[freeside-commits]
freeside/httemplate/view cust_bill-logo.cgi, 1.6,
1.7 cust_bill-pdf.cgi, 1.8, 1.9 cust_bill-ps.cgi, 1.5,
1.6 cust_bill.cgi, 1.36, 1.37 cust_main.cgi, 1.111,
1.112 cust_pkg.cgi, 1.15, NONE svc_Common.html, 1.1,
1.2 svc_acct.cgi, 1.48, 1.49 svc_broadband.cgi, 1.12,
1.13 svc_domain.cgi, 1.22, 1.23 svc_external.cgi, 1.6,
1.7 svc_forward.cgi, 1.14, 1.15 svc_www.cgi, 1.14, 1.15
Ivan,,,
ivan at wavetail.420.am
Mon Feb 5 04:51:07 PST 2007
Update of /home/cvs/cvsroot/freeside/httemplate/view
In directory wavetail:/tmp/cvs-serv9128/httemplate/view
Modified Files:
cust_bill-logo.cgi cust_bill-pdf.cgi cust_bill-ps.cgi
cust_bill.cgi cust_main.cgi svc_Common.html svc_acct.cgi
svc_broadband.cgi svc_domain.cgi svc_external.cgi
svc_forward.cgi svc_www.cgi
Removed Files:
cust_pkg.cgi
Log Message:
C is for Cookie^WControl
Index: svc_Common.html
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/view/svc_Common.html,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- svc_Common.html 2 Jan 2007 20:25:59 -0000 1.1
+++ svc_Common.html 5 Feb 2007 12:51:05 -0000 1.2
@@ -1,3 +1,9 @@
+<% include('elements/svc_Common.html',
+ 'table' => $table,
+ 'edit_url' => $p."edit/svc_Common.html?svcdb=$table;svcnum=",
+ %opt,
+ )
+%>
<%init>
# false laziness w/edit/svc_Common.html
@@ -21,9 +27,3 @@
}
</%init>
-<% include('elements/svc_Common.html',
- 'table' => $table,
- 'edit_url' => $p."edit/svc_Common.html?svcdb=$table;svcnum=",
- %opt,
- )
-%>
Index: cust_bill-logo.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/view/cust_bill-logo.cgi,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- cust_bill-logo.cgi 23 Aug 2006 22:25:38 -0000 1.6
+++ cust_bill-logo.cgi 5 Feb 2007 12:51:05 -0000 1.7
@@ -1,16 +1,20 @@
-%
-%
-%my $conf = new FS::Conf;
-%
-%my($query) = $cgi->keywords;
-%$query =~ /^([^\.\/]*)$/;
-%my $templatename = $1;
-%if ( $templatename && $conf->exists("logo_$templatename.png") ) {
-% $templatename = "_$templatename";
-%} else {
-% $templatename = '';
-%}
-%
-%http_header('Content-Type' => 'image/png' );
-%
<% $conf->config_binary("logo$templatename.png") %>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('View invoices');
+
+my $conf = new FS::Conf;
+
+my($query) = $cgi->keywords;
+$query =~ /^([^\.\/]*)$/;
+my $templatename = $1;
+if ( $templatename && $conf->exists("logo_$templatename.png") ) {
+ $templatename = "_$templatename";
+} else {
+ $templatename = '';
+}
+
+http_header('Content-Type' => 'image/png' );
+
+</%init>
Index: cust_main.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/view/cust_main.cgi,v
retrieving revision 1.111
retrieving revision 1.112
diff -u -d -r1.111 -r1.112
--- cust_main.cgi 22 Jan 2007 11:41:02 -0000 1.111
+++ cust_main.cgi 5 Feb 2007 12:51:05 -0000 1.112
@@ -1,27 +1,9 @@
-%
-%
-%my $conf = new FS::Conf;
-%
-%my $curuser = $FS::CurrentUser::CurrentUser;
-%
-%die "No customer specified (bad URL)!" unless $cgi->keywords;
-%my($query) = $cgi->keywords; # needs parens with my, ->keywords returns array
-%$query =~ /^(\d+)$/;
-%my $custnum = $1;
-%my $cust_main = qsearchs('cust_main',{'custnum'=>$custnum});
-%die "Customer not found!" unless $cust_main;
-%
-%
-
-
<% include("/elements/header.html","Customer View: ". $cust_main->name ) %>
