[freeside-commits] freeside/httemplate/misc/process batch-cust_pay.cgi, 1.3, 1.3.2.1 cancel_pkg.html, 1.4.2.1, 1.4.2.2 catchall.cgi, 1.5, 1.5.2.1 cdr-import.html, 1.3.2.1, 1.3.2.2 cust_main-import.cgi, 1.5.2.1, 1.5.2.2 cust_main-import_charges.cgi, 1.4.2.1, 1.4.2.2 delete-customer.cgi, 1.5, 1.5.2.1 inventory_item-import.html, 1.3.2.1, 1.3.2.2 link.cgi, 1.15.2.2, 1.15.2.3 meta-import.cgi, 1.7.2.1, 1.7.2.2 payment.cgi, 1.9.2.6, 1.9.2.7 recharge_svc.html, 1.2.2.4, 1.2.2.5
Ivan,,,
ivan at wavetail.420.am
Sun Jan 13 13:14:34 PST 2008
- Previous message: [freeside-commits] freeside/httemplate/misc batch-cust_pay.html, 1.7.2.1, 1.7.2.2 bill.cgi, 1.12.2.2, 1.12.2.3 cancel-unaudited.cgi, 1.11.2.1, 1.11.2.2 cancel_cust.html, 1.1.2.3, 1.1.2.4 cancel_pkg.html, 1.2.2.2, 1.2.2.3 catchall.cgi, 1.9, 1.9.2.1 cdr-import.html, 1.3, 1.3.2.1 cust_main-cancel.cgi, 1.4.2.2, 1.4.2.3 cust_main-import.cgi, 1.5.2.2, 1.5.2.3 cust_main-import_charges.cgi, 1.3, 1.3.2.1 delete-cust_credit.cgi, 1.2.2.1, 1.2.2.2 delete-cust_pay.cgi, 1.3.2.1, 1.3.2.2 delete-cust_refund.cgi, 1.1.2.2, 1.1.2.3 delete-customer.cgi, 1.11, 1.11.2.1 delete-domain_record.cgi, 1.2.2.1, 1.2.2.2 delete-part_export.cgi, 1.4.2.1, 1.4.2.2 dump.cgi, 1.3.2.1, 1.3.2.2 email-invoice.cgi, 1.6, 1.6.2.1 email_invoice_events.cgi, 1.4, 1.4.2.1 email_invoices.cgi, 1.5, 1.5.2.1 fax-invoice.cgi, 1.4, 1.4.2.1 fax_invoice_events.cgi, 1.4, 1.4.2.1 fax_invoices.cgi, 1.5, 1.5.2.1 inventory_item-import.html, 1.2.2.1, 1.2.2.2 link.cgi, 1.12, 1.12.2.1 meta-import.cgi, 1.4, 1.4.2.1 payment.cgi, 1.12.2.4, 1.12.2.5 print-invoice.cgi, 1.10, 1.10.2.1 print_invoice_events.cgi, 1.4, 1.4.2.1 print_invoices.cgi, 1.5, 1.5.2.1 queue.cgi, 1.5, 1.5.2.1 recharge_svc.html, 1.1.2.3, 1.1.2.4 svc_acct-domains.cgi, 1.2.2.1, 1.2.2.2 unapply-cust_credit.cgi, 1.2.2.1, 1.2.2.2 unapply-cust_pay.cgi, 1.3.2.1, 1.3.2.2 unprovision.cgi, 1.3.2.1, 1.3.2.2 unsusp_pkg.cgi, 1.5.2.1, 1.5.2.2 unvoid-cust_pay_void.cgi, 1.2.2.1, 1.2.2.2 upload-batch.cgi, 1.11.2.1, 1.11.2.2 void-cust_pay.cgi, 1.2.2.1, 1.2.2.2 whois.cgi, 1.3, 1.3.2.1
- Next message: [freeside-commits] freeside/httemplate/edit REAL_cust_pkg.cgi, 1.15, 1.16 access_user.html, 1.5, 1.6 agent.cgi, 1.17, 1.18 agent_payment_gateway.html, 1.4, 1.5 agent_type.cgi, 1.17, 1.18 bulk-cust_svc.html, 1.3, 1.4 cust_bill_pay.cgi, 1.16, 1.17 cust_credit.cgi, 1.20, 1.21 cust_credit_bill.cgi, 1.15, 1.16 cust_main.cgi, 1.83, 1.84 cust_main_county-expand.cgi, 1.12, 1.13 cust_main_note.cgi, 1.3, 1.4 cust_pay.cgi, 1.25, 1.26 cust_pkg.cgi, 1.13, 1.14 cust_refund.cgi, 1.6, 1.7 inventory_class.html, 1.3, 1.4 part_bill_event.cgi, 1.40, 1.41 part_export.cgi, 1.28, 1.29 part_pkg.cgi, 1.78, 1.79 part_referral.html, 1.3, 1.4 part_svc.cgi, 1.58, 1.59 part_virtual_field.cgi, 1.8, 1.9 payment_gateway.html, 1.8, 1.9 pkg_class.html, 1.3, 1.4 prepay_credit.cgi, 1.6, 1.7 quick-charge.html, 1.4, 1.5 rate.cgi, 1.14, 1.15 rate_region.cgi, 1.6, 1.7 reason.html, 1.4, 1.5 reason_type.html, 1.2, 1.3 reg_code.cgi, 1.5, 1.6 router.cgi, 1.6, 1.7 svc_Common.html, 1.1, 1.2 svc_acct.cgi, 1.51, 1.52 svc_acct_pop.cgi, 1.9, 1.10 svc_broadband.cgi, 1.15, 1.16 svc_domain.cgi, 1.15, 1.16 svc_external.cgi, 1.4, 1.5 svc_forward.cgi, 1.20, 1.21 svc_phone.cgi, 1.2, 1.3 svc_www.cgi, 1.23, 1.24
