[freeside-commits] branch master updated. 583e90e3de4d707996084dc82b794f26063b7fea
Mark Wells
mark at 420.am
Wed Apr 4 10:10:54 PDT 2012
The branch, master has been updated
via 583e90e3de4d707996084dc82b794f26063b7fea (commit)
from c2ee6c5c4f274bbf86729cacd2fe011ea71f725d (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 583e90e3de4d707996084dc82b794f26063b7fea
Author: Mark Wells <mark at freeside.biz>
Date: Wed Apr 4 10:08:37 2012 -0700
options to limit access to full customer list, #15928
diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm
index 1bfae03..b164948 100644
--- a/FS/FS/AccessRight.pm
+++ b/FS/FS/AccessRight.pm
@@ -253,6 +253,7 @@ tie my %rights, 'Tie::IxHash',
###
'Reporting/listing rights' => [
'List customers',
+ 'List all customers',
'List zip codes', #NEW
'List invoices',
'List packages',
@@ -266,6 +267,8 @@ tie my %rights, 'Tie::IxHash',
{ rightname=> 'List inventory', global=>1 },
{ rightname=>'View email logs', global=>1 },
+ 'Download report data',
+
#{ rightname => 'List customers of all agents', global=>1 },
],
diff --git a/FS/FS/Conf.pm b/FS/FS/Conf.pm
index 1b01aa6..111bafa 100644
--- a/FS/FS/Conf.pm
+++ b/FS/FS/Conf.pm
@@ -1594,6 +1594,13 @@ and customer address. Include units.',
},
{
+ 'key' => 'disable_maxselect',
+ 'section' => 'UI',
+ 'description' => 'Prevent changing the number of records per page.',
+ 'type' => 'checkbox',
+ },
+
+ {
'key' => 'session-start',
'section' => 'session',
'description' => 'If defined, the command which is executed on the Freeside machine when a session begins. The contents of the file are treated as a double-quoted perl string, with the following variables available: <code>$ip</code>, <code>$nasip</code> and <code>$nasfqdn</code>, which are the IP address of the starting session, and the IP address and fully-qualified domain name of the NAS this session is on.',
diff --git a/FS/FS/Schema.pm b/FS/FS/Schema.pm
index 5147432..5b8525c 100644
--- a/FS/FS/Schema.pm
+++ b/FS/FS/Schema.pm
@@ -3626,6 +3626,19 @@ sub tables_hashref {
'index' => [],
},
+ 'upgrade_journal' => {
+ 'columns' => [
+ 'upgradenum', 'serial', '', '', '', '',
+ '_date', 'int', '', '', '', '',
+ 'upgrade', 'varchar', '', $char_d, '', '',
+ 'status', 'varchar', '', $char_d, '', '',
+ 'statustext', 'varchar', 'NULL', $char_d, '', '',
+ ],
+ 'primary_key' => 'upgradenum',
+ 'unique' => [ [ 'upgradenum' ] ],
+ 'index' => [ [ 'upgrade' ] ],
+ },
+
%{ tables_hashref_torrus() },
# tables of ours for doing torrus virtual port combining
diff --git a/FS/FS/Upgrade.pm b/FS/FS/Upgrade.pm
index 8f66c66..aabc4e7 100644
--- a/FS/FS/Upgrade.pm
+++ b/FS/FS/Upgrade.pm
@@ -7,6 +7,7 @@ use Tie::IxHash;
use FS::UID qw( dbh driver_name );
use FS::Conf;
use FS::Record qw(qsearchs qsearch str2time_sql);
+use FS::upgrade_journal;
use FS::svc_domain;
$FS::svc_domain::whois_hack = 1;
diff --git a/FS/FS/access_right.pm b/FS/FS/access_right.pm
index ef8cc6c..d2a39aa 100644
--- a/FS/FS/access_right.pm
+++ b/FS/FS/access_right.pm
@@ -180,6 +180,44 @@ sub _upgrade_data { # class method
}
+ my @all_groups = qsearch('access_group', {});
+
+ ### ACL_list_all_customers
+ if ( !FS::upgrade_journal->is_done('ACL_list_all_customers') ) {
+
+ # grant "List all customers" to all users who have "List customers"
+ for my $group (@all_groups) {
+ if ( $group->access_right('List customers') ) {
+ my $access_right = FS::access_right->new( {
+ 'righttype' => 'FS::access_group',
+ 'rightobjnum' => $group->groupnum,
+ 'rightname' => 'List all customers',
+ } );
+ my $error = $access_right->insert;
+ die $error if $error;
+ }
+ }
+
+ FS::upgrade_journal->set_done('ACL_list_all_customers');
+ }
+
+ ### ACL_download_report_data
+ if ( !FS::upgrade_journal->is_done('ACL_download_report_data') ) {
+
+ # grant to everyone
+ for my $group (@all_groups) {
+ my $access_right = FS::access_right->new( {
+ 'righttype' => 'FS::access_group',
+ 'rightobjnum' => $group->groupnum,
+ 'rightname' => 'Download report data',
+ } );
+ my $error = $access_right->insert;
+ die $error if $error;
+ }
+