-% if ( $curuser->access_right('Edit customer') ) {
+% if ( $curuser->access_right('Edit customer') ) {
<A HREF="<% $p %>edit/cust_main.cgi?<% $custnum %>">Edit this customer</A> |
% }
-
-
<SCRIPT TYPE="text/javascript" SRC="<%$fsurl%>elements/overlibmws.js"></SCRIPT>
<SCRIPT TYPE="text/javascript" SRC="<%$fsurl%>elements/overlibmws_iframe.js"></SCRIPT>
<SCRIPT TYPE="text/javascript" SRC="<%$fsurl%>elements/overlibmws_draggable.js"></SCRIPT>
@@ -155,11 +137,35 @@
<BR><BR>
+
+% #XXX enable me# if ( $curuser->access_right('View customer packages') {
<% include('cust_main/packages.html', $cust_main ) %>
-% if ( $conf->config('payby-default') ne 'HIDE' ) {
+% #}
+% if ( $conf->config('payby-default') ne 'HIDE' ) {
<% include('cust_main/payment_history.html', $cust_main ) %>
% }
<% include('/elements/footer.html') %>
+<%init>
+
+my $curuser = $FS::CurrentUser::CurrentUser;
+
+die "access denied"
+ unless $curuser->access_right('View customer');
+
+my $conf = new FS::Conf;
+
+die "No customer specified (bad URL)!" unless $cgi->keywords;
+my($query) = $cgi->keywords; # needs parens with my, ->keywords returns array
+$query =~ /^(\d+)$/;
+my $custnum = $1;
+my $cust_main = qsearchs({
+ 'table' => 'cust_main',
+ 'hashref' => {'custnum'=>$custnum},
+ 'extra_sql' => ' AND '. $curuser->agentnums_sql,
+});
+die "Customer not found!" unless $cust_main;
+
+</%init>
Index: cust_bill-pdf.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/view/cust_bill-pdf.cgi,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -d -r1.8 -r1.9
--- cust_bill-pdf.cgi 23 Aug 2006 22:25:38 -0000 1.8
+++ cust_bill-pdf.cgi 5 Feb 2007 12:51:05 -0000 1.9
@@ -1,18 +1,28 @@
-%
-%
-%#untaint invnum
-%my($query) = $cgi->keywords;
-%$query =~ /^((.+)-)?(\d+)(.pdf)?$/;
-%my $templatename = $2;
-%my $invnum = $3;
-%
-%my $cust_bill = qsearchs('cust_bill',{'invnum'=>$invnum});
-%die "Invoice #$invnum not found!" unless $cust_bill;
-%
-%my $pdf = $cust_bill->print_pdf( '', $templatename);
-%
-%http_header('Content-Type' => 'application/pdf' );
-%http_header('Content-Length' => length($pdf) );
-%http_header('Cache-control' => 'max-age=60' );
-%
<% $pdf %>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('View invoices');
+
+#untaint invnum
+my($query) = $cgi->keywords;
+$query =~ /^((.+)-)?(\d+)(.pdf)?$/;
+my $templatename = $2;
+my $invnum = $3;
+
+my $cust_bill = qsearchs({
+ 'select' => 'cust_bill.*',
+ 'table' => 'cust_bill',
+ 'addl_from' => 'LEFT JOIN cust_main USING ( custnum )',
+ 'hashref' => { 'invnum' => $invnum },
+ 'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+});
+die "Invoice #$invnum not found!" unless $cust_bill;
+
+my $pdf = $cust_bill->print_pdf( '', $templatename);
+
+http_header('Content-Type' => 'application/pdf' );
+http_header('Content-Length' => length($pdf) );
+http_header('Cache-control' => 'max-age=60' );
+
+</%init>
Index: svc_domain.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/view/svc_domain.cgi,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -d -r1.22 -r1.23
--- svc_domain.cgi 28 Jan 2007 02:21:12 -0000 1.22
+++ svc_domain.cgi 5 Feb 2007 12:51:05 -0000 1.23
@@ -1,38 +1,3 @@
-<!-- mason kludge -->
-%
-%
-%my($query) = $cgi->keywords;