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /home/cvs/cvsroot/freeside/httemplate/misc/process
In directory wavetail:/tmp/cvs-serv6719/process
Modified Files:
Tag: FREESIDE_1_7_BRANCH
batch-cust_pay.cgi cancel_pkg.html catchall.cgi
cdr-import.html cust_main-import.cgi
cust_main-import_charges.cgi delete-customer.cgi
inventory_item-import.html link.cgi meta-import.cgi
payment.cgi recharge_svc.html
Log Message:
ACLs
Index: catchall.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/catchall.cgi,v
retrieving revision 1.5
retrieving revision 1.5.2.1
diff -u -d -r1.5 -r1.5.2.1
--- catchall.cgi 23 Aug 2006 22:25:38 -0000 1.5
+++ catchall.cgi 13 Jan 2008 21:14:31 -0000 1.5.2.1
@@ -1,34 +1,35 @@
-%
-%
-%$FS::svc_domain::whois_hack=1;
-%
-%$cgi->param('svcnum') =~ /^(\d*)$/ or die "Illegal svcnum!";
-%my $svcnum =$1;
-%
-%my $old = qsearchs('svc_domain',{'svcnum'=>$svcnum}) if $svcnum;
-%
-%my $new = new FS::svc_domain ( {
-% map {
-% ($_, scalar($cgi->param($_)));
-% } ( fields('svc_domain'), qw( pkgnum svcpart ) )
-%} );
-%
-%$new->setfield('action' => 'M');
-%
-%my $error;
-%if ( $svcnum ) {
-% $error = $new->replace($old);
-%} else {
-% $error = $new->insert;
-% $svcnum = $new->getfield('svcnum');
-%}
-%
%if ($error) {
% $cgi->param('error', $error);
-% print $cgi->redirect(popurl(2). "catchall.cgi?". $cgi->query_string );
+<% $cgi->redirect(popurl(2). "catchall.cgi?". $cgi->query_string ) %>
%} else {
-% print $cgi->redirect(popurl(3). "view/svc_domain.cgi?$svcnum");
+<% $cgi->redirect(popurl(3). "view/svc_domain.cgi?$svcnum") %>
%}
-%
-%
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('Edit domain catchall');
+
+$FS::svc_domain::whois_hack=1;
+$cgi->param('svcnum') =~ /^(\d*)$/ or die "Illegal svcnum!";
+my $svcnum =$1;
+
+my $old = qsearchs('svc_domain',{'svcnum'=>$svcnum}) if $svcnum;
+
+my $new = new FS::svc_domain ( {
+ map {
+ ($_, scalar($cgi->param($_)));
+ } ( fields('svc_domain'), qw( pkgnum svcpart ) )
+} );
+
+$new->setfield('action' => 'M');
+
+my $error;
+if ( $svcnum ) {
+ $error = $new->replace($old);
+} else {
+ $error = $new->insert;
+ $svcnum = $new->getfield('svcnum');
+}
+
+</%init>
Index: cust_main-import_charges.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/cust_main-import_charges.cgi,v
retrieving revision 1.4.2.1
retrieving revision 1.4.2.2
diff -u -d -r1.4.2.1 -r1.4.2.2
--- cust_main-import_charges.cgi 8 Oct 2007 19:04:49 -0000 1.4.2.1
+++ cust_main-import_charges.cgi 13 Jan 2008 21:14:31 -0000 1.4.2.2
@@ -1,30 +1,23 @@
-%
-%
-% my $fh = $cgi->upload('csvfile');
-% #warn $cgi;
-% #warn $fh;
-%
-% my $error = defined($fh)
-% ? FS::cust_main::batch_charge( {
-% filehandle => $fh,
-% 'fields' => [qw( custnum amount pkg )],
-% } )
-% : 'No file';
-%
-% if ( $error ) {
-%
-
- <!-- mason kludge -->
-%
-% errorpage($error);
-%# $cgi->param('error', $error);
-%# print $cgi->redirect( "${p}cust_main-import_charges.cgi
+% if ( $error ) {
+% errorpage($error);
% } else {
-%
-
- <!-- mason kludge -->
- <% include("/elements/header.html",'Import successful') %>
-%
+ <% include('/elements/header.html','Import successful') %>
+ <% include('/elements/footer.html') %>
% }
-%
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('Import');
+my $fh = $cgi->upload('csvfile');
+#warn $cgi;
+#warn $fh;
+
+my $error = defined($fh)
