[freeside-commits] branch FREESIDE_2_3_BRANCH updated. 61ad2af332888443d8dae59274693229d0258a97
Mark Wells
mark at 420.am
Wed Feb 27 13:33:01 PST 2013
The branch, FREESIDE_2_3_BRANCH has been updated
via 61ad2af332888443d8dae59274693229d0258a97 (commit)
via 556250142547918eaeeee3711d2a01ee4bf878c9 (commit)
from 92a5fcc821f1257b2d0bff61d91fda5db58a24d4 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 61ad2af332888443d8dae59274693229d0258a97
Author: Mark Wells <mark at freeside.biz>
Date: Wed Feb 27 12:28:49 2013 -0800
"Edit password" ACL, #21178, part 2
diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm
index 12201a7..e1001d7 100644
--- a/FS/FS/AccessRight.pm
+++ b/FS/FS/AccessRight.pm
@@ -164,6 +164,7 @@ tie my %rights, 'Tie::IxHash',
'Recharge customer service', #NEW
'Unprovision customer service',
'Change customer service', #NEWNEW
+ 'Edit password',
'Edit usage', #NEW
'Edit home dir', #NEW
'Edit www config', #NEW
diff --git a/FS/FS/Schema.pm b/FS/FS/Schema.pm
index deca4d4..7456f69 100644
--- a/FS/FS/Schema.pm
+++ b/FS/FS/Schema.pm
@@ -1859,6 +1859,7 @@ sub tables_hashref {
'disabled', 'char', 'NULL', 1, '', '',
'preserve', 'char', 'NULL', 1, '', '',
'selfservice_access', 'varchar', 'NULL', $char_d, '', '',
+ 'restrict_edit_password','char', 'NULL', 1, '', '',
],
'primary_key' => 'svcpart',
'unique' => [],
@@ -1993,6 +1994,7 @@ sub tables_hashref {
'cgp_sendmdnmode', 'varchar', 'NULL', $char_d, '', '',#SendMDNMode
#mail
#XXX RPOP settings
+ #
],
'primary_key' => 'svcnum',
#'unique' => [ [ 'username', 'domsvc' ] ],
diff --git a/FS/FS/access_right.pm b/FS/FS/access_right.pm
index 55cc979..e6c847d 100644
--- a/FS/FS/access_right.pm
+++ b/FS/FS/access_right.pm
@@ -228,6 +228,8 @@ sub _upgrade_data { # class method
'Edit customer contacts',
],
+ 'Provision customer service' => [ 'Edit password' ],
+
;
foreach my $old_acl ( keys %onetime ) {
diff --git a/FS/FS/part_svc.pm b/FS/FS/part_svc.pm
index 8a6633e..e1ffa36 100644
--- a/FS/FS/part_svc.pm
+++ b/FS/FS/part_svc.pm
@@ -55,6 +55,13 @@ L<FS::svc_domain>, and L<FS::svc_forward>, among others.
=item preserve - Preserve after cancellation, empty or 'Y'
+=item selfservice_access - Access allowed to the service via self-service:
+empty for full access, "readonly" for read-only, "hidden" to hide it entirely
+
+=item restrict_edit_password - Require the "Provision customer service" access
+right to change the password field, rather than just "Edit password". Only
+relevant to svc_acct for now.