-%$query =~ /^(\d+)$/;
-%my $svcnum = $1;
-%my $svc_domain = qsearchs('svc_domain',{'svcnum'=>$svcnum});
-%die "Unknown svcnum" unless $svc_domain;
-%
-%my $cust_svc = qsearchs('cust_svc',{'svcnum'=>$svcnum});
-%my $pkgnum = $cust_svc->getfield('pkgnum');
-%my($cust_pkg, $custnum);
-%if ($pkgnum) {
-% $cust_pkg=qsearchs('cust_pkg',{'pkgnum'=>$pkgnum});
-% $custnum=$cust_pkg->getfield('custnum');
-%} else {
-% $cust_pkg = '';
-% $custnum = '';
-%}
-%
-%my $part_svc = qsearchs('part_svc',{'svcpart'=> $cust_svc->svcpart } );
-%die "Unknown svcpart" unless $part_svc;
-%
-%my $email = '';
-%if ($svc_domain->catchall) {
-% my $svc_acct = qsearchs('svc_acct',{'svcnum'=> $svc_domain->catchall } );
-% die "Unknown svcpart" unless $svc_acct;
-% $email = $svc_acct->email;
-%}
-%
-%my $domain = $svc_domain->domain;
-%
-%
-
-
<% include("/elements/header.html",'Domain View', menubar(
( ( $pkgnum || $custnum )
? ( "View this customer (#$custnum)" => "${p}view/cust_main.cgi?$custnum",
@@ -132,4 +97,49 @@
<INPUT TYPE="text" NAME="recdata"> <INPUT TYPE="submit" VALUE="Slave domain" onClick="return slave_areyousure()">
</FORM>
<BR><BR><% joblisting({'svcnum'=>$svcnum}, 1) %>
-</BODY></HTML>
+
+<% include('/elements/footer.html') %>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
+ || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
+
+my($query) = $cgi->keywords;
+$query =~ /^(\d+)$/;
+my $svcnum = $1;
+my $svc_domain = qsearchs({
+ 'select' => 'svc_domain.*',
+ 'table' => 'svc_domain',
+ 'addl_from' => ' LEFT JOIN cust_svc USING ( svcnum ) '.
+ ' LEFT JOIN cust_pkg USING ( pkgnum ) '.
+ ' LEFT JOIN cust_main USING ( custnum ) ',
+ 'hashref' => {'svcnum'=>$svcnum},
+ 'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+});
+die "Unknown svcnum" unless $svc_domain;
+
+my $cust_svc = qsearchs('cust_svc',{'svcnum'=>$svcnum});
+my $pkgnum = $cust_svc->getfield('pkgnum');
+my($cust_pkg, $custnum);
+if ($pkgnum) {
+ $cust_pkg=qsearchs('cust_pkg',{'pkgnum'=>$pkgnum});
+ $custnum=$cust_pkg->getfield('custnum');
+} else {
+ $cust_pkg = '';
+ $custnum = '';
+}
+
+my $part_svc = qsearchs('part_svc',{'svcpart'=> $cust_svc->svcpart } );
+die "Unknown svcpart" unless $part_svc;
+
+my $email = '';
+if ($svc_domain->catchall) {
+ my $svc_acct = qsearchs('svc_acct',{'svcnum'=> $svc_domain->catchall } );
+ die "Unknown svcpart" unless $svc_acct;
+ $email = $svc_acct->email;
+}
+
+my $domain = $svc_domain->domain;
+
+</%init>
Index: svc_www.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/view/svc_www.cgi,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -d -r1.14 -r1.15
--- svc_www.cgi 25 Oct 2006 03:12:10 -0000 1.14
+++ svc_www.cgi 5 Feb 2007 12:51:05 -0000 1.15
@@ -1,11 +1,19 @@
-<!-- mason kludge -->
-%
+% die "access denied"
+% unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
+% || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
%
%my($query) = $cgi->keywords;
%$query =~ /^(\d+)$/;
%my $svcnum = $1;
-%my $svc_www = qsearchs( 'svc_www', { 'svcnum' => $svcnum } )
-% or die "svc_www: Unknown svcnum $svcnum";
+%my $svc_www = qsearchs({
+% 'select' => 'svc_www.*',
+% 'table' => 'svc_www',
+% 'addl_from' => ' LEFT JOIN cust_svc USING ( svcnum ) '.
