATCH] ACLs, take three or four or something --- FS/FS/AccessRight.pm | 42 +++++++++-- FS/FS/access_user.pm | 23 ++++++ FS/FS/cust_main.pm | 18 +++-- httemplate/elements/menu.html | 99 +++++++++++++++----------- httemplate/view/cust_main.cgi | 55 +++++++------- httemplate/view/cust_main/packages.html | 91 ++++++++++++++++++----- httemplate/view/cust_main/payment_history.html | 78 +++++++++++++++----- 7 files changed, 296 insertions(+), 110 deletions(-) diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm index 5229e1e65..f04779a07 100644 --- a/FS/FS/AccessRight.pm +++ b/FS/FS/AccessRight.pm @@ -84,10 +84,13 @@ assigned to users and/or groups. #'View Customer | View tickets', 'Edit customer', 'Cancel customer', - 'Delete customer', + 'Complimentary customer', #aka users-allow_comp + 'Delete customer', #aka. deletecustomers #Enable customer deletions. Be very careful! Deleting a customer will remove all traces that this customer ever existed! It should probably only be used when auditing a legacy database. Normally, you cancel all of a customers' packages if they cancel service. 'Order customer package', + 'One-time charge', 'Change customer package', + 'Bulk change customer packages', 'Edit customer package dates', 'Customize customer package', 'Suspend customer package', @@ -95,14 +98,43 @@ assigned to users and/or groups. 'Cancel customer package immediately', 'Cancel customer package later', - 'Provision service', - 'Unprovision service', - #legacy link stuff + 'Provision customer service', + 'Unprovision customer service', + + 'View/link unlinked services', #not agent-virtualizable without more work + + 'View invoices', 'Post payment', + 'Post payment batch', + 'Unapply payment', #aka. unapplypayments Enable "unapplication" of unclosed payments. 'Process payment', + 'Refund payment', + + 'Delete payment', #aka. deletepayments - Enable deletion of unclosed payments. Be very careful! Only delete payments that were data-entry errors, not adjustments. Optionally specify one or more comma-separated email addresses to be notified when a payment is deleted. + 'Post credit', - #more financial stuff + #'Apply credit', + 'Unapply credit', #aka unapplycredits Enable "unapplication" of unclosed credits. + 'Delete credit', #aka. deletecredits Enable deletion of unclosed credits. Be very careful! Only delete credits that were data-entry errors, not adjustments. Optionally specify one or more comma-separated email addresses to be notified when a credit is deleted. + + 'Credit card void', #aka. cc-void #Enable local-only voiding of echeck payments in addition to refunds against the payment gateway + 'Echeck void', #aka. echeck-void #Enable local-only voiding of echeck payments in addition to refunds against the payment gateway + 'Unvoid', #aka. unvoid #Enable unvoiding of voided payments + + 'List customers', + #'List zip codes', + 'List invoices', + 'List packages', + 'List services', + + 'Financial reports', + + 'Job queue', # these are not currently agent-virtualized + 'Import', # + 'Export', # + + 'Configuration', #none of the configuraiton is agent-virtualized either ); diff --git a/FS/FS/access_user.pm b/FS/FS/access_user.pm index c95d02984..e3bf2cb9f 100644 --- a/FS/FS/access_user.pm +++ b/FS/FS/access_user.pm @@ -192,6 +192,29 @@ sub agentnums_sql { ' )'; } +=item access_right + +Given a right name, returns true if this user has this right (currently via +group membership, eventually also via user overrides). + +=cut + +sub access_right { + my( $self, $rightname ) = @_; + my $sth = dbh->prepare(" + SELECT groupnum FROM access_usergroup + LEFT JOIN access_group USING ( groupnum ) + LEFT JOIN access_right + ON ( access_group.groupnum = access_right.rightobjnum ) + WHERE usernum = ? + AND righttype = 'FS::access_group' + AND rightname = ? + ") or die dbh->errstr; + $sth->execute($self->usernum, $rightname) or die $sth->errstr; + my $row = $sth->fetchrow_arrayref; + $row ? $row->[0] : ''; +} + =back =head1 BUGS diff --git a/FS/FS/cust_main.pm b/FS/FS/cust_main.pm index 8956d5b26..511762e63 100644 --- a/FS/FS/cust_main.pm +++ b/FS/FS/cust_main.pm @@ -944,10 +944,13 @@ sub replace { $old = qsearchs( 'cust_main', { 'custnum' => $self->custnum } ); } - if ( $self->payby eq 'COMP' && $self->payby ne $old->payby - && $conf->config('users-allow_comp') ) { - return "You are not permitted to create complimentary accounts." - unless grep { $_ eq getotaker } $conf->config('users-allow_comp'); + my $curuser = $FS::CurrentUser::CurrentUser; + if ( $self->payby eq 'COMP' + && $self->payby ne $old->payby + && ! $curuser->access_right('Complimentary customer') + ) + { + return "You are not permitted to create complimentary accounts."; } local($ignore_expired_card) = 1 @@ -1302,9 +1305,12 @@ sub check { } elsif ( $self->payby eq 'COMP' ) { - if ( !$self->custnum && $conf->config('users-allow_comp') ) { + my $curuser = $FS::CurrentUser::CurrentUser; + if ( ! $self->custnum + && ! $curuser->access_right('Complimentary customer') + ) + { return "You are not permitted to create complimentary accounts." - unless grep { $_ eq getotaker } $conf->config('users-allow_comp'); } $error = $self->ut_textn('payinfo'); diff --git a/httemplate/elements/menu.html b/httemplate/elements/menu.html index 8da197f34..05db0f659 100644 --- a/httemplate/elements/menu.html +++ b/httemplate/elements/menu.html @@ -3,6 +3,8 @@ my $conf = new FS::Conf; my $fsurl = $opt{'freeside_baseurl'}; + my $curuser = $FS::CurrentUser::CurrentUser; + #Active tickets not assigned to a customer tie my %report_customers_lists, 'Tie::IxHash', @@ -40,23 +42,27 @@ tie my %report_services_acct, 'Tie::IxHash', 'All accounts by username' => [ $fsurl.'search/svc_acct.cgi?username', '' ], 'All accounts by UID' => [ $fsurl.'search/svc_acct.cgi?uid', '' ], - 'Unlinked accounts' => [ $fsurl.'search/svc_acct.cgi?UN_uid', 'Pre-Freeside accounts without a customer record' ], ; + $report_services_acct{'Unlinked accounts'} = [ $fsurl.'search/svc_acct.cgi?UN_uid', 'Pre-Freeside accounts without a customer record' ] + if $curuser->access_right('View/link unlinked services'); tie my %report_services_domain, 'Tie::IxHash', 'All domains' => [ $fsurl.'search/svc_domain.cgi?domain', '' ], - 'Unlinked domains' => [ $fsurl.'search/svc_domain.cgi?UN_domain', 'Pre-Freeside domains without a customer record' ], ; + $report_services_domain{'Unlinked domains'} = [ $fsurl.'search/svc_domain.cgi?UN_domain', 'Pre-Freeside domains without a customer record' ] + if $curuser->access_right('View/link unlinked services'); tie my %report_services_forward, 'Tie::IxHash', 'All mail forwards' => [ $fsurl.'search/svc_forward.cgi?svcnum', '' ], - 'Unlinked mail forwards' => [ $fsurl.'search/svc_forward.cgi?UN_svcnum', 'Pre-Freeside mail forwards without a customer record' ], ; + $report_services_forward{'Unlinked mail forwards'} = [ $fsurl.'search/svc_forward.cgi?UN_svcnum', 'Pre-Freeside mail forwards without a customer record' ] + if $curuser->access_right('View/link unlinked services'); tie my %report_services_www, 