+
=back
=head1 METHODS
@@ -387,6 +394,7 @@ sub check {
|| $self->ut_enum('disabled', [ '', 'Y' ] )
|| $self->ut_enum('preserve', [ '', 'Y' ] )
|| $self->ut_enum('selfservice_access', [ '', 'hidden', 'readonly' ] )
+ || $self->ut_enum('restrict_edit_password', [ '', 'Y' ] )
;
return $error if $error;
diff --git a/httemplate/browse/part_svc.cgi b/httemplate/browse/part_svc.cgi
index 26d090a..62e4c3b 100755
--- a/httemplate/browse/part_svc.cgi
+++ b/httemplate/browse/part_svc.cgi
@@ -82,6 +82,7 @@ function part_export_areyousure(href) {
% }
% @dfields ;
% my $rowspan = scalar(@fields) || 1;
+% $rowspan++ if $part_svc->restrict_edit_password;
% my $url = "${p}edit/part_svc.cgi?". $part_svc->svcpart;
%
% if ( $bgcolor eq $bgcolor1 ) {
@@ -192,15 +193,21 @@ function part_export_areyousure(href) {
% } else {
<% $value %>
-% }
+% }
</TD>
% $n1="</TR><TR>";
-% }
-%
+% } #foreach $field
+% if ( $part_svc->restrict_edit_password ) {
+ <TR>
+ <TD CLASS="grid" BGCOLOR="<% $bgcolor %>" COLSPAN=4 ALIGN="left">
+ <B><% emt('Password editing restricted.') %></B>
+ </TD>
+ </TR>
+% }
</TR>
-% }
+% } #foreach $part_svc
</TABLE>
</BODY>
diff --git a/httemplate/edit/part_svc.cgi b/httemplate/edit/part_svc.cgi
index c03de5c..3f8d485 100755
--- a/httemplate/edit/part_svc.cgi
+++ b/httemplate/edit/part_svc.cgi
@@ -390,13 +390,27 @@ Self-service access:
%
% } #foreach my $field (@fields) {
%
+% if ( $layer eq 'svc_acct' ) {
+% # eww, more ugly special-caseyness
+% $html .=
+% '<TR><TD COLSPAN=3 ALIGN="right">'.
+% emt('Require "Provision" access right to edit password').
+% '</TD><TD>'.
+% '<INPUT TYPE="checkbox" NAME="restrict_edit_password" VALUE="Y"'.
+% ($part_svc->restrict_edit_password ? ' CHECKED' : '').
+% '></TD></TR>';
+% } else {
+% $html .=
+% '<INPUT TYPE="hidden" NAME="restrict_edit_password" VALUE="">';
+% }
+%
% $part_svc->svcpart('') if $clone; #undone
% $html .= "</TABLE>";
%
% $html .= include('/elements/progress-init.html',
% $layer, #form name
% [ qw(svc svcpart selfservice_access disabled preserve
-% exportnum),
+% exportnum restrict_edit_password),
% @fields ],
% 'process/part_svc.cgi',
% $p.'browse/part_svc.cgi',
diff --git a/httemplate/edit/process/cust_svc.cgi b/httemplate/edit/process/cust_svc.cgi
index e22cbb2..7cb1d6d 100644
--- a/httemplate/edit/process/cust_svc.cgi
+++ b/httemplate/edit/process/cust_svc.cgi
@@ -6,7 +6,7 @@
%}
<%init>
-die 'access deined'
+die 'access denied'
unless $FS::CurrentUser::CurrentUser->access_right('Change customer service');
my $svcnum = $cgi->param('svcnum');
diff --git a/httemplate/edit/svc_acct.cgi b/httemplate/edit/svc_acct.cgi
index 38567ef..2d96ba4 100755
--- a/httemplate/edit/svc_acct.cgi
+++ b/httemplate/edit/svc_acct.cgi
@@ -9,19 +9,6 @@
<BR>
% }
-<SCRIPT TYPE="text/javascript">
-function randomPass() {
- var i=0;
- var pw_set='<% join('', 'a'..'z', 'A'..'Z', '0'..'9' ) %>';
- var pass='';
- while(i < 8) {
- i++;
- pass += pw_set.charAt(Math.floor(Math.random() * pw_set.length));
- }
- document.OneTrueForm.clear_password.value = pass;
-}
-</SCRIPT>
-
<FORM NAME="OneTrueForm" ACTION="<% $p1 %>process/svc_acct.cgi" METHOD=POST>
<INPUT TYPE="hidden" NAME="svcnum" VALUE="<% $svcnum %>">
<INPUT TYPE="hidden" NAME="pkgnum" VALUE="<% $pkgnum %>">
@@ -57,10 +44,11 @@ function randomPass() {
%if ( $part_svc->part_svc_column('_password')->columnflag ne 'F' ) {
<TR>
+% #XXX eventually should require "Edit Password" ACL