+% ' LEFT JOIN cust_pkg USING ( pkgnum ) '.
+% ' LEFT JOIN cust_main USING ( custnum ) ',
+% 'hashref' => { 'svcnum' => $svcnum },
+% 'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+%}) or die "svc_www: Unknown svcnum $svcnum";
%
%#false laziness w/all svc_*.cgi
%my $cust_svc = qsearchs( 'cust_svc', { 'svcnum' => $svcnum } );
Index: cust_bill-ps.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/view/cust_bill-ps.cgi,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- cust_bill-ps.cgi 23 Aug 2006 22:25:38 -0000 1.5
+++ cust_bill-ps.cgi 5 Feb 2007 12:51:05 -0000 1.6
@@ -1,14 +1,24 @@
-%
-%
-%#untaint invnum
-%my($query) = $cgi->keywords;
-%$query =~ /^((.+)-)?(\d+)$/;
-%my $templatename = $2;
-%my $invnum = $3;
-%
-%my $cust_bill = qsearchs('cust_bill',{'invnum'=>$invnum});
-%die "Invoice #$invnum not found!" unless $cust_bill;
-%
-%http_header('Content-Type' => 'application/postscript' );
-%
<% $cust_bill->print_ps( '', $templatename) %>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('View invoices');
+
+#untaint invnum
+my($query) = $cgi->keywords;
+$query =~ /^((.+)-)?(\d+)$/;
+my $templatename = $2;
+my $invnum = $3;
+
+my $cust_bill = qsearchs({
+ 'select' => 'cust_bill.*',
+ 'table' => 'cust_bill',
+ 'addl_from' => 'LEFT JOIN cust_main USING ( custnum )',
+ 'hashref' => { 'invnum' => $invnum },
+ 'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+});
+die "Invoice #$invnum not found!" unless $cust_bill;
+
+http_header('Content-Type' => 'application/postscript' );
+
+</%init>
Index: cust_bill.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/view/cust_bill.cgi,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -d -r1.36 -r1.37
--- cust_bill.cgi 23 Aug 2006 22:25:38 -0000 1.36
+++ cust_bill.cgi 5 Feb 2007 12:51:05 -0000 1.37
@@ -1,40 +1,14 @@
-%
-%
-%#untaint invnum
-%my($query) = $cgi->keywords;
-%$query =~ /^((.+)-)?(\d+)$/;
-%my $templatename = $2;
-%my $invnum = $3;
-%
-%my $conf = new FS::Conf;
-%
-%my @payby = grep /\w/, $conf->config('payby');
-%#@payby = (qw( CARD DCRD CHEK DCHK LECB BILL CASH WEST COMP ))
-%@payby = (qw( CARD DCRD CHEK DCHK LECB BILL CASH COMP ))
-% unless @payby;
-%my %payby = map { $_=>1 } @payby;
-%
-%my $cust_bill = qsearchs('cust_bill',{'invnum'=>$invnum});
-%die "Invoice #$invnum not found!" unless $cust_bill;
-%my $custnum = $cust_bill->getfield('custnum');
-%
-%#my $printed = $cust_bill->printed;
-%
-%my $link = $templatename ? "$templatename-$invnum" : $invnum;
-%
-%
-
<% include("/elements/header.html",'Invoice View', menubar(