'Tie::IxHash', 'All virtual hosts' => [ $fsurl.'search/svc_www.cgi?svcnum', '' ], - 'Unlinked virtual hosts' => [ $fsurl.'search/svc_www.cgi?UN_svcnum', 'Pre-Freeside virtual hosts without a customer record' ], ; + $report_services_www{'Unlinked virtual hosts'} = [ $fsurl.'search/svc_www.cgi?UN_svcnum', 'Pre-Freeside virtual hosts without a customer record' ] + if $curuser->access_right('View/link unlinked services'); tie my %report_services_broadband, 'Tie::IxHash', 'All broadband services' => [ $fsurl.'search/svc_broadband.cgi?svcnum', '' ], @@ -65,28 +71,31 @@ tie my %report_services_external, 'Tie::IxHash', 'All external services' => [ $fsurl.'search/svc_external.cgi?id', '' ], - 'Unlinked external services' => [ $fsurl.'search/svc_external.cgi?UN_id', 'Pre-Freeside domains without a customer record' ], - ; - - tie my %report_services, 'Tie::IxHash', - 'Service definitions' => [ $fsurl.'browse/part_svc.cgi?orderby=active', 'Service definitions by number of active packages' ], - 'separator' => '', - 'Accounts' => [ \%report_services_acct, 'Access accounts and mailboxes' ], - 'Domains' => [ \%report_services_domain, 'Domains', ], - 'Mail forwards' => [ \%report_services_forward, 'Mail forwards', ], - 'Virtual hosts' => [ \%report_services_www, 'Virtual hosting', ], - 'Broadband services' => [ \%report_services_broadband, 'Fixed (username-less) broadband services', ], - 'External services' => [ \%report_services_external, 'External services', ], ; + $report_services_external{'Unlinked external services'} = [ $fsurl.'search/svc_external.cgi?UN_id', 'Pre-Freeside domains without a customer record' ] + if $curuser->access_right('View/link unlinked services'); - tie my %report_packages, 'Tie::IxHash', - 'Package definitions' => [ $fsurl.'browse/part_pkg.cgi?active=1', 'Package definitions by number of active packages' ], - 'separator' => '', - 'All customer packages' => [ $fsurl.'search/cust_pkg.cgi?pkgnum', 'List all customer packages', ], - 'Suspended customer packages' => [ $fsurl.'search/cust_pkg.cgi?magic=suspended', 'List suspended packages' ], - 'Customer packages with unconfigured services' => [ $fsurl.'search/cust_pkg.cgi?APKG_pkgnum', 'List packages which have provisionable services' ], - 'Advanced package reports' => [ $fsurl.'search/report_cust_pkg.html', 'by agent, date range, status, package definition' ], - ; + tie my %report_services, 'Tie::IxHash'; + if ( $curuser->access_right('Configuration') ) { + $report_services{'Service definitions'} = [ $fsurl.'browse/part_svc.cgi?orderby=active', 'Service definitions by number of active packages' ]; + $report_services{'separator'} = ''; + } + $report_services{'Accounts'} = [ \%report_services_acct, 'Access accounts and mailboxes' ]; + $report_services{'Domains'} = [ \%report_services_domain, 'Domains', ]; + $report_services{'Mail forwards'} = [ \%report_services_forward, 'Mail forwards', ]; + $report_services{'Virtual hosts'} = [ \%report_services_www, 'Virtual hosting', ]; + $report_services{'Broadband services'} = [ \%report_services_broadband, 'Fixed (username-less) broadband services', ]; + $report_services{'External services'} = [ \%report_services_external, 'External services', ]; + + tie my %report_packages, 'Tie::IxHash'; + if ( $curuser->access_right('Configuration') ) { + $report_packages{'Package definitions'} = [ $fsurl.'browse/part_pkg.cgi?active=1', 'Package definitions by number of active packages' ]; + $report_packages{'separator'} = ''; + } + $report_packages{'All customer