[freeside-commits] freeside/httemplate/misc/process batch-cust_pay.cgi, 1.3, 1.4 cancel_pkg.html, 1.7, 1.8 catchall.cgi, 1.5, 1.6 cdr-import.html, 1.4, 1.5 cust_main-import.cgi, 1.6, 1.7 cust_main-import_charges.cgi, 1.5, 1.6 delete-customer.cgi, 1.5, 1.6 inventory_item-import.html, 1.4, 1.5 link.cgi, 1.17, 1.18 meta-import.cgi, 1.8, 1.9 payment.cgi, 1.15, 1.16 recharge_svc.html, 1.6, 1.7

Ivan,,, ivan at wavetail.420.am
Sun Jan 13 13:14:21 PST 2008


Update of /home/cvs/cvsroot/freeside/httemplate/misc/process
In directory wavetail:/tmp/cvs-serv6645/process

Modified Files:
	batch-cust_pay.cgi cancel_pkg.html catchall.cgi 
	cdr-import.html cust_main-import.cgi 
	cust_main-import_charges.cgi delete-customer.cgi 
	inventory_item-import.html link.cgi meta-import.cgi 
	payment.cgi recharge_svc.html 
Log Message:
ACLs

Index: catchall.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/catchall.cgi,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- catchall.cgi	23 Aug 2006 22:25:38 -0000	1.5
+++ catchall.cgi	13 Jan 2008 21:14:19 -0000	1.6
@@ -1,34 +1,35 @@
-%
-%
-%$FS::svc_domain::whois_hack=1;
-%
-%$cgi->param('svcnum') =~ /^(\d*)$/ or die "Illegal svcnum!";
-%my $svcnum =$1;
-%
-%my $old = qsearchs('svc_domain',{'svcnum'=>$svcnum}) if $svcnum;
-%
-%my $new = new FS::svc_domain ( {
-%  map {
-%    ($_, scalar($cgi->param($_)));
-%  } ( fields('svc_domain'), qw( pkgnum svcpart ) )
-%} );
-%
-%$new->setfield('action' => 'M');
-%
-%my $error;
-%if ( $svcnum ) {
-%  $error = $new->replace($old);
-%} else {
-%  $error = $new->insert;
-%  $svcnum = $new->getfield('svcnum');
-%} 
-%
 %if ($error) {
 %  $cgi->param('error', $error);
-%  print $cgi->redirect(popurl(2). "catchall.cgi?". $cgi->query_string );
+<% $cgi->redirect(popurl(2). "catchall.cgi?". $cgi->query_string ) %>
 %} else {
-%  print $cgi->redirect(popurl(3). "view/svc_domain.cgi?$svcnum");
+<% $cgi->redirect(popurl(3). "view/svc_domain.cgi?$svcnum") %>
 %}
-%
-%
+<%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Edit domain catchall');
+
+$FS::svc_domain::whois_hack=1;
 
+$cgi->param('svcnum') =~ /^(\d*)$/ or die "Illegal svcnum!";
+my $svcnum =$1;
+
+my $old = qsearchs('svc_domain',{'svcnum'=>$svcnum}) if $svcnum;
+
+my $new = new FS::svc_domain ( {
+  map {
+    ($_, scalar($cgi->param($_)));
+  } ( fields('svc_domain'), qw( pkgnum svcpart ) )
+} );
+
+$new->setfield('action' => 'M');
+
+my $error;
+if ( $svcnum ) {
+  $error = $new->replace($old);
+} else {
+  $error = $new->insert;
+  $svcnum = $new->getfield('svcnum');
+} 
+
+</%init>