+ ? FS::cust_main::batch_charge( {
+ filehandle => $fh,
+ 'fields' => [qw( custnum amount pkg )],
+ } )
+ : 'No file';
+
+</%init>
Index: meta-import.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/meta-import.cgi,v
retrieving revision 1.7.2.1
retrieving revision 1.7.2.2
diff -u -d -r1.7.2.1 -r1.7.2.2
--- meta-import.cgi 25 Dec 2007 23:50:16 -0000 1.7.2.1
+++ meta-import.cgi 13 Jan 2008 21:14:32 -0000 1.7.2.2
@@ -1,4 +1,3 @@
-<!-- mason kludge -->
<% include("/elements/header.html",'Map tables') %>
<SCRIPT>
@@ -183,5 +182,9 @@
%
%
<%init>
-die "meta-import script not currently enabled"; #make XSS-safe if this is used for more than just admins to import data....
+
+#there's no ACL for this... haven't used in ages
+#make XSS-safe if this is used for more than just admins to import data....
+die 'meta-import not enabled; remove this if you want to use it';
+
</%init>
Index: payment.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/payment.cgi,v
retrieving revision 1.9.2.6
retrieving revision 1.9.2.7
diff -u -d -r1.9.2.6 -r1.9.2.7
--- payment.cgi 29 Nov 2007 02:55:11 -0000 1.9.2.6
+++ payment.cgi 13 Jan 2008 21:14:32 -0000 1.9.2.7
@@ -15,6 +15,9 @@
% }
<%init>
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('Process payment');
+
#some false laziness w/MyAccount::process_payment
$cgi->param('custnum') =~ /^(\d+)$/
Index: recharge_svc.html
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/recharge_svc.html,v
retrieving revision 1.2.2.4
retrieving revision 1.2.2.5
diff -u -d -r1.2.2.4 -r1.2.2.5
--- recharge_svc.html 23 Dec 2007 21:59:47 -0000 1.2.2.4
+++ recharge_svc.html 13 Jan 2008 21:14:32 -0000 1.2.2.5
@@ -1,31 +1,3 @@
-%
-%
-%#untaint svcnum
-%my $svcnum = $cgi->param('svcnum');
-%$svcnum =~ /^(\d+)$/ || die "Illegal svcnum";
-%$svcnum = $1;
-%
-%#untaint prepaid
-%my $prepaid = $cgi->param('prepaid');
-%$prepaid =~ /^(\w*)$/;
-%$prepaid = $1;
-
-%#untaint payby
-%my $payby = $cgi->param('payby');
-%$payby =~ /^([A-Z]*)$/;
-%$payby = $1;
-%
-%my $error = '';
-%my $svc_acct = qsearchs( 'svc_acct', {'svcnum'=>$svcnum} );
-%$error = "Can't recharge service $svcnum. " unless $svc_acct;
-%
-%my $cust_main = $svc_acct->cust_svc->cust_pkg->cust_main;
-%
-%my $oldAutoCommit = $FS::UID::AutoCommit;
-%local $FS::UID::AutoCommit = 0;
-%my $dbh = dbh;
-%
-%
%unless ($error) {
%
% my ($amount, $seconds, $up, $down, $total) = (0, 0, 0, 0, 0);
@@ -86,5 +58,35 @@
</SCRIPT>
</BODY></HTML>
<%init>
+
my $conf = new FS::Conf;
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('Recharge customer service');
+
+#untaint svcnum
+my $svcnum = $cgi->param('svcnum');
+$svcnum =~ /^(\d+)$/ || die "Illegal svcnum";
+$svcnum = $1;
+
+#untaint prepaid
+my $prepaid = $cgi->param('prepaid');
+$prepaid =~ /^(\w*)$/;
+$prepaid = $1;
+
+#untaint payby
+my $payby = $cgi->param('payby');
+$payby =~ /^([A-Z]*)$/;
+$payby = $1;
+
+my $error = '';
+my $svc_acct = qsearchs( 'svc_acct', {'svcnum'=>$svcnum} );
+$error = "Can't recharge service $svcnum. " unless $svc_acct;
+
+my $cust_main = $svc_acct->cust_svc->cust_pkg->cust_main;
+
+my $oldAutoCommit = $FS::UID::AutoCommit;
+local $FS::UID::AutoCommit = 0;
+my $dbh = dbh;
+
</%init>
Index: cust_main-import.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/cust_main-import.cgi,v