packages'} = [ $fsurl.'search/cust_pkg.cgi?pkgnum', 'List all customer packages', ]; + $report_packages{'Suspended customer packages'} = [ $fsurl.'search/cust_pkg.cgi?magic=suspended', 'List suspended packages' ]; + $report_packages{'Customer packages with unconfigured services'} = [ $fsurl.'search/cust_pkg.cgi?APKG_pkgnum', 'List packages which have provisionable services' ]; + $report_packages{'Advanced package reports'} = [ $fsurl.'search/report_cust_pkg.html', 'by agent, date range, status, package definition' ]; tie my %report_financial, 'Tie::IxHash', 'Sales, Credits and Receipts' => [ $fsurl.'graph/report_money_time.html', 'Sales, credits and receipts summary graph' ], @@ -98,13 +107,17 @@ 'Sales Tax Liability' => [ $fsurl.'search/report_tax.html', 'Sales tax liability report' ], ; - tie my %report_menu, 'Tie::IxHash', - 'Customers' => [ \%report_customers, 'Customer reports' ], - 'Invoices' => [ \%report_invoices, 'Invoice reports' ], - 'Packages' => [ \%report_packages, 'Package reports' ], - 'Services' => [ \%report_services, 'Services reports' ], - 'Financial' => [ \%report_financial, 'Financial reports' ], - ; + tie my %report_menu, 'Tie::IxHash'; + $report_menu{'Customers'} = [ \%report_customers, 'Customer reports' ] + if $curuser->access_right('List customers'); + $report_menu{'Invoices'} = [ \%report_invoices, 'Invoice reports' ] + if $curuser->access_right('List invoices'); + $report_menu{'Packages'} = [ \%report_packages, 'Package reports' ] + if $curuser->access_right('List packages'); + $report_menu{'Services'} = [ \%report_services, 'Services reports' ] + if $curuser->access_right('List services'); + $report_menu{'Financial'} = [ \%report_financial, 'Financial reports' ] + if $curuser->access_right('Financial reports'); tie my %tools_importing, 'Tie::IxHash', 'Import customers from CSV file' => [ $fsurl.'misc/cust_main-import.cgi', '' ], @@ -120,12 +133,15 @@ # - tie my %tools_menu, 'Tie::IxHash', - 'Quick payment entry' => [ $fsurl.'misc/batch-cust_pay.html', 'Enter multiple payments in a batch' ], - 'Job Queue' => [ $fsurl.'search/queue.html', 'View pending job queue' ], - 'Importing' => [ \%tools_importing, 'Import tools' ], - 'Exporting' => [ \%tools_exporting, 'Export tools' ], - ; + tie my %tools_menu, 'Tie::IxHash', (); + $tools_menu{'Quick payment entry'} = [ $fsurl.'misc/batch-cust_pay.html', 'Enter multiple payments in a batch' ] + if $curuser->access_right('Post payment batch'); + $tools_menu{'Job Queue'} = [ $fsurl.'search/queue.html', 'View pending job queue' ] + if $curuser->access_right('Job queue'); + $tools_menu{'Importing'} = [ \%tools_importing, 'Import tools' ] + if $curuser->access_right('Import'); + $tools_menu{'Exporting'} = [ \%tools_exporting, 'Export tools' ] + if $curuser->access_right('Export'); tie my %config_employees, 'Tie::IxHash', 'View/Edit employees' => [ $fsurl.'browse/access_user.html', 'Setup internal users' ], @@ -191,10 +207,13 @@ ), 'Ticketing start page', ], - 'Reports' => [ \%report_menu, 'Lists, reporting and graphing' ], - 'Tools' => [ \%tools_menu, 'Tools' ], - 'Configuration' => [ \%config_menu, 'Configuraiton and setup' ], ; + $menu{'Reports'} = [ \%report_menu, 'Lists, reporting and graphing' ] + if keys %report_menu; + $menu{'Tools'} = [ \%tools_menu, 'Tools' ] + if keys %tools_menu; + $menu{'Configuration'} = [ \%config_menu, 'Configuraiton and setup' ] + if $curuser->access_right('Configuration'); use vars qw($gmenunum); $gmenunum = 0; diff --git a/httemplate/view/cust_main.cgi