Index: cust_main-import_charges.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/cust_main-import_charges.cgi,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- cust_main-import_charges.cgi	8 Oct 2007 19:14:28 -0000	1.5
+++ cust_main-import_charges.cgi	13 Jan 2008 21:14:19 -0000	1.6
@@ -1,30 +1,23 @@
-%
-%
-%  my $fh = $cgi->upload('csvfile');
-%  #warn $cgi;
-%  #warn $fh;
-%
-%  my $error = defined($fh)
-%    ? FS::cust_main::batch_charge( {
-%        filehandle => $fh,
-%        'fields'    => [qw( custnum amount pkg )],
-%      } )
-%    : 'No file';
-%
-%  if ( $error ) {
-%    
-
-    <!-- mason kludge -->
-%
-% errorpage($error);
-%#    $cgi->param('error', $error);
-%#    print $cgi->redirect( "${p}cust_main-import_charges.cgi
+% if ( $error ) {
+%   errorpage($error);
 %  } else {
-%    
-
-    <!-- mason kludge -->
-    <% include("/elements/header.html",'Import successful') %> 
-%
+     <% include('/elements/header.html','Import successful') %> 
+     <% include('/elements/footer.html') %> 
 %  }
-%
+<%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Import');
 
+my $fh = $cgi->upload('csvfile');
+#warn $cgi;
+#warn $fh;
+
+my $error = defined($fh)
+  ? FS::cust_main::batch_charge( {
+      filehandle => $fh,
+      'fields'    => [qw( custnum amount pkg )],
+    } )
+  : 'No file';
+
+</%init>

Index: meta-import.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/meta-import.cgi,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -d -r1.8 -r1.9
--- meta-import.cgi	25 Dec 2007 23:49:22 -0000	1.8
+++ meta-import.cgi	13 Jan 2008 21:14:19 -0000	1.9
@@ -1,4 +1,3 @@
-<!-- mason kludge -->
 <% include("/elements/header.html",'Map tables') %>
 
 <SCRIPT>
@@ -183,5 +182,9 @@
 %
 %
 <%init>
-die "meta-import script not currently enabled"; #make XSS-safe if this is used for more than just admins to import data....
+
+#there's no ACL for this...  haven't used in ages
+#make XSS-safe if this is used for more than just admins to import data....
+die 'meta-import not enabled; remove this if you want to use it';
+
 </%init>

Index: payment.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/payment.cgi,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -d -r1.15 -r1.16
--- payment.cgi	29 Nov 2007 02:54:51 -0000	1.15
+++ payment.cgi	13 Jan 2008 21:14:19 -0000	1.16
@@ -15,6 +15,9 @@
 % }
 <%init>
 
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Process payment');
+
 #some false laziness w/MyAccount::process_payment
 
 $cgi->param('custnum') =~ /^(\d+)$/

Index: recharge_svc.html
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/recharge_svc.html,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- recharge_svc.html	23 Dec 2007 22:05:54 -0000	1.6
+++ recharge_svc.html	13 Jan 2008 21:14:19 -0000	1.7
@@ -1,31 +1,3 @@
-%
-%
-%#untaint svcnum
-%my $svcnum = $cgi->param('svcnum');
-%$svcnum =~ /^(\d+)$/ || die "Illegal svcnum";
-%$svcnum = $1;
-%
-%#untaint prepaid
-%my $prepaid = $cgi->param('prepaid');
-%$prepaid =~ /^(\w*)$/;
-%$prepaid = $1;
-
-%#untaint payby
-%my $payby = $cgi->param('payby');
-%$payby =~ /^([A-Z]*)$/;
-%$payby = $1;
-%
-%my $error = '';
-%my $svc_acct = qsearchs( 'svc_acct', {'svcnum'=>$svcnum} );
-%$error = "Can't recharge service $svcnum. " unless $svc_acct;
-%
-%my $cust_main = $svc_acct->cust_svc->cust_pkg->cust_main;
-%
-%my $oldAutoCommit = $FS::UID::AutoCommit;
-%local $FS::UID::AutoCommit = 0;
-%my $dbh = dbh;
-%
-%
 %unless ($error) {
 %
 %  my ($amount, $seconds, $up, $down, $total) = (0, 0, 0, 0, 0);
@@ -86,5 +58,35 @@
   </SCRIPT>
   </BODY></HTML>
 <%init>
+
 my $conf = new FS::Conf;
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Recharge customer service');
+
+#untaint svcnum
+my $svcnum = $cgi->param('svcnum');
+$svcnum =~ /^(\d+)$/ || die "Illegal svcnum";
+$svcnum = $1;
+
+#untaint prepaid
+my $prepaid = $cgi->param('prepaid');
+$prepaid =~ /^(\w*)$/;
+$prepaid = $1;
+
+#untaint payby
+my $payby = $cgi->param('payby');
+$payby =~ /^([A-Z]*)$/;
+$payby = $1;
+
+my $error = '';
+my $svc_acct = qsearchs( 'svc_acct', {'svcnum'=>$svcnum} );
+$error = "Can't recharge service $svcnum. " unless $svc_acct;
+
+my $cust_main = $svc_acct->cust_svc->cust_pkg->cust_main;
+
+my $oldAutoCommit = $FS::UID::AutoCommit;
+local $FS::UID::AutoCommit = 0;
+my $dbh = dbh;
+
 </%init>