retrieving revision 1.5.2.1
retrieving revision 1.5.2.2
diff -u -d -r1.5.2.1 -r1.5.2.2
--- cust_main-import.cgi 8 Oct 2007 19:04:49 -0000 1.5.2.1
+++ cust_main-import.cgi 13 Jan 2008 21:14:31 -0000 1.5.2.2
@@ -1,35 +1,28 @@
-%
-%
-% my $fh = $cgi->upload('csvfile');
-% #warn $cgi;
-% #warn $fh;
-%
-% my $error = defined($fh)
-% ? FS::cust_main::batch_import( {
-% filehandle => $fh,
-% agentnum => scalar($cgi->param('agentnum')),
-% refnum => scalar($cgi->param('refnum')),
-% pkgpart => scalar($cgi->param('pkgpart')),
-% #'fields' => [qw( cust_pkg.setup dayphone first last address1 address2
-% # city state zip comments )],
-% 'format' => scalar($cgi->param('format')),
-% } )
-% : 'No file';
-%
-% if ( $error ) {
-%
-
- <!-- mason kludge -->
-%
-% errorpage($error);
-%# $cgi->param('error', $error);
-%# print $cgi->redirect( "${p}cust_main-import.cgi
+% if ( $error ) {
+% errorpage($error);
% } else {
-%
-
- <!-- mason kludge -->
- <% include("/elements/header.html",'Import successful') %>
-%
+ <% include('/elements/header.html','Import successful') %>
+ <% include('/elements/footer.html') %>
% }
-%
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('Import');
+
+my $fh = $cgi->upload('csvfile');
+#warn $cgi;
+#warn $fh;
+
+my $error = defined($fh)
+ ? FS::cust_main::batch_import( {
+ filehandle => $fh,
+ agentnum => scalar($cgi->param('agentnum')),
+ refnum => scalar($cgi->param('refnum')),
+ pkgpart => scalar($cgi->param('pkgpart')),
+ #'fields' => [qw( cust_pkg.setup dayphone first last address1 address2
+ # city state zip comments )],
+ 'format' => scalar($cgi->param('format')),
+ } )
+ : 'No file';
+</%init>
Index: cancel_pkg.html
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/cancel_pkg.html,v
retrieving revision 1.4.2.1
retrieving revision 1.4.2.2
diff -u -d -r1.4.2.1 -r1.4.2.2
--- cancel_pkg.html 26 Jun 2007 15:36:52 -0000 1.4.2.1
+++ cancel_pkg.html 13 Jan 2008 21:14:31 -0000 1.4.2.2
@@ -1,24 +1,50 @@
+<% header("Package $past{$method}") %>
+ <SCRIPT TYPE="text/javascript">
+ window.top.location.reload();
+ </SCRIPT>
+ </BODY>
+</HTML>
+<%once>
+
+my %past = ( 'cancel' => 'cancelled',
+ 'expire' => 'expired',
+ 'suspend' => 'suspended',
+ 'adjourn' => 'adjourned',
+ );
+
+#i'm sure this is false laziness with somewhere, at least w/misc/cancel_pkg.html
+my %right = ( 'cancel' => 'Cancel customer package immediately',
+ 'expire' => 'Cancel customer package later',
+ 'suspend' => 'Suspend customer package',
+ 'adjourn' => 'Suspend customer package later',
+ );
+
+</%once>
<%init>
+
#untaint method
my $method = $cgi->param('method');
-$method =~ /^(cancel|expire|suspend|adjourn)$/ || die "Illegal method";
+$method =~ /^(cancel|expire|suspend|adjourn)$/ or die "Illegal method";
$method = $1;
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right($right{$method});
+
#untaint pkgnum
my $pkgnum = $cgi->param('pkgnum');
-$pkgnum =~ /^(\d+)$/ || die "Illegal pkgnum";
+$pkgnum =~ /^(\d+)$/ or die "Illegal pkgnum";
$pkgnum = $1;
#untaint reasonnum
my $reasonnum = $cgi->param('reasonnum');
-$reasonnum =~ /^(-?\d+)$/ || die "Illegal reasonnum";
+$reasonnum =~ /^(-?\d+)$/ or die "Illegal reasonnum";
$reasonnum = $1;
my $date = time;
if ($method eq 'expire' || $method eq 'adjourn'){
#untaint date
$date = $cgi->param('date');