<TD ALIGN="right"><% mt('Password') |h %></TD>
<TD>
- <INPUT TYPE="text" NAME="clear_password" VALUE="<% $password %>" SIZE=<% $pmax2 %> MAXLENGTH=<% $pmax %>>
- <INPUT TYPE="button" VALUE="<% mt('Generate') |h %>" onclick="randomPass();">
+ <INPUT TYPE="text" ID="clear_password" NAME="clear_password" VALUE="<% $password %>" SIZE=<% $pmax2 %> MAXLENGTH=<% $pmax %>>
+ <& /elements/random_pass.html, 'clear_password' &>
</TD>
</TR>
%}else{
diff --git a/httemplate/misc/process/change-password.html b/httemplate/misc/process/change-password.html
index 7005439..7cab9c4 100644
--- a/httemplate/misc/process/change-password.html
+++ b/httemplate/misc/process/change-password.html
@@ -1,11 +1,16 @@
<%init>
my $curuser = $FS::CurrentUser::CurrentUser;
-die "access denied" unless $curuser->access_right('Edit password');
$cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum";
my $svcnum = $1;
my $svc_acct = FS::svc_acct->by_key($svcnum)
or die "svc_acct $svcnum not found";
+my $part_svc = $svc_acct->part_svc;
+die "access denied" unless (
+ $curuser->access_right('Provision customer service') or
+ ( $curuser->access_right('Edit password') and
+ ! $part_svc->restrict_edit_password )
+ );
my $error = $svc_acct->set_password($cgi->param('password'))
|| $svc_acct->replace;
diff --git a/httemplate/view/elements/svc_Common.html b/httemplate/view/elements/svc_Common.html
index a822412..de01c3d 100644
--- a/httemplate/view/elements/svc_Common.html
+++ b/httemplate/view/elements/svc_Common.html
@@ -52,7 +52,7 @@ function areyousure(href) {
<% mt('Service #') |h %><B><% $svcnum %></B>
% my $url = $opt{'edit_url'} || $p. 'edit/'. $opt{'table'}. '.cgi?';
-| <& /view/elements/svc_edit_link.html, 'svc' => $svc_x &>
+<& /view/elements/svc_edit_link.html, 'svc' => $svc_x &>
<BR>
<% ntable("#cccccc") %><TR><TD><% ntable("#cccccc",2) %>
diff --git a/httemplate/view/elements/svc_edit_link.html b/httemplate/view/elements/svc_edit_link.html
index b16261a..f525f1f 100644
--- a/httemplate/view/elements/svc_edit_link.html
+++ b/httemplate/view/elements/svc_edit_link.html
@@ -7,8 +7,12 @@ function areyousure_delete() {
window.location.href = '<% $cancel_url %>';
}
</SCRIPT>
-<A HREF="<% $edit_url %>"><% mt("Edit this [_1]", $label) |h %></A> |
-<A HREF="javascript:areyousure_delete()"><% mt('Unprovision this Service') |h %></A>
+% if ( $curuser->access_right('Provision customer service') ) {
+| <A HREF="<% $edit_url %>"><% mt("Edit this [_1]", $label) |h %></A>
+% }
+% if ( $curuser->access_right('Unprovision customer service') ) {
+| <A HREF="javascript:areyousure_delete()"><% mt('Unprovision this Service') |h %></A>
+% }
% }
<%init>
my %opt = @_;
@@ -20,4 +24,5 @@ my $cancel_url = $p . 'misc/unprovision.cgi?' . $svc_x->svcnum;
my $cust_svc = $svc_x->cust_svc; # always exists
my $cancel_date = $cust_svc->pkg_cancel_date;
my ($label) = $cust_svc->label;
+my $curuser = $FS::CurrentUser::CurrentUser;
</%init>
diff --git a/httemplate/view/svc_acct.cgi b/httemplate/view/svc_acct.cgi
index 5ea66a6..01c32d0 100755
--- a/httemplate/view/svc_acct.cgi
+++ b/httemplate/view/svc_acct.cgi
@@ -37,7 +37,6 @@
&>
<% mt('Service #') |h %><B><% $svcnum %></B>
-|
<& /view/elements/svc_edit_link.html, 'svc' => $svc_acct &>
<& svc_acct/change_svc.html,
'part_svc' => \@part_svc,
@@ -88,8 +87,12 @@ die "access denied"
my $addl_from = ' LEFT JOIN cust_svc USING ( svcnum ) '.