Index: cust_main-import.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/cust_main-import.cgi,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- cust_main-import.cgi	8 Oct 2007 19:14:28 -0000	1.6
+++ cust_main-import.cgi	13 Jan 2008 21:14:19 -0000	1.7
@@ -1,35 +1,28 @@
-%
-%
-%  my $fh = $cgi->upload('csvfile');
-%  #warn $cgi;
-%  #warn $fh;
-%
-%  my $error = defined($fh)
-%    ? FS::cust_main::batch_import( {
-%        filehandle => $fh,
-%        agentnum   => scalar($cgi->param('agentnum')),
-%        refnum     => scalar($cgi->param('refnum')),
-%        pkgpart    => scalar($cgi->param('pkgpart')),
-%        #'fields'    => [qw( cust_pkg.setup dayphone first last address1 address2
-%        #                   city state zip comments                          )],
-%        'format'   => scalar($cgi->param('format')),
-%      } )
-%    : 'No file';
-%
-%  if ( $error ) {
-%    
-
-    <!-- mason kludge -->
-%
-% errorpage($error);
-%#    $cgi->param('error', $error);
-%#    print $cgi->redirect( "${p}cust_main-import.cgi
+% if ( $error ) {
+%   errorpage($error);
 %  } else {
-%    
-
-    <!-- mason kludge -->
-    <% include("/elements/header.html",'Import successful') %> 
-%
+    <% include('/elements/header.html','Import successful') %> 
+    <% include('/elements/footer.html') %> 
 %  }
-%
+<%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Import');
+
+my $fh = $cgi->upload('csvfile');
+#warn $cgi;
+#warn $fh;
+
+my $error = defined($fh)
+  ? FS::cust_main::batch_import( {
+      filehandle => $fh,
+      agentnum   => scalar($cgi->param('agentnum')),
+      refnum     => scalar($cgi->param('refnum')),
+      pkgpart    => scalar($cgi->param('pkgpart')),
+      #'fields'    => [qw( cust_pkg.setup dayphone first last address1 address2
+      #                   city state zip comments                          )],
+      'format'   => scalar($cgi->param('format')),
+    } )
+  : 'No file';
 
+</%init>

Index: cancel_pkg.html
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/cancel_pkg.html,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -d -r1.7 -r1.8
--- cancel_pkg.html	1 Aug 2007 22:26:43 -0000	1.7
+++ cancel_pkg.html	13 Jan 2008 21:14:19 -0000	1.8
@@ -12,29 +12,39 @@
              'adjourn' => 'adjourned',
            );
 
+#i'm sure this is false laziness with somewhere, at least w/misc/cancel_pkg.html
+my %right = ( 'cancel'  => 'Cancel customer package immediately',
+              'expire'  => 'Cancel customer package later',
+              'suspend' => 'Suspend customer package',
+              'adjourn' => 'Suspend customer package later',
+            );
+
 </%once>
 <%init>
 
 #untaint method
 my $method = $cgi->param('method');
-$method =~ /^(cancel|expire|suspend|adjourn)$/ || die "Illegal method";
+$method =~ /^(cancel|expire|suspend|adjourn)$/ or die "Illegal method";
 $method = $1;
 
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right($right{$method});
+
 #untaint pkgnum
 my $pkgnum = $cgi->param('pkgnum');
-$pkgnum =~ /^(\d+)$/ || die "Illegal pkgnum";
+$pkgnum =~ /^(\d+)$/ or die "Illegal pkgnum";
 $pkgnum = $1;
 
