[freeside-commits] branch master updated. 2920cfc494c2811ca7879d6ecaa353d216c9f69d
Mark Wells
mark at 420.am
Wed Feb 27 13:33:01 PST 2013
The branch, master has been updated
via 2920cfc494c2811ca7879d6ecaa353d216c9f69d (commit)
via a5e611f5ffc045a59fee9e1b03f8ac79ef794d00 (commit)
from bb79bc808b080e3c9fb9ebe3275c75343a3385bd (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 2920cfc494c2811ca7879d6ecaa353d216c9f69d
Author: Mark Wells <mark at freeside.biz>
Date: Wed Feb 27 12:47:34 2013 -0800
"Edit password" ACL, #21178, part 2
diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm
index 50fb0e3..a60d033 100644
--- a/FS/FS/AccessRight.pm
+++ b/FS/FS/AccessRight.pm
@@ -162,6 +162,7 @@ tie my %rights, 'Tie::IxHash',
'Recharge customer service', #NEW
'Unprovision customer service',
'Change customer service', #NEWNEW
+ 'Edit password',
'Edit usage', #NEW
'Edit home dir', #NEW
'Edit www config', #NEW
diff --git a/FS/FS/Schema.pm b/FS/FS/Schema.pm
index 774dcd2..eff4878 100644
--- a/FS/FS/Schema.pm
+++ b/FS/FS/Schema.pm
@@ -2112,7 +2112,8 @@ sub tables_hashref {
'preserve', 'char', 'NULL', 1, '', '',
'selfservice_access', 'varchar', 'NULL', $char_d, '', '',
'classnum', 'int', 'NULL', '', '', '',
- ],
+ 'restrict_edit_password','char', 'NULL', 1, '', '',
+],
'primary_key' => 'svcpart',
'unique' => [],
'index' => [ [ 'disabled' ] ],
@@ -2260,6 +2261,7 @@ sub tables_hashref {
'cgp_sendmdnmode', 'varchar', 'NULL', $char_d, '', '',#SendMDNMode
#mail
#XXX RPOP settings
+ #
],
'primary_key' => 'svcnum',
#'unique' => [ [ 'username', 'domsvc' ] ],
diff --git a/FS/FS/access_right.pm b/FS/FS/access_right.pm
index 0c61896..0e8bf45 100644
--- a/FS/FS/access_right.pm
+++ b/FS/FS/access_right.pm
@@ -228,7 +228,9 @@ sub _upgrade_data { # class method
'Usage: Call Detail Records (CDRs)',
'Usage: Unrateable CDRs',
],
- ;
+ 'Provision customer service' => [ 'Edit password' ],
+
+;
foreach my $old_acl ( keys %onetime ) {
diff --git a/FS/FS/part_svc.pm b/FS/FS/part_svc.pm
index c471771..6ca4889 100644
--- a/FS/FS/part_svc.pm
+++ b/FS/FS/part_svc.pm
@@ -58,6 +58,13 @@ L<FS::svc_domain>, and L<FS::svc_forward>, among others.
=item preserve - Preserve after cancellation, empty or 'Y'
+=item selfservice_access - Access allowed to the service via self-service:
+empty for full access, "readonly" for read-only, "hidden" to hide it entirely
+
+=item restrict_edit_password - Require the "Provision customer service" access
+right to change the password field, rather than just "Edit password". Only
+relevant to svc_acct for now.
+
=back
=head1 METHODS
@@ -391,7 +398,8 @@ sub check {
|| $self->ut_enum('preserve', [ '', 'Y' ] )
|| $self->ut_enum('selfservice_access', [ '', 'hidden', 'readonly' ] )
|| $self->ut_foreign_keyn('classnum', 'part_svc_class', 'classnum' )
- ;
+ || $self->ut_enum('restrict_edit_password', [ '', 'Y' ] )
+;
return $error if $error;
my @fields = eval { fields( $self->svcdb ) }; #might die
diff --git a/httemplate/browse/part_svc.cgi b/httemplate/browse/part_svc.cgi
index a8f4a7c..f941ae5 100755
--- a/httemplate/browse/part_svc.cgi
+++ b/httemplate/browse/part_svc.cgi
@@ -82,6 +82,7 @@ function part_export_areyousure(href) {
% }
% @dfields ;
% my $rowspan = scalar(@fields) || 1;
+% $rowspan++ if $part_svc->restrict_edit_password;
% my $url = "${p}edit/part_svc.cgi?". $part_svc->svcpart;
%
% if ( $bgcolor eq $bgcolor1 ) {
@@ -183,15 +184,21 @@ function part_export_areyousure(href) {
% } else {
<% $value %>
-% }
+% }
</TD>
% $n1="</TR><TR>";
-% }
-%
+% } #foreach $field
+% if ( $part_svc->restrict_edit_password ) {
+ <TR>
+ <TD CLASS="grid" BGCOLOR="<% $bgcolor %>" COLSPAN=4 ALIGN="left">
+ <B><% emt('Password editing restricted.') %></B>
+ </TD>
+ </TR>
+% }
</TR>
-% }
+% } #foreach $part_svc
</TABLE>
</BODY>
diff --git a/httemplate/edit/part_svc.cgi b/httemplate/edit/part_svc.cgi
index 007c246..8a84b20 100755
--- a/httemplate/edit/part_svc.cgi
+++ b/httemplate/edit/part_svc.cgi
@@ -407,6 +407,20 @@
%
% } #foreach my $field (@fields) {
%
+% if ( $layer eq 'svc_acct' ) {
+% # eww, more ugly special-caseyness
+% $html .=
+% '<TR><TD COLSPAN=3 ALIGN="right">'.