' LEFT JOIN cust_pkg USING ( pkgnum ) '.
' LEFT JOIN cust_main USING ( custnum ) ';
-
-my($query) = $cgi->keywords;
+my $query;
+if ( $cgi->keywords ) {
+ ($query) = $cgi->keywords;
+} else {
+ $query = $cgi->param('svcnum');
+}
$query =~ /^(\d+)$/;
my $svcnum = $1;
my $svc_acct = qsearchs({
diff --git a/httemplate/view/svc_acct/basics.html b/httemplate/view/svc_acct/basics.html
index bcd8469..a786bb2 100644
--- a/httemplate/view/svc_acct/basics.html
+++ b/httemplate/view/svc_acct/basics.html
@@ -20,7 +20,7 @@
% if ( $password =~ /^\*\w+\* (.*)$/ ) {
% $password = $1;
% $show_pw .= '<I>('. mt('login disabled') .')</I> ';
-% }
+% }
% if ( ! $password
% && $svc_acct->_password_encryption ne 'plain'
% && $svc_acct->_password
@@ -28,13 +28,27 @@
% {
% $show_pw .= '<I>('. uc($svc_acct->_password_encryption). ' '.mt('encrypted').')</I>';
% } elsif ( $conf->exists('showpasswords') ) {
-% $show_pw .= '<PRE>'. encode_entities($password). '</PRE>';
+% $show_pw .= '<SPAN >'. encode_entities($password). '</PRE>';
% } else {
+% $password = '';
% $show_pw .= '<I>('. mt('hidden') .')</I>';
-% }
-% $password = '';
-<& /view/elements/tr.html, label=>mt('Password'), value=>$show_pw &>
-
+% }
+<TR>
+ <TD ALIGN="right"><% mt('Password') %></TD>
+ <TD STYLE="background-color: #ffffff; white-space: nowrap">
+ <% $show_pw %>
+% my $curuser = $FS::CurrentUser::CurrentUser;
+% if ( $curuser->access_right('Provision customer service') or
+% ($curuser->access_right('Edit password') and
+% ! $part_svc->restrict_edit_password) )
+% {
+ <& /elements/change_password.html,
+ 'svc_acct' => $svc_acct,
+ 'curr_value' => $password,
+ &>
+% }
+ </TD>
+</TR>
% if ( $conf->exists('security_phrase') ) {
<& /view/elements/tr.html, label=>mt('Security phrase'), value=>$svc_acct->sec_phrase &>
commit 556250142547918eaeeee3711d2a01ee4bf878c9
Author: Mark Wells <mark at freeside.biz>
Date: Tue Feb 26 23:45:02 2013 -0800
"Edit password" ACL, #21178, part 1
diff --git a/httemplate/elements/change_password.html b/httemplate/elements/change_password.html
new file mode 100644
index 0000000..625ba1f
--- /dev/null
+++ b/httemplate/elements/change_password.html
@@ -0,0 +1,41 @@
+<STYLE>
+.passwordbox {
+ border: 1px solid #7e0079;
+ padding: 2px;
+ position: absolute;
+ font-size: 80%;
+ background-color: #ffffff;
+ display: none;
+}
+</STYLE>
+<A ID="<%$pre%>link" HREF="#" onclick="<%$pre%>toggle(true)">(<% mt('change') %>)</A>
+<DIV ID="<%$pre%>form" CLASS="passwordbox">
+ <FORM METHOD="POST" ACTION="<%$fsurl%>misc/process/change-password.html">
+ <INPUT TYPE="hidden" NAME="svcnum" VALUE="<% $svc_acct->svcnum |h%>">
+ <INPUT TYPE="text" ID="<%$pre%>password" NAME="password" VALUE="<% $curr_value |h%>">
+ <& /elements/random_pass.html, $pre.'password', 'randomize' &>
+ <INPUT TYPE="submit" VALUE="change">
+ <INPUT TYPE="button" VALUE="cancel" onclick="<%$pre%>toggle(false)">
+% if ( $error ) {
+ <BR><SPAN STYLE="color: #ff0000"><% $error |h %></SPAN>
+% }
+ </FORM>
+</DIV>
+<SCRIPT TYPE="text/javascript">
+function <%$pre%>toggle(val) {