 #untaint reasonnum
 my $reasonnum = $cgi->param('reasonnum');
-$reasonnum =~ /^(-?\d+)$/ || die "Illegal reasonnum";
+$reasonnum =~ /^(-?\d+)$/ or die "Illegal reasonnum";
 $reasonnum = $1;
 
 my $date = time;
 if ($method eq 'expire' || $method eq 'adjourn'){
   #untaint date
   $date = $cgi->param('date');
-  str2time($cgi->param('date')) =~ /^(\d+)$/ || die "Illegal date";
+  str2time($cgi->param('date')) =~ /^(\d+)$/ or die "Illegal date";
   $date = $1;
 }
 

Index: batch-cust_pay.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/batch-cust_pay.cgi,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- batch-cust_pay.cgi	23 Aug 2006 22:25:38 -0000	1.3
+++ batch-cust_pay.cgi	13 Jan 2008 21:14:19 -0000	1.4
@@ -1,3 +1,5 @@
+%  die "access denied"
+%    unless $FS::CurrentUser::CurrentUser->access_right('Post payment batch');
 %
 %  my $param = $cgi->Vars;
 %

Index: cdr-import.html
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/cdr-import.html,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- cdr-import.html	8 Oct 2007 19:14:28 -0000	1.4
+++ cdr-import.html	13 Jan 2008 21:14:19 -0000	1.5
@@ -1,30 +1,22 @@
-%
-%
-%  my $fh = $cgi->upload('csvfile');
-%
-%  my $error = defined($fh)
-%    ? FS::cdr::batch_import( {
-%        'filehandle' => $fh,
-%        'format'     => $cgi->param('format'),
-%      } )
-%    : 'No file';
-%
-%  if ( $error ) {
-%    
-
-    <!-- mason kludge -->
-%
-% errorpage($error);
-%#    $cgi->param('error', $error);
-%#    print $cgi->redirect( "${p}cust_main-import.cgi
-%  } else {
-%    
-
-    <!-- mason kludge -->
+% if ( $error ) {
+%   errorpage($error);
+% } else {
     <% include("/elements/header.html",'Import successful') %>
     <!-- XXX redirect to batch search like the payment entry... -->
     <% include("/elements/footer.html",'Import successful') %> 
-%
-%  }
-%
+% }
+<%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Import');
+
+my $fh = $cgi->upload('csvfile');
 
+my $error = defined($fh)
+  ? FS::cdr::batch_import( {
+      'filehandle' => $fh,
+      'format'     => $cgi->param('format'),
+    } )
+  : 'No file';
+
+</%init>

Index: inventory_item-import.html
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/inventory_item-import.html,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- inventory_item-import.html	8 Oct 2007 19:14:28 -0000	1.4
+++ inventory_item-import.html	13 Jan 2008 21:14:19 -0000	1.5
@@ -1,31 +1,22 @@
-%
-%
-%  my $fh = $cgi->upload('filename');
-%
-%  my $error = defined($fh)
-%    ? FS::inventory_item::batch_import( {
-%        'filehandle' => $fh,
-%        'classnum'   => $cgi->param('classnum'),
-%      } )
-%    : 'No file';
-%
-%  if ( $error ) {
-%    
-
-    <!-- mason kludge -->
-%
-% errorpage($error);
-%#    $cgi->param('error', $error);
-%#    print $cgi->redirect( "${p}cust_main-import.cgi
-%  } else {
-%    
-
-    <!-- mason kludge -->
+% if ( $error ) {
+%   errorpage($error);
+% } else {
     <% include("/elements/header.html",'Import successful') %>
     <!-- XXX redirect to batch search like the payment entry... -->
     <% include("/elements/footer.html",'Import successful') %> 
-%
 %  }
-%
+<%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Import');
+
+my $fh = $cgi->upload('filename');
 
+my $error = defined($fh)
+  ? FS::inventory_item::batch_import( {
+      'filehandle' => $fh,
+      'classnum'   => $cgi->param('classnum'),
+    } )
+  : 'No file';
 