+% emt('Require "Provision" access right to edit password').
+% '</TD><TD>'.
+% '<INPUT TYPE="checkbox" NAME="restrict_edit_password" VALUE="Y"'.
+% ($part_svc->restrict_edit_password ? ' CHECKED' : '').
+% '></TD></TR>';
+% } else {
+% $html .=
+% '<INPUT TYPE="hidden" NAME="restrict_edit_password" VALUE="">';
+% }
+%
% $part_svc->svcpart('') if $clone; #undone
% $html .= "</TABLE>";
%
@@ -414,7 +428,7 @@
% $layer, #form name
% [ qw(svc svcpart classnum selfservice_access
% disabled preserve
-% exportnum),
+% exportnum restrict_edit_password),
% @fields ],
% 'process/part_svc.cgi',
% $p.'browse/part_svc.cgi',
diff --git a/httemplate/edit/process/cust_svc.cgi b/httemplate/edit/process/cust_svc.cgi
index e22cbb2..7cb1d6d 100644
--- a/httemplate/edit/process/cust_svc.cgi
+++ b/httemplate/edit/process/cust_svc.cgi
@@ -6,7 +6,7 @@
%}
<%init>
-die 'access deined'
+die 'access denied'
unless $FS::CurrentUser::CurrentUser->access_right('Change customer service');
my $svcnum = $cgi->param('svcnum');
diff --git a/httemplate/edit/svc_acct.cgi b/httemplate/edit/svc_acct.cgi
index c1f7455..627791b 100755
--- a/httemplate/edit/svc_acct.cgi
+++ b/httemplate/edit/svc_acct.cgi
@@ -9,19 +9,6 @@
<BR>
% }
-<SCRIPT TYPE="text/javascript">
-function randomPass() {
- var i=0;
- var pw_set='<% join('', 'a'..'z', 'A'..'Z', '0'..'9' ) %>';
- var pass='';
- while(i < 8) {
- i++;
- pass += pw_set.charAt(Math.floor(Math.random() * pw_set.length));
- }
- document.OneTrueForm.clear_password.value = pass;
-}
-</SCRIPT>
-
<FORM NAME="OneTrueForm" ACTION="<% $p1 %>process/svc_acct.cgi" METHOD=POST>
<INPUT TYPE="hidden" NAME="svcnum" VALUE="<% $svcnum %>">
<INPUT TYPE="hidden" NAME="pkgnum" VALUE="<% $pkgnum %>">
@@ -57,10 +44,11 @@ function randomPass() {
%if ( $part_svc->part_svc_column('_password')->columnflag ne 'F' ) {
<TR>
+% #XXX eventually should require "Edit Password" ACL
<TD ALIGN="right"><% mt('Password') |h %></TD>
<TD>
- <INPUT TYPE="text" NAME="clear_password" VALUE="<% $password %>" SIZE=<% $pmax2 %> MAXLENGTH=<% $pmax %>>
- <INPUT TYPE="button" VALUE="<% mt('Generate') |h %>" onclick="randomPass();">
+ <INPUT TYPE="text" ID="clear_password" NAME="clear_password" VALUE="<% $password %>" SIZE=<% $pmax2 %> MAXLENGTH=<% $pmax %>>
+ <& /elements/random_pass.html, 'clear_password' &>
</TD>
</TR>
%}else{
diff --git a/httemplate/misc/process/change-password.html b/httemplate/misc/process/change-password.html
index 7005439..7cab9c4 100644
--- a/httemplate/misc/process/change-password.html
+++ b/httemplate/misc/process/change-password.html
@@ -1,11 +1,16 @@
<%init>
my $curuser = $FS::CurrentUser::CurrentUser;
-die "access denied" unless $curuser->access_right('Edit password');
$cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum";
my $svcnum = $1;
my $svc_acct = FS::svc_acct->by_key($svcnum)
or die "svc_acct $svcnum not found";
+my $part_svc = $svc_acct->part_svc;
+die "access denied" unless (
+ $curuser->access_right('Provision customer service') or
+ ( $curuser->access_