b/httemplate/view/cust_main.cgi index 58f2925d5..e7b3319c7 100755 --- a/httemplate/view/cust_main.cgi +++ b/httemplate/view/cust_main.cgi @@ -1,4 +1,3 @@ - <% my $conf = new FS::Conf; @@ -12,13 +11,17 @@ foreach my $part_svc ( qsearch('part_svc',{}) ) { %> + <%= include("/elements/header.html","Customer View", include("/elements/menubar.html", 'Main Menu' => $p, )) %> + <% +my $curuser = $FS::CurrentUser::CurrentUser; + die "No customer specified (bad URL)!" unless $cgi->keywords; my($query) = $cgi->keywords; # needs parens with my, ->keywords returns array $query =~ /^(\d+)$/; @@ -26,10 +29,14 @@ my $custnum = $1; my $cust_main = qsearchs('cust_main',{'custnum'=>$custnum}); die "Customer not found!" unless $cust_main; -print qq!Edit this customer!; - %> + +<% if ( $curuser->access_right('Edit customer') ) { %> + Edit this customer | +<% } %> + + @@ -60,37 +67,36 @@ var confirm_cancel = '
Cancel this customer | +<% } %> - | Cancel this customer +<% if ( $conf->exists('deletecustomers') + && $curuser->access_right('Delete customer') + ) { +%> + Delete this customer | <% } %> -<% -print qq! | !. - 'Delete this customer' - if $conf->exists('deletecustomers'); +<% unless ( $conf->exists('disable_customer_referrals') ) { %> + Refer a new customer | + View this customer's referrals +<% } %> -unless ( $conf->exists('disable_customer_referrals') ) { - print qq! | !, - qq!Refer a new customer!; - print qq! | !, - qq!View this customer's referrals!; -} - -print '

'; +

+<% my $signupurl = $conf->config('signupurl'); if ( $signupurl ) { -print "This customer's signup URL: ". - "$signupurl?ref=$custnum

"; -} - %> + This customer's signup URL: <%= $signupurl %>?ref=<%= $custnum %>

+<% } %> @@ -135,5 +141,4 @@ Comments <%= include('cust_main/payment_history.html', $cust_main ) %> <% } %> - - +<%= include('/elements/footer.html') %> diff --git a/httemplate/view/cust_main/packages.html b/httemplate/view/cust_main/packages.html index 32e0ee1fc..8312a8663 100755 --- a/httemplate/view/cust_main/packages.html +++ b/httemplate/view/cust_main/packages.html @@ -2,6 +2,8 @@ my( $cust_main ) = @_; my $conf = new FS::Conf; + my $curuser = $FS::CurrentUser::CurrentUser; + my $packages = get_packages($cust_main, $conf); %> @@ -11,13 +13,21 @@ Packages -<%= include('order_pkg.html', $cust_main ) %> +<% if ( $curuser->access_right('Order customer package') ) { %> + <%= include('order_pkg.html', $cust_main ) %> +<% } %> -<% if ( $conf->config('payby-default') ne 'HIDE' ) { %> +<% if ( $curuser->access_right('One-time charge') + && $conf->config('payby-default') ne 'HIDE' + ) { +%> <%= include('quick-charge.html', $cust_main ) %> <% } %> -Bulk order and cancel packages (preserves services) +<% if ( $curuser->access_right('Bulk change customer packages') ) { %> + Bulk order and cancel packages (preserves services) +<% } %> +

<% if ( @$packages ) { %> @@ -70,10 +80,19 @@ foreach my $pkg (sort pkgsort_pkgnum_cancel @$packages) {
> <%=$pkg->{pkgnum}%>: <%=$pkg->{pkg}%> - <%=$pkg->{comment}%>