+ FS::upgrade_journal->set_done('ACL_download_report_data');
+ }
+
'';
}
diff --git a/FS/MANIFEST b/FS/MANIFEST
index f0a4a9d..0c9cc54 100644
--- a/FS/MANIFEST
+++ b/FS/MANIFEST
@@ -632,3 +632,5 @@ FS/h_svc_cert.pm
t/h_svc_cert.t
FS/contact_class.pm
t/contact_class.t
+FS/upgrade_journal.pm
+t/upgrade_journal.t
diff --git a/httemplate/elements/menu.html b/httemplate/elements/menu.html
index 3b0969f..a2b0ff3 100644
--- a/httemplate/elements/menu.html
+++ b/httemplate/elements/menu.html
@@ -106,7 +106,7 @@ $report_customers_lists{'with USPS-unvalidated addresses'} = [ $fsurl. 'search/c
tie my %report_customers, 'Tie::IxHash';
$report_customers{'List customers'} = [ \%report_customers_lists, 'List customers' ]
- if $curuser->access_right('List customers');
+ if $curuser->access_right('List all customers');
$report_customers{'Zip code distribution'} = [ $fsurl. 'search/report_cust_main-zip.html', 'Zip codes by number of customers' ];
$report_customers{'Customer signup report'} = [ $fsurl. 'graph/report_cust_signup.html', 'New customer signups by date' ],
$report_customers{'Advanced customer reports'} = [ $fsurl. 'search/report_cust_main.html', 'by status, signup date, agent, etc.' ]
diff --git a/httemplate/search/cust_main.cgi b/httemplate/search/cust_main.cgi
index aae8c7e..859ef04 100755
--- a/httemplate/search/cust_main.cgi
+++ b/httemplate/search/cust_main.cgi
@@ -334,7 +334,7 @@
my $curuser = $FS::CurrentUser::CurrentUser;
die "access denied"
- unless $curuser->access_right('List customers');
+ unless $curuser->access_right('List all customers');
my $conf = new FS::Conf;
my $maxrecords = $conf->config('maxsearchrecordsperpage');
diff --git a/httemplate/search/elements/search-html.html b/httemplate/search/elements/search-html.html
index af0c8fc..53167c2 100644
--- a/httemplate/search/elements/search-html.html
+++ b/httemplate/search/elements/search-html.html
@@ -130,7 +130,9 @@
</TD>
-% unless ( $opt{'disable_download'} || $type eq 'html-print' ) {
+% if ( $curuser->access_right('Download report data')
+% and !$opt{'disable_download'}
+% and $type ne 'html-print' ) {
<TD ALIGN="right">
@@ -470,6 +472,8 @@
% }
<%init>
+my $curuser = $FS::CurrentUser::CurrentUser;
+
my %args = @_;
my $type = $args{'type'};
my $header = $args{'header'};
diff --git a/httemplate/search/elements/search.html b/httemplate/search/elements/search.html
index 81ec4d0..9bc66b6 100644
--- a/httemplate/search/elements/search.html
+++ b/httemplate/search/elements/search.html
@@ -170,7 +170,6 @@ Example:
%
<% include('search-csv.html', header=>$header, rows=>$rows, opt=>\%opt ) %>
%
-% #} elsif ( $type eq 'excel' ) {
% } elsif ( $type =~ /\.xls$/ ) {
%
<% include('search-xls.html', header=>$header, rows=>$rows, opt=>\%opt ) %>
@@ -179,7 +178,7 @@ Example:
%
<% include('search-xml.html', rows=>$rows, opt=>\%opt ) %>
%
-% } else { # regular HTML
+% } else {
%
<% include('search-html.html',
type => $type,
@@ -205,6 +204,11 @@ my $curuser = $FS::CurrentUser::CurrentUser;
my $type = $cgi->param('_type') =~ /^(csv|\w*\.xls|xml|select|html(-print)?)$/
? $1 : 'html' ;
+if ( !$curuser->access_right('Download report data') ) {
+ $opt{'disable_download'} = 1;
+ $type = 'html';
+}
+
my %align = (
'l' => 'left',
'r' => 'right',
@@ -363,6 +367,8 @@ unless ( $type =~ /^(csv|\w*.xls)$/) {
$maxrecords ||= $confmax;
}
+ $opt{'disable_maxselect'} ||= $conf->exists('disable_maxselect');
+
$limit = $maxrecords ? "LIMIT $maxrecords" : '';
$offset = $cgi->param('offset') =~ /^(\d+)$/ ? $1 : 0;
-----------------------------------------------------------------------
Summary of changes:
FS/FS/AccessRight.pm | 3 ++
FS/FS/Conf.pm | 7 +++++
FS/FS/Schema.pm | 13 +++++++++
FS/FS/Upgrade.pm | 1 +
FS/FS/access_right.pm | 38 +++++++++++++++++++++++++++
FS/MANIFEST | 2 +
httemplate/elements/menu.html | 2 +-
httemplate/search/cust_main.cgi | 2 +-
httemplate/search/elements/search-html.html | 6 +++-
httemplate/search/elements/search.html | 10 +++++-
10 files changed, 79 insertions(+), 5 deletions(-)
More information about the freeside-commits
mailing list