- str2time($cgi->param('date')) =~ /^(\d+)$/ || die "Illegal date";
+ str2time($cgi->param('date')) =~ /^(\d+)$/ or die "Illegal date";
$date = $1;
}
@@ -65,15 +91,4 @@
$dbh->commit or die $dbh->errstr if $oldAutoCommit;
- my %past = ( 'cancel' => 'cancelled',
- 'expire' => 'expired',
- 'suspend' => 'suspended',
- 'adjourn' => 'adjourned',
- );
</%init>
-<% header("Package $past{$method}") %>
- <SCRIPT TYPE="text/javascript">
- window.top.location.reload();
- </SCRIPT>
- </BODY></HTML>
-
Index: batch-cust_pay.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/batch-cust_pay.cgi,v
retrieving revision 1.3
retrieving revision 1.3.2.1
diff -u -d -r1.3 -r1.3.2.1
--- batch-cust_pay.cgi 23 Aug 2006 22:25:38 -0000 1.3
+++ batch-cust_pay.cgi 13 Jan 2008 21:14:31 -0000 1.3.2.1
@@ -1,3 +1,5 @@
+% die "access denied"
+% unless $FS::CurrentUser::CurrentUser->access_right('Post payment batch');
%
% my $param = $cgi->Vars;
%
Index: cdr-import.html
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/cdr-import.html,v
retrieving revision 1.3.2.1
retrieving revision 1.3.2.2
diff -u -d -r1.3.2.1 -r1.3.2.2
--- cdr-import.html 8 Oct 2007 19:04:49 -0000 1.3.2.1
+++ cdr-import.html 13 Jan 2008 21:14:31 -0000 1.3.2.2
@@ -1,30 +1,22 @@
-%
-%
-% my $fh = $cgi->upload('csvfile');
-%
-% my $error = defined($fh)
-% ? FS::cdr::batch_import( {
-% 'filehandle' => $fh,
-% 'format' => $cgi->param('format'),
-% } )
-% : 'No file';
-%
-% if ( $error ) {
-%
-
- <!-- mason kludge -->
-%
-% errorpage($error);
-%# $cgi->param('error', $error);
-%# print $cgi->redirect( "${p}cust_main-import.cgi
-% } else {
-%
-
- <!-- mason kludge -->
+% if ( $error ) {
+% errorpage($error);
+% } else {
<% include("/elements/header.html",'Import successful') %>
<!-- XXX redirect to batch search like the payment entry... -->
<% include("/elements/footer.html",'Import successful') %>
-%
-% }
-%
+% }
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('Import');
+
+my $fh = $cgi->upload('csvfile');
+my $error = defined($fh)
+ ? FS::cdr::batch_import( {
+ 'filehandle' => $fh,
+ 'format' => $cgi->param('format'),
+ } )
+ : 'No file';
+
+</%init>
Index: inventory_item-import.html
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/inventory_item-import.html,v
retrieving revision 1.3.2.1
retrieving revision 1.3.2.2
diff -u -d -r1.3.2.1 -r1.3.2.2
--- inventory_item-import.html 8 Oct 2007 19:04:49 -0000 1.3.2.1
+++ inventory_item-import.html 13 Jan 2008 21:14:31 -0000 1.3.2.2
@@ -1,31 +1,22 @@
-%
-%
-% my $fh = $cgi->upload('filename');
-%
-% my $error = defined($fh)
-% ? FS::inventory_item::batch_import( {
-% 'filehandle' => $fh,
-% 'classnum' => $cgi->param('classnum'),
-% } )
-% : 'No file';
-%
-% if ( $error ) {
-%
-
- <!-- mason kludge -->
-%
-% errorpage($error);
-%# $cgi->param('error', $error);
-%# print $cgi->redirect( "${p}cust_main-import.cgi
-% } else {
-%
-
- <!-- mason kludge -->
+% if ( $error ) {
+% errorpage($error);
+% } else {
<% include("/elements/header.html",'Import successful') %>
<!-- XXX redirect to batch search like the payment entry... -->
<% include("/elements/footer.html",'Import successful') %>
-%
% }
-%
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('Import');
+
+my $fh = $cgi->upload('filename');
+my $error = defined($fh)