-<% unless ($pkg->{cancel}) { %> - ( <%=pkg_change_link($pkg)%> ) - ( <%=pkg_dates_link($pkg)%> | <%=pkg_customize_link($pkg,$cust_main->custnum)%> ) -<% } %> + + <% unless ( $pkg->{cancel} ) { %> + <% if ( $curuser->access_right('Change customer package') ) { %> + ( <%=pkg_change_link($pkg)%> ) + <% } %> + <% if ( $curuser->access_right('Edit customer package dates') ) { %> + ( <%=pkg_dates_link($pkg)%> ) + <% } %> + <% if ( $curuser->access_right('Customize customer package') ) { %> + ( <%=pkg_customize_link($pkg,$cust_main->custnum)%> ) + <% } %> + <% } %> + 		> @@ -182,7 +201,16 @@ foreach my $pkg (sort pkgsort_pkgnum_cancel @$packages) { <% } %> - + <% } else { %> @@ -196,7 +224,13 @@ foreach my $pkg (sort pkgsort_pkgnum_cancel @$packages) { - + <% } else { %> @@ -258,7 +292,19 @@ foreach my $pkg (sort pkgsort_pkgnum_cancel @$packages) { <% if ( $pkg->{freq} ) { %> - + <% } %> @@ -278,14 +324,20 @@ foreach my $pkg (sort pkgsort_pkgnum_cancel @$packages) { print '' if ($cnt > 0); %> - + <% $cnt++; } - if ($svcpart->{count} < $svcpart->{quantity}) { + if ( $svcpart->{count} < $svcpart->{quantity} + && $curuser->access_right('Provision customer services') + ) { print qq!\n! if ($cnt > 0); - print qq! \n\n!; + print qq! \n\n!; } } } @@ -393,7 +445,7 @@ sub svc_label_link { } sub svc_provision_link { - my ($pkg, $svcpart, $conf) = @_; + my ($pkg, $svcpart, $conf, $curuser) = @_; ( my $svc_nbsp = $svcpart->{svc} ) =~ s/\s+/ /g; my $num_left = $svcpart->{quantity} - $svcpart->{count}; my $pkgnum_svcpart = "pkgnum$pkg->{pkgnum}-svcpart$svcpart->{svcpart}"; @@ -411,7 +463,10 @@ sub svc_provision_link { my $link = qq!!. "Provision $svc_nbsp ($num_left)"; - if ( $conf->exists('legacy_link') ) { + if ( $conf->exists('legacy_link') + && $curuser->access_right('View/link unlinked services') + ) + { $link .= '
'. qq!!. @@ -475,7 +530,11 @@ sub pkg_cancel_link { my $pkg = shift or return ''; qq!!. - qq!Cancel now | !. + qq!Cancel now!; +} + +sub pkg_expire_link { + my $pkg = shift or return ''; qq!Cancel later!; } diff --git a/httemplate/view/cust_main/payment_history.html b/httemplate/view/cust_main/payment_history.html index f0cd993ff..b7621d57a 100644 --- a/httemplate/view/cust_main/payment_history.html +++ b/httemplate/view/cust_main/payment_history.html @@ -4,6 +4,8 @@ my $conf = new FS::Conf; + my $curuser = $FS::CurrentUser::CurrentUser; + my @payby = grep /\w/, $conf->config('payby'); #@payby = (qw( CARD DCRD CHEK DCHK LECB BILL CASH WEST COMP )) @payby = (qw( CARD DCRD CHEK DCHK LECB BILL CASH COMP )) @@ -16,42 +18,48 @@

Payment History
-<% if ( $payby{'BILL'} ) { %> +<% if ( $payby{'BILL'} && $curuser->access_right('Post payment') ) { %> <%= $s++ ? ' | ' : '' %> Post check payment <% } %> -<% if ( $payby{'CASH'} ) { %> +<% if ( $payby{'CASH'} && $curuser->access_right('Post payment') ) { %> <%= $s++ ? ' | ' : '' %> Post cash payment <% } %> -<% if ( $payby{'WEST'} ) { %> +<% if ( $payby{'WEST'} && $curuser->access_right('Post payment') ) { %> <%= $s++ ? ' | ' : '' %> Post Western Union payment <% } %> -<% if ( $payby{'CARD'} || $payby{'DCRD'} ) { %> +<% if ( ( $payby{'CARD'} || $payby{'DCRD'} ) + && $curuser->access_right('Process payment') + ) { +%> <%= $s++ ? ' | ' : '' %> Process credit card payment <% } %> -<% if ( $payby{'CHEK'} || $payby{'DCHK'} ) { %> +<% if ( ( $payby{'CHEK'} || $payby{'DCHK'} ) + && $curuser->access_right('Process payment') + ) { +%> <%= $s++ ? ' | ' : '' %> Process electronic check (ACH) payment <% } %> -<% if ( $payby{'MCRD'} ) { %> +<% if ( $payby{'MCRD'} && $curuser->access_right('Post payment') ) { %> <%= $s++ ? ' | ' : '' %> Post manual credit card payment @@ -60,9 +68,13 @@
-Post credit +<% if ( $curuser->access_right('Post credit') ) { %> -
+ Post credit + +