"Main Menu" => $p,
"View this customer (#$custnum)" => "${p}view/cust_main.cgi?$custnum",
)) %>
+
+
% if ( $cust_bill->owed > 0
% && ( $payby{'BILL'} || $payby{'CASH'} || $payby{'WEST'} || $payby{'MCRD'} )
% )
% {
% my $s = 0;
-%
-
Post
% if ( $payby{'BILL'} ) {
@@ -151,5 +125,41 @@
<PRE><% join('', $cust_bill->print_text('', $templatename) ) %></PRE>
% }
+<% include('/elements/footer.html') %>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('View invoices');
+
+#untaint invnum
+my($query) = $cgi->keywords;
+$query =~ /^((.+)-)?(\d+)$/;
+my $templatename = $2;
+my $invnum = $3;
+
+my $conf = new FS::Conf;
+
+my @payby = grep /\w/, $conf->config('payby');
+#@payby = (qw( CARD DCRD CHEK DCHK LECB BILL CASH WEST COMP ))
+ at payby = (qw( CARD DCRD CHEK DCHK LECB BILL CASH COMP ))
+ unless @payby;
+my %payby = map { $_=>1 } @payby;
+
+my $cust_bill = qsearchs({
+ 'select' => 'cust_bill.*',
+ 'table' => 'cust_bill',
+ 'addl_from' => 'LEFT JOIN cust_main USING ( custnum )',
+ 'hashref' => { 'invnum' => $invnum },
+ 'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+});
+die "Invoice #$invnum not found!" unless $cust_bill;
+
+my $custnum = $cust_bill->custnum;
+
+#my $printed = $cust_bill->printed;
+
+my $link = $templatename ? "$templatename-$invnum" : $invnum;
+
+</%init>
+
-</BODY></HTML>
Index: svc_acct.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/view/svc_acct.cgi,v
retrieving revision 1.48
retrieving revision 1.49
diff -u -d -r1.48 -r1.49
--- svc_acct.cgi 17 Jan 2007 23:27:18 -0000 1.48
+++ svc_acct.cgi 5 Feb 2007 12:51:05 -0000 1.49
@@ -1,49 +1,11 @@
-%
-%
-%my $conf = new FS::Conf;
-%
-%my($query) = $cgi->keywords;
-%$query =~ /^(\d+)$/;
-%my $svcnum = $1;
-%my $svc_acct = qsearchs('svc_acct',{'svcnum'=>$svcnum});
-%die "Unknown svcnum" unless $svc_acct;
-%
-%#false laziness w/all svc_*.cgi
-%my $cust_svc = qsearchs( 'cust_svc' , { 'svcnum' => $svcnum } );
-%my $pkgnum = $cust_svc->getfield('pkgnum');
-%my($cust_pkg, $custnum);
-%if ($pkgnum) {
-% $cust_pkg = qsearchs( 'cust_pkg', { 'pkgnum' => $pkgnum } );
-% $custnum = $cust_pkg->custnum;
-%} else {
-% $cust_pkg = '';
-% $custnum = '';
-%}
-%#eofalse
-%
-%my $part_svc = qsearchs('part_svc',{'svcpart'=> $cust_svc->svcpart } );
-%die "Unknown svcpart" unless $part_svc;
-%my $svc = $part_svc->svc;
-%
-%die 'Empty domsvc for svc_acct.svcnum '. $svc_acct->svcnum
-% unless $svc_acct->domsvc;
-%my $svc_domain = qsearchs('svc_domain', { 'svcnum' => $svc_acct->domsvc } );
-%die 'Unknown domain (domsvc '. $svc_acct->domsvc.