+ ? FS::inventory_item::batch_import( {
+ 'filehandle' => $fh,
+ 'classnum' => $cgi->param('classnum'),
+ } )
+ : 'No file';
+</%init>
Index: delete-customer.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/delete-customer.cgi,v
retrieving revision 1.5
retrieving revision 1.5.2.1
diff -u -d -r1.5 -r1.5.2.1
--- delete-customer.cgi 23 Aug 2006 22:25:38 -0000 1.5
+++ delete-customer.cgi 13 Jan 2008 21:14:31 -0000 1.5.2.1
@@ -1,30 +1,33 @@
-%
-%
-%my $conf = new FS::Conf;
-%die "Customer deletions not enabled" unless $conf->exists('deletecustomers');
-%
-%$cgi->param('custnum') =~ /^(\d+)$/;
-%my $custnum = $1;
-%my $new_custnum;
-%if ( $cgi->param('new_custnum') ) {
-% $cgi->param('new_custnum') =~ /^(\d+)$/
-% or die "Illegal new customer number: ". $cgi->param('new_custnum');
-% $new_custnum = $1;
-%} else {
-% $new_custnum = '';
-%}
-%my $cust_main = qsearchs( 'cust_main', { 'custnum' => $custnum } )
-% or die "Customer not found: $custnum";
-%
-%my $error = $cust_main->delete($new_custnum);
-%
%if ( $error ) {
% $cgi->param('error', $error);
-% print $cgi->redirect(popurl(2). "delete-customer.cgi?". $cgi->query_string );
+<% $cgi->redirect(popurl(2). "delete-customer.cgi?". $cgi->query_string ) %>
%} elsif ( $new_custnum ) {
-% print $cgi->redirect(popurl(3). "view/cust_main.cgi?$new_custnum");
+<% $cgi->redirect(popurl(3). "view/cust_main.cgi?$new_custnum") %>
%} else {
-% print $cgi->redirect(popurl(3));
+<% $cgi->redirect(popurl(3)) %>
%}
-%
+<%init>
+my $conf = new FS::Conf;
+die "Customer deletions not enabled in configuration"
+ unless $conf->exists('deletecustomers');
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('Delete customer');
+
+$cgi->param('custnum') =~ /^(\d+)$/;
+my $custnum = $1;
+my $new_custnum;
+if ( $cgi->param('new_custnum') ) {
+ $cgi->param('new_custnum') =~ /^(\d+)$/
+ or die "Illegal new customer number: ". $cgi->param('new_custnum');
+ $new_custnum = $1;
+} else {
+ $new_custnum = '';
+}
+my $cust_main = qsearchs( 'cust_main', { 'custnum' => $custnum } )
+ or die "Customer not found: $custnum";
+
+my $error = $cust_main->delete($new_custnum);
+
+</%init>
Index: link.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/link.cgi,v
retrieving revision 1.15.2.2
retrieving revision 1.15.2.3
diff -u -d -r1.15.2.2 -r1.15.2.3
--- link.cgi 8 Oct 2007 19:04:49 -0000 1.15.2.2
+++ link.cgi 13 Jan 2008 21:14:31 -0000 1.15.2.3
@@ -1,76 +1,72 @@
-%
-%
-%my $DEBUG = 0;
-%
-%$cgi->param('pkgnum') =~ /^(\d+)$/;
-%my $pkgnum = $1;
-%$cgi->param('svcpart') =~ /^(\d+)$/;
-%my $svcpart = $1;
-%$cgi->param('svcnum') =~ /^(\d*)$/;
-%my $svcnum = $1;
-%
-%unless ( $svcnum ) {
-% my $part_svc = qsearchs('part_svc',{'svcpart'=>$svcpart});
-% my $svcdb = $part_svc->getfield('svcdb');
-% $cgi->param('link_field') =~ /^(\w+)$/;
-% my $link_field = $1;
-% my %search = ( $link_field => $cgi->param('link_value') );
-% if ( $cgi->param('link_field2') =~ /^(\w+)$/ ) {
-% $search{$1} = $cgi->param('link_value2');
-% }
-%
-% my @svc_x = ( sort { ($a->cust_svc->pkgnum > 0) <=> ($b->cust_svc->pkgnum > 0)
-% or ($b->cust_svc->svcpart == $svcpart)
-% <=> ($a->cust_svc->svcpart == $svcpart)
-% }
-% qsearch( $svcdb, \%search )
-% );
-%
-% if ( $DEBUG ) {
-% warn scalar(@svc_x). " candidate accounts found for linking ".