+</%init>

Index: delete-customer.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/delete-customer.cgi,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- delete-customer.cgi	23 Aug 2006 22:25:38 -0000	1.5
+++ delete-customer.cgi	13 Jan 2008 21:14:19 -0000	1.6
@@ -1,30 +1,33 @@
-%
-%
-%my $conf = new FS::Conf;
-%die "Customer deletions not enabled" unless $conf->exists('deletecustomers');
-%
-%$cgi->param('custnum') =~ /^(\d+)$/;
-%my $custnum = $1;
-%my $new_custnum;
-%if ( $cgi->param('new_custnum') ) {
-%  $cgi->param('new_custnum') =~ /^(\d+)$/
-%    or die "Illegal new customer number: ". $cgi->param('new_custnum');
-%  $new_custnum = $1;
-%} else {
-%  $new_custnum = '';
-%}
-%my $cust_main = qsearchs( 'cust_main', { 'custnum' => $custnum } )
-%  or die "Customer not found: $custnum";
-%
-%my $error = $cust_main->delete($new_custnum);
-%
 %if ( $error ) {
 %  $cgi->param('error', $error);
-%  print $cgi->redirect(popurl(2). "delete-customer.cgi?". $cgi->query_string );
+<% $cgi->redirect(popurl(2). "delete-customer.cgi?". $cgi->query_string ) %>
 %} elsif ( $new_custnum ) {
-%  print $cgi->redirect(popurl(3). "view/cust_main.cgi?$new_custnum");
+<% $cgi->redirect(popurl(3). "view/cust_main.cgi?$new_custnum") %>
 %} else {
-%  print $cgi->redirect(popurl(3));
+<% $cgi->redirect(popurl(3)) %>
 %}
-%
+<%init>
 
+my $conf = new FS::Conf;
+die "Customer deletions not enabled in configuration"
+  unless $conf->exists('deletecustomers');
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Delete customer');
+
+$cgi->param('custnum') =~ /^(\d+)$/;
+my $custnum = $1;
+my $new_custnum;
+if ( $cgi->param('new_custnum') ) {
+  $cgi->param('new_custnum') =~ /^(\d+)$/
+    or die "Illegal new customer number: ". $cgi->param('new_custnum');
+  $new_custnum = $1;
+} else {
+  $new_custnum = '';
+}
+my $cust_main = qsearchs( 'cust_main', { 'custnum' => $custnum } )
+  or die "Customer not found: $custnum";
+
+my $error = $cust_main->delete($new_custnum);
+
+</%init>