+ document.getElementById('<%$pre%>form').style.display =
+ val ? 'inline-block' : 'none';
+ document.getElementById('<%$pre%>link').style.display =
+ val ? 'none' : 'inline';
+}
+% if ( $error ) {
+<%$pre%>toggle(true);
+% }
+</SCRIPT>
+<%init>
+my %opt = @_;
+my $svc_acct = $opt{'svc_acct'};
+my $curr_value = $opt{'curr_value'} || '';
+my $pre = 'changepw'.$svc_acct->svcnum.'_';
+my $error = $cgi->param($pre.'error');
+</%init>
diff --git a/httemplate/elements/random_pass.html b/httemplate/elements/random_pass.html
new file mode 100644
index 0000000..b215b77
--- /dev/null
+++ b/httemplate/elements/random_pass.html
@@ -0,0 +1,17 @@
+<INPUT TYPE="button" VALUE="<% emt($label) %>" onclick="randomPass()">
+<SCRIPT TYPE="text/javascript">
+function randomPass() {
+ var i=0;
+ var pw_set='<% join('', 'a'..'z', 'A'..'Z', '0'..'9' ) %>';
+ var pass='';
+ while(i < 8) {
+ i++;
+ pass += pw_set.charAt(Math.floor(Math.random() * pw_set.length));
+ }
+ document.getElementById('<% $id %>').value = pass;
+}
+</SCRIPT>
+<%init>
+my $id = shift;
+my $label = shift || 'Generate';
+</%init>
diff --git a/httemplate/misc/process/change-password.html b/httemplate/misc/process/change-password.html
new file mode 100644
index 0000000..7005439
--- /dev/null
+++ b/httemplate/misc/process/change-password.html
@@ -0,0 +1,21 @@
+<%init>
+my $curuser = $FS::CurrentUser::CurrentUser;
+die "access denied" unless $curuser->access_right('Edit password');
+
+$cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum";
+my $svcnum = $1;
+my $svc_acct = FS::svc_acct->by_key($svcnum)
+ or die "svc_acct $svcnum not found";
+my $error = $svc_acct->set_password($cgi->param('password'))
+ || $svc_acct->replace;
+
+# annoyingly specific to view/svc_acct.cgi, for now...
+$cgi->delete('password');
+</%init>
+% if ( $error ) {
+% $cgi->param('svcnum', $svcnum);
+% $cgi->param("changepw${svcnum}_error", $error);
+% } else {
+% $cgi->query_string($svcnum);
+% }
+<% $cgi->redirect($fsurl.'view/svc_acct.cgi?'.$cgi->query_string) %>
-----------------------------------------------------------------------
Summary of changes:
FS/FS/AccessRight.pm | 1 +
FS/FS/Schema.pm | 2 +
FS/FS/access_right.pm | 2 +
FS/FS/part_svc.pm | 8 +++++
httemplate/browse/part_svc.cgi | 15 +++++++--
httemplate/edit/part_svc.cgi | 16 +++++++++-
httemplate/edit/process/cust_svc.cgi | 2 +-
httemplate/edit/svc_acct.cgi | 18 ++---------
httemplate/elements/change_password.html | 41 ++++++++++++++++++++++++++
httemplate/elements/random_pass.html | 17 +++++++++++
httemplate/misc/process/change-password.html | 26 ++++++++++++++++
httemplate/view/elements/svc_Common.html | 2 +-
httemplate/view/elements/svc_edit_link.html | 9 ++++-
httemplate/view/svc_acct.cgi | 9 ++++--
httemplate/view/svc_acct/basics.html | 26 ++++++++++++----
15 files changed, 161 insertions(+), 33 deletions(-)
create mode 100644 httemplate/elements/change_password.html
create mode 100644 httemplate/elements/random_pass.html
create mode 100644 httemplate/misc/process/change-password.html
More information about the freeside-commits
mailing list