-% ' for svc_acct.svcnum '. $svc_acct->svcnum. ')'
-% unless $svc_domain;
-%my $domain = $svc_domain->domain;
-%
-%
% if ( $custnum ) {
-
<% include("/elements/header.html","View $svc account") %>
-
<% include( '/elements/small_custview.html', $custnum, '', 1,
"${p}view/cust_main.cgi") %>
<BR>
-% } else {
+% } else {
<SCRIPT>
function areyousure(href) {
@@ -55,9 +17,10 @@
<% include("/elements/header.html",'Account View', menubar(
"Cancel this (unaudited) account" =>
"javascript:areyousure(\'${p}misc/cancel-unaudited.cgi?$svcnum\')",
- "Main menu" => $p,
)) %>
+
% }
+
% if ( $part_svc->part_export_usage ) {
%
% my $last_bill;
@@ -350,5 +313,52 @@
<% joblisting({'svcnum'=>$svcnum}, 1) %>
-</BODY>
-</HTML>
+<% include('/elements/footer.html') %>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
+ || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
+
+my $conf = new FS::Conf;
+
+my($query) = $cgi->keywords;
+$query =~ /^(\d+)$/;
+my $svcnum = $1;
+my $svc_acct = qsearchs({
+ 'select' => 'svc_acct.*',
+ 'table' => 'svc_acct',
+ 'addl_from' => ' LEFT JOIN cust_svc USING ( svcnum ) '.
+ ' LEFT JOIN cust_pkg USING ( pkgnum ) '.
+ ' LEFT JOIN cust_main USING ( custnum ) ',
+ 'hashref' => {'svcnum'=>$svcnum},
+ 'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+});
+die "Unknown svcnum" unless $svc_acct;
+
+#false laziness w/all svc_*.cgi
+my $cust_svc = qsearchs( 'cust_svc' , { 'svcnum' => $svcnum } );
+my $pkgnum = $cust_svc->getfield('pkgnum');
+my($cust_pkg, $custnum);
+if ($pkgnum) {
+ $cust_pkg = qsearchs( 'cust_pkg', { 'pkgnum' => $pkgnum } );
+ $custnum = $cust_pkg->custnum;
+} else {
+ $cust_pkg = '';
+ $custnum = '';
+}
+#eofalse
+
+my $part_svc = qsearchs('part_svc',{'svcpart'=> $cust_svc->svcpart } );
+die "Unknown svcpart" unless $part_svc;
+my $svc = $part_svc->svc;
+
+die 'Empty domsvc for svc_acct.svcnum '. $svc_acct->svcnum
+ unless $svc_acct->domsvc;
+my $svc_domain = qsearchs('svc_domain', { 'svcnum' => $svc_acct->domsvc } );
+die 'Unknown domain (domsvc '. $svc_acct->domsvc.
+ ' for svc_acct.svcnum '. $svc_acct->svcnum. ')'
+ unless $svc_domain;
+my $domain = $svc_domain->domain;
+
+</%init>
--- cust_pkg.cgi DELETED ---
Index: svc_external.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/view/svc_external.cgi,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- svc_external.cgi 23 Aug 2006 22:25:38 -0000 1.6
+++ svc_external.cgi 5 Feb 2007 12:51:05 -0000 1.7
@@ -1,30 +1,3 @@
-%
-%
-%my($query) = $cgi->keywords;
-%$query =~ /^(\d+)$/;
-%my $svcnum = $1;
-%my $svc_external = qsearchs( 'svc_external', { 'svcnum' => $svcnum } )
-% or die "svc_external: Unknown svcnum $svcnum";
-%
-%my $conf = new FS::Conf;
-%
-%#false laziness w/all svc_*.cgi
-%my $cust_svc = qsearchs( 'cust_svc', { 'svcnum' => $svcnum } );
-%my $pkgnum = $cust_svc->getfield('pkgnum');
-%my($cust_pkg, $custnum);
-%if ($pkgnum) {
-% $cust_pkg = qsearchs( 'cust_pkg', { 'pkgnum' => $pkgnum } );
-% $custnum = $cust_pkg->custnum;
-%} else {
-% $cust_pkg = '';
-% $custnum = '';
-%}
-%#eofalse
-%
-%
-%
-
-
<% include("/elements/header.html",'External Service View', menubar(
( ( $custnum )
? ( "View this customer (#$custnum)" => "${p}view/cust_main.cgi?$custnum",
@@ -52,4 +25,40 @@
</TABLE></TD></TR></TABLE>
<BR><% joblisting({'svcnum'=>$svcnum}, 1) %>
-</BODY></HTML>
+
+<% include('/elements/footer.html') %>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
+ || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
+
+my($query) = $cgi->keywords;
+$query =~ /^(\d+)$/;
+my $svcnum = $1;
+my $svc_external = qsearchs({
+ 'select' => 'svc_external.*',
+ 'table' => 'svc_external',
+ 'addl_from' => ' LEFT JOIN cust_svc USING ( svcnum ) '.