Index: link.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/link.cgi,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -d -r1.17 -r1.18
--- link.cgi	8 Oct 2007 19:14:28 -0000	1.17
+++ link.cgi	13 Jan 2008 21:14:19 -0000	1.18
@@ -1,76 +1,72 @@
-%
-%
-%my $DEBUG = 0;
-%
-%$cgi->param('pkgnum') =~ /^(\d+)$/;
-%my $pkgnum = $1;
-%$cgi->param('svcpart') =~ /^(\d+)$/;
-%my $svcpart = $1;
-%$cgi->param('svcnum') =~ /^(\d*)$/;
-%my $svcnum = $1;
-%
-%unless ( $svcnum ) {
-%  my $part_svc = qsearchs('part_svc',{'svcpart'=>$svcpart});
-%  my $svcdb = $part_svc->getfield('svcdb');
-%  $cgi->param('link_field') =~ /^(\w+)$/;
-%  my $link_field = $1;
-%  my %search = ( $link_field => $cgi->param('link_value') );
-%  if ( $cgi->param('link_field2') =~ /^(\w+)$/ ) {
-%    $search{$1} = $cgi->param('link_value2');
-%  }
-%
-%  my @svc_x = ( sort { ($a->cust_svc->pkgnum > 0) <=> ($b->cust_svc->pkgnum > 0)
-%                       or ($b->cust_svc->svcpart == $svcpart)
-%                            <=> ($a->cust_svc->svcpart == $svcpart)
-%                     }
-%                     qsearch( $svcdb, \%search )
-%              );
-%
-%  if ( $DEBUG ) {
-%    warn scalar(@svc_x). " candidate accounts found for linking ".
-%         "(svcpart $svcpart):\n";
-%    foreach my $svc_x ( @svc_x ) {
-%      warn "  ". $svc_x->email.
-%           " (svcnum ". $svc_x->svcnum. ",".
-%           " pkgnum ".  $svc_x->cust_svc->pkgnum. ",".
-%           " svcpart ". $svc_x->cust_svc->svcpart. ")\n";
-%    }
-%  }
-%
-%  my $svc_x = $svc_x[0];
-%
-%  errorpage("$link_field not found!") unless $svc_x;
-%
-%  $svcnum = $svc_x->svcnum;
-%
-%}
-%
-%my $old = qsearchs('cust_svc',{'svcnum'=>$svcnum});
-%die "svcnum not found!" unless $old;
-%my $conf = new FS::Conf;
-%my($error, $new);
-%if ( $old->pkgnum && ! $conf->exists('legacy_link-steal') ) {
-%  $error = "svcnum $svcnum already linked to package ". $old->pkgnum;
-%} else {
-%  $new = new FS::cust_svc { $old->hash };
-%  $new->pkgnum($pkgnum);
-%  $new->svcpart($svcpart);
-%
-%  $error = $new->replace($old);
-%}
-%
 %unless ($error) {
 %  #no errors, so let's view this customer.
 %  my $custnum = $new->cust_pkg->custnum;
-%  print $cgi->redirect(popurl(3). "view/cust_main.cgi?$custnum".
-%                       "#cust_pkg$pkgnum" );
+<% $cgi->redirect(popurl(3). "view/cust_main.cgi?<%$custnum%>#cust_pkg<%$pkgnum%>" ) %>
 %} else {
-%
-
-<!-- mason kludge -->
-%
 % errorpage($error);
 %}
-%
-%
+<%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('View/link unlinked services');
+
+my $DEBUG = 0;
+
+$cgi->param('pkgnum') =~ /^(\d+)$/;
+my $pkgnum = $1;
+$cgi->param('svcpart') =~ /^(\d+)$/;
+my $svcpart = $1;
+$cgi->param('svcnum') =~ /^(\d*)$/;
+my $svcnum = $1;
+
+unless ( $svcnum ) {
+  my $part_svc = qsearchs('part_svc',{'svcpart'=>$svcpart});
+  my $svcdb = $part_svc->getfield('svcdb');
+  $cgi->param('link_field') =~ /^(\w+)$/;
+  my $link_field = $1;
+  my %search = ( $link_field => $cgi->param('link_value') );
+  if ( $cgi->param('link_field2') =~ /^(\w+)$/ ) {
+    $search{$1} = $cgi->param('link_value2');
+  }
 
+  my @svc_x = ( sort { ($a->cust_svc->pkgnum > 0) <=> ($b->cust_svc->pkgnum > 0)
+                       or ($b->cust_svc->svcpart == $svcpart)
+                            <=> ($a->cust_svc->svcpart == $svcpart)
+                     }
+                     qsearch( $svcdb, \%search )
+              );
+
+  if ( $DEBUG ) {
+    warn scalar(@svc_x). " candidate accounts found for linking ".
+         "(svcpart $svcpart):\n";
+    foreach my $svc_x ( @svc_x ) {
+      warn "  ". $svc_x->email.
+           " (svcnum ". $svc_x->svcnum. ",".
+           " pkgnum ".  $svc_x->cust_svc->pkgnum. ",".
+           " svcpart ". $svc_x->cust_svc->svcpart. ")\n";
+    }
+  }
+
+  my $svc_x = $svc_x[0];
+
+  errorpage("$link_field not found!") unless $svc_x;
+
+  $svcnum = $svc_x->svcnum;
+
+}
+
+my $old = qsearchs('cust_svc',{'svcnum'=>$svcnum});
+die "svcnum not found!" unless $old;
+my $conf = new FS::Conf;
+my($error, $new);
+if ( $old->pkgnum && ! $conf->exists('legacy_link-steal') ) {
+  $error = "svcnum $svcnum already linked to package ". $old->pkgnum;
+} else {
+  $new = new FS::cust_svc { $old->hash };
+  $new->pkgnum($pkgnum);
+  $new->svcpart($svcpart);
+
+  $error = $new->replace($old);
+}
+
+</%init>



More information about the freeside-commits mailing list