-% "(svcpart $svcpart):\n";
-% foreach my $svc_x ( @svc_x ) {
-% warn " ". $svc_x->email.
-% " (svcnum ". $svc_x->svcnum. ",".
-% " pkgnum ". $svc_x->cust_svc->pkgnum. ",".
-% " svcpart ". $svc_x->cust_svc->svcpart. ")\n";
-% }
-% }
-%
-% my $svc_x = $svc_x[0];
-%
-% errorpage("$link_field not found!") unless $svc_x;
-%
-% $svcnum = $svc_x->svcnum;
-%
-%}
-%
-%my $old = qsearchs('cust_svc',{'svcnum'=>$svcnum});
-%die "svcnum not found!" unless $old;
-%my $conf = new FS::Conf;
-%my($error, $new);
-%if ( $old->pkgnum && ! $conf->exists('legacy_link-steal') ) {
-% $error = "svcnum $svcnum already linked to package ". $old->pkgnum;
-%} else {
-% $new = new FS::cust_svc { $old->hash };
-% $new->pkgnum($pkgnum);
-% $new->svcpart($svcpart);
-%
-% $error = $new->replace($old);
-%}
-%
%unless ($error) {
% #no errors, so let's view this customer.
% my $custnum = $new->cust_pkg->custnum;
-% print $cgi->redirect(popurl(3). "view/cust_main.cgi?$custnum".
-% "#cust_pkg$pkgnum" );
+<% $cgi->redirect(popurl(3). "view/cust_main.cgi?<%$custnum%>#cust_pkg<%$pkgnum%>" ) %>
%} else {
-%
-
-<!-- mason kludge -->
-%
% errorpage($error);
%}
-%
-%
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('View/link unlinked services');
+
+my $DEBUG = 0;
+
+$cgi->param('pkgnum') =~ /^(\d+)$/;
+my $pkgnum = $1;
+$cgi->param('svcpart') =~ /^(\d+)$/;
+my $svcpart = $1;
+$cgi->param('svcnum') =~ /^(\d*)$/;
+my $svcnum = $1;
+
+unless ( $svcnum ) {
+ my $part_svc = qsearchs('part_svc',{'svcpart'=>$svcpart});
+ my $svcdb = $part_svc->getfield('svcdb');
+ $cgi->param('link_field') =~ /^(\w+)$/;
+ my $link_field = $1;
+ my %search = ( $link_field => $cgi->param('link_value') );
+ if ( $cgi->param('link_field2') =~ /^(\w+)$/ ) {
+ $search{$1} = $cgi->param('link_value2');
+ }
+ my @svc_x = ( sort { ($a->cust_svc->pkgnum > 0) <=> ($b->cust_svc->pkgnum > 0)
+ or ($b->cust_svc->svcpart == $svcpart)
+ <=> ($a->cust_svc->svcpart == $svcpart)
+ }
+ qsearch( $svcdb, \%search )
+ );
+
+ if ( $DEBUG ) {
+ warn scalar(@svc_x). " candidate accounts found for linking ".
+ "(svcpart $svcpart):\n";
+ foreach my $svc_x ( @svc_x ) {
+ warn " ". $svc_x->email.
+ " (svcnum ". $svc_x->svcnum. ",".
+ " pkgnum ". $svc_x->cust_svc->pkgnum. ",".