+ ' LEFT JOIN cust_pkg USING ( pkgnum ) '.
+ ' LEFT JOIN cust_main USING ( custnum ) ',
+ 'hashref' => { 'svcnum' => $svcnum },
+ 'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+}) or die "svc_external: Unknown svcnum $svcnum";
+
+my $conf = new FS::Conf;
+
+#false laziness w/all svc_*.cgi
+my $cust_svc = qsearchs( 'cust_svc', { 'svcnum' => $svcnum } );
+my $pkgnum = $cust_svc->getfield('pkgnum');
+my($cust_pkg, $custnum);
+if ($pkgnum) {
+ $cust_pkg = qsearchs( 'cust_pkg', { 'pkgnum' => $pkgnum } );
+ $custnum = $cust_pkg->custnum;
+} else {
+ $cust_pkg = '';
+ $custnum = '';
+}
+#eofalse
+
+</%init>
Index: svc_broadband.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/view/svc_broadband.cgi,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -d -r1.12 -r1.13
--- svc_broadband.cgi 12 Jan 2007 23:27:08 -0000 1.12
+++ svc_broadband.cgi 5 Feb 2007 12:51:05 -0000 1.13
@@ -1,64 +1,3 @@
-<!-- mason kludge -->
-%
-%
-%my($query) = $cgi->keywords;
-%$query =~ /^(\d+)$/;
-%my $svcnum = $1;
-%my $svc_broadband = qsearchs( 'svc_broadband', { 'svcnum' => $svcnum } )
-% or die "svc_broadband: Unknown svcnum $svcnum";
-%
-%#false laziness w/all svc_*.cgi
-%my $cust_svc = qsearchs( 'cust_svc', { 'svcnum' => $svcnum } );
-%my $pkgnum = $cust_svc->getfield('pkgnum');
-%my($cust_pkg, $custnum);
-%if ($pkgnum) {
-% $cust_pkg = qsearchs( 'cust_pkg', { 'pkgnum' => $pkgnum } );
-% $custnum = $cust_pkg->custnum;
-%} else {
-% $cust_pkg = '';
-% $custnum = '';
-%}
-%#eofalse
-%
-%my $addr_block = $svc_broadband->addr_block;
-%my $router = $addr_block->router;
-%
-%if (not $router) { die "Could not lookup router for svc_broadband (svcnum $svcnum)" };
-%
-%my (
-% $routername,
-% $routernum,
-% $speed_down,
-% $speed_up,
-% $ip_addr,
-% $ip_gateway,
-% $ip_netmask,
-% $mac_addr,
-% $latitude,
-% $longitude,
-% $altitude,
-% $vlan_profile,
-% $auth_key,
-% $description,
-% ) = (
-% $router->getfield('routername'),
-% $router->getfield('routernum'),
-% $svc_broadband->getfield('speed_down'),
-% $svc_broadband->getfield('speed_up'),
-% $svc_broadband->getfield('ip_addr'),
-% $addr_block->ip_gateway,
-% $addr_block->NetAddr->mask,
-% $svc_broadband->mac_addr,
-% $svc_broadband->latitude,
-% $svc_broadband->longitude,
-% $svc_broadband->altitude,
-% $svc_broadband->vlan_profile,
-% $svc_broadband->auth_key,
-% $svc_broadband->description,
-% );
-%
-
-
<%include("/elements/header.html",'Broadband Service View', menubar(
( ( $custnum )
? ( "View this customer (#$custnum)" => "${p}view/cust_main.cgi?$custnum",
@@ -200,6 +139,75 @@
<BR>
<%joblisting({'svcnum'=>$svcnum}, 1)%>
- </BODY>
-</HTML>
+<% include('/elements/footer.html') %>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
+ || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
+
+my($query) = $cgi->keywords;
+$query =~ /^(\d+)$/;
+my $svcnum = $1;
+my $svc_broadband = qsearchs({
+ 'select' => 'svc_broadband.*',
+ 'table' => 'svc_broadband',
+ 'addl_from' => ' LEFT JOIN cust_svc USING ( svcnum ) '.