+ +<% } %> <% #get payment history @@ -75,11 +87,14 @@ foreach my $cust_bill ($cust_main->cust_bill) { : ''; my $post = ( $cust_bill->owed > 0 ) ? '' : ''; my $invnum = $cust_bill->invnum; + my $link = $curuser->access_right('View invoices') + ? qq!! + : ''; push @history, { 'date' => $cust_bill->_date, - 'desc' => qq!!. $pre. + 'desc' => $link. $pre. "Invoice #$invnum (Balance \$". $cust_bill->owed. ')'. - $post. '', + $post. ( $link ? '' : '' ), 'charge' => $cust_bill->charged, }; } @@ -169,6 +184,7 @@ foreach my $cust_pay ($cust_main->cust_pay) { && $cust_pay->payby =~ /^(CARD|CHEK)$/ && time-$cust_pay->_date < $refund_days*86400 && $cust_pay->unrefunded > 0 + && $curuser->access_right('Refund payment') ) { $refund = qq! (cust_pay) { my $void = ''; if ( $cust_pay->closed !~ /^Y/i - && ( $cust_pay->payby ne 'CARD' || $conf->exists('cc-void') ) - && ( $cust_pay->payby ne 'CHEK' || $conf->exists('echeck-void') ) - ) { + && ( ( $cust_pay->payby eq 'CARD' + && $conf->exists('cc-void') + && $curuser->acccess_right('Credit card void') + ) + || ( $cust_pay->payby eq 'CHEK' + && $conf->exists('echeck-void') + && $curuser->acccess_right('Echeck void') + ) + ) + ) + { $void = qq! (cust_pay) { } my $delete = ''; - if ( $cust_pay->closed !~ /^Y/i && $conf->exists('deletepayments') ) { + if ( $cust_pay->closed !~ /^Y/i + && $conf->exists('deletepayments') + && $curuser->access_right('Delete payment') + ) + { $delete = qq! (cust_pay) { my $unapply = ''; if ( $cust_pay->closed !~ /^Y/i && $conf->exists('unapplypayments') - && scalar(@cust_bill_pay) ) { + && scalar(@cust_bill_pay) + && $curuser->access_right('Unapply payment') + ) + { $unapply = qq! (cust_pay_void) { my $info = $payby ? " ($payby$payinfo)" : ''; my $unvoid = ''; - if ( $cust_pay_void->closed !~ /^Y/i && $conf->exists('unvoid') ) { + if ( $cust_pay_void->closed !~ /^Y/i + && $conf->exists('unvoid') + && $curuser->access_right('Unvoid') + ) + { $unvoid = qq! (cust_credit) { } # my $delete = ''; - if ( $cust_credit->closed !~ /^Y/i && $conf->exists('deletecredits') ) { + if ( $cust_credit->closed !~ /^Y/i + && $conf->exists('deletecredits') + && $curuser->access_right('Delete credit') + ) + { $delete = qq! (!. @@ -324,7 +363,10 @@ foreach my $cust_credit ($cust_main->cust_credit) { my $unapply = ''; if ( $cust_credit->closed !~ /^Y/i && $conf->exists('unapplycredits') - && scalar(@cust_credit_bill) ) { + && scalar(@cust_credit_bill) + && $curuser->access_right('Unapply credit') + ) + { $unapply = qq! (!. -- 2.11.0
>( <%= pkg_unsuspend_link($pkg) %> | <%= pkg_cancel_link($pkg) %> )> + + <% if ( $curuser->access_right('Unsuspend customer package') ) { %> + ( <%= pkg_unsuspend_link($pkg) %> ) + <% } %> + <% if ( $curuser->access_right('Cancel customer package') ) { %> + ( <%= pkg_cancel_link($pkg) %> ) + <% } %> + +
>( <%= pkg_cancel_link($pkg) %> )> + + <% if ( $curuser->access_right('Cancel customer package immediately') ) { %> + ( <%= pkg_cancel_link($pkg) %> ) + <% } %> + +
>( <%= pkg_suspend_link($pkg) %> | <%= pkg_cancel_link($pkg) %> )> + + <% if ( $curuser->access_right('Suspend customer package') ) { %> + ( <%= pkg_suspend_link($pkg) %> ) + <% } %> + <% if ( $curuser->access_right('Cancel customer package immediately') ) { %> + ( <%= pkg_cancel_link($pkg) %> ) + <% } %> + <% if ( $curuser->access_right('Cancel customer package later') ) { %> + ( <%= pkg_expire_link($pkg) %> ) + <% } %> + +
<%=svc_link($svcpart,$service)%><%=svc_label_link($svcpart,$service)%>
( <%=svc_unprovision_link($service)%> )		<%=svc_label_link($svcpart,$service)%> + <% if ( $curuser->access_right('Unprovision customer service') ) { %> +
( <%=svc_unprovision_link($service)%> ) + <% } %> +
!.svc_provision_link($pkg, $svcpart, $conf).qq!
!.svc_provision_link($pkg, $svcpart, $conf, $curuser).qq!