+ " svcpart ". $svc_x->cust_svc->svcpart. ")\n";
+ }
+ }
+
+ my $svc_x = $svc_x[0];
+
+ errorpage("$link_field not found!") unless $svc_x;
+
+ $svcnum = $svc_x->svcnum;
+
+}
+
+my $old = qsearchs('cust_svc',{'svcnum'=>$svcnum});
+die "svcnum not found!" unless $old;
+my $conf = new FS::Conf;
+my($error, $new);
+if ( $old->pkgnum && ! $conf->exists('legacy_link-steal') ) {
+ $error = "svcnum $svcnum already linked to package ". $old->pkgnum;
+} else {
+ $new = new FS::cust_svc { $old->hash };
+ $new->pkgnum($pkgnum);
+ $new->svcpart($svcpart);
+
+ $error = $new->replace($old);
+}
+
+</%init>
- Previous message: [freeside-commits] freeside/httemplate/misc batch-cust_pay.html, 1.7.2.1, 1.7.2.2 bill.cgi, 1.12.2.2, 1.12.2.3 cancel-unaudited.cgi, 1.11.2.1, 1.11.2.2 cancel_cust.html, 1.1.2.3, 1.1.2.4 cancel_pkg.html, 1.2.2.2, 1.2.2.3 catchall.cgi, 1.9, 1.9.2.1 cdr-import.html, 1.3, 1.3.2.1 cust_main-cancel.cgi, 1.4.2.2, 1.4.2.3 cust_main-import.cgi, 1.5.2.2, 1.5.2.3 cust_main-import_charges.cgi, 1.3, 1.3.2.1 delete-cust_credit.cgi, 1.2.2.1, 1.2.2.2 delete-cust_pay.cgi, 1.3.2.1, 1.3.2.2 delete-cust_refund.cgi, 1.1.2.2, 1.1.2.3 delete-customer.cgi, 1.11, 1.11.2.1 delete-domain_record.cgi, 1.2.2.1, 1.2.2.2 delete-part_export.cgi, 1.4.2.1, 1.4.2.2 dump.cgi, 1.3.2.1, 1.3.2.2 email-invoice.cgi, 1.6, 1.6.2.1 email_invoice_events.cgi, 1.4, 1.4.2.1 email_invoices.cgi, 1.5, 1.5.2.1 fax-invoice.cgi, 1.4, 1.4.2.1 fax_invoice_events.cgi, 1.4, 1.4.2.1 fax_invoices.cgi, 1.5, 1.5.2.1 inventory_item-import.html, 1.2.2.1, 1.2.2.2 link.cgi, 1.12, 1.12.2.1 meta-import.cgi, 1.4, 1.4.2.1 payment.cgi, 1.12.2.4, 1.12.2.5 print-invoice.cgi, 1.10, 1.10.2.1 print_invoice_events.cgi, 1.4, 1.4.2.1 print_invoices.cgi, 1.5, 1.5.2.1 queue.cgi, 1.5, 1.5.2.1 recharge_svc.html, 1.1.2.3, 1.1.2.4 svc_acct-domains.cgi, 1.2.2.1, 1.2.2.2 unapply-cust_credit.cgi, 1.2.2.1, 1.2.2.2 unapply-cust_pay.cgi, 1.3.2.1, 1.3.2.2 unprovision.cgi, 1.3.2.1, 1.3.2.2 unsusp_pkg.cgi, 1.5.2.1, 1.5.2.2 unvoid-cust_pay_void.cgi, 1.2.2.1, 1.2.2.2 upload-batch.cgi, 1.11.2.1, 1.11.2.2 void-cust_pay.cgi, 1.2.2.1, 1.2.2.2 whois.cgi, 1.3, 1.3.2.1
- Next message: [freeside-commits] freeside/httemplate/edit REAL_cust_pkg.cgi, 1.15, 1.16 access_user.html, 1.5, 1.6 agent.cgi, 1.17, 1.18 agent_payment_gateway.html, 1.4, 1.5 agent_type.cgi, 1.17, 1.18 bulk-cust_svc.html, 1.3, 1.4 cust_bill_pay.cgi, 1.16, 1.17 cust_credit.cgi, 1.20, 1.21 cust_credit_bill.cgi, 1.15, 1.16 cust_main.cgi, 1.83, 1.84 cust_main_county-expand.cgi, 1.12, 1.13 cust_main_note.cgi, 1.3, 1.4 cust_pay.cgi, 1.25, 1.26 cust_pkg.cgi, 1.13, 1.14 cust_refund.cgi, 1.6, 1.7 inventory_class.html, 1.3, 1.4 part_bill_event.cgi, 1.40, 1.41 part_export.cgi, 1.28, 1.29 part_pkg.cgi, 1.78, 1.79 part_referral.html, 1.3, 1.4 part_svc.cgi, 1.58, 1.59 part_virtual_field.cgi, 1.8, 1.9 payment_gateway.html, 1.8, 1.9 pkg_class.html, 1.3, 1.4 prepay_credit.cgi, 1.6, 1.7 quick-charge.html, 1.4, 1.5 rate.cgi, 1.14, 1.15 rate_region.cgi, 1.6, 1.7 reason.html, 1.4, 1.5 reason_type.html, 1.2, 1.3 reg_code.cgi, 1.5, 1.6 router.cgi, 1.6, 1.7 svc_Common.html, 1.1, 1.2 svc_acct.cgi, 1.51, 1.52 svc_acct_pop.cgi, 1.9, 1.10 svc_broadband.cgi, 1.15, 1.16 svc_domain.cgi, 1.15, 1.16 svc_external.cgi, 1.4, 1.5 svc_forward.cgi, 1.20, 1.21 svc_phone.cgi, 1.2, 1.3 svc_www.cgi, 1.23, 1.24
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the freeside-commits
mailing list