+ ' LEFT JOIN cust_pkg USING ( pkgnum ) '.
+ ' LEFT JOIN cust_main USING ( custnum ) ',
+ 'hashref' => { 'svcnum' => $svcnum },
+ 'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+}) or die "svc_broadband: Unknown svcnum $svcnum";
+
+#false laziness w/all svc_*.cgi
+my $cust_svc = qsearchs( 'cust_svc', { 'svcnum' => $svcnum } );
+my $pkgnum = $cust_svc->getfield('pkgnum');
+my($cust_pkg, $custnum);
+if ($pkgnum) {
+ $cust_pkg = qsearchs( 'cust_pkg', { 'pkgnum' => $pkgnum } );
+ $custnum = $cust_pkg->custnum;
+} else {
+ $cust_pkg = '';
+ $custnum = '';
+}
+#eofalse
+
+my $addr_block = $svc_broadband->addr_block;
+my $router = $addr_block->router;
+
+if (not $router) { die "Could not lookup router for svc_broadband (svcnum $svcnum)" };
+
+my (
+ $routername,
+ $routernum,
+ $speed_down,
+ $speed_up,
+ $ip_addr,
+ $ip_gateway,
+ $ip_netmask,
+ $mac_addr,
+ $latitude,
+ $longitude,
+ $altitude,
+ $vlan_profile,
+ $auth_key,
+ $description,
+ ) = (
+ $router->getfield('routername'),
+ $router->getfield('routernum'),
+ $svc_broadband->getfield('speed_down'),
+ $svc_broadband->getfield('speed_up'),
+ $svc_broadband->getfield('ip_addr'),
+ $addr_block->ip_gateway,
+ $addr_block->NetAddr->mask,
+ $svc_broadband->mac_addr,
+ $svc_broadband->latitude,
+ $svc_broadband->longitude,
+ $svc_broadband->altitude,
+ $svc_broadband->vlan_profile,
+ $svc_broadband->auth_key,
+ $svc_broadband->description,
+ );
+
+</%init>
Index: svc_forward.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/view/svc_forward.cgi,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -d -r1.14 -r1.15
--- svc_forward.cgi 23 Aug 2006 22:25:38 -0000 1.14
+++ svc_forward.cgi 5 Feb 2007 12:51:05 -0000 1.15
@@ -1,12 +1,21 @@
-<!-- mason kludge -->
-%
+% die "access denied"
+% unless $FS::CurrentUser::CurrentUser->access_right('View customer services')
+% || $FS::CurrentUser::CurrentUser->access_right('View customer'); #XXX remove me
%
%my $conf = new FS::Conf;
%
%my($query) = $cgi->keywords;
%$query =~ /^(\d+)$/;
%my $svcnum = $1;
-%my $svc_forward = qsearchs('svc_forward',{'svcnum'=>$svcnum});
+%my $svc_forward = qsearchs({
+% 'select' => 'svc_forward.*',
+% 'table' => 'svc_forward',
+% 'addl_from' => ' LEFT JOIN cust_svc USING ( svcnum ) '.
+% ' LEFT JOIN cust_pkg USING ( pkgnum ) '.
+% ' LEFT JOIN cust_main USING ( custnum ) ',
+% 'hashref' => {'svcnum'=>$svcnum},
+% 'extra_sql' => ' AND '. $FS::CurrentUser::CurrentUser->agentnums_sql,
+%});
%die "Unknown svcnum" unless $svc_forward;
%
%my $cust_svc = qsearchs('cust_svc',{'svcnum'=>$svcnum});
More information about the freeside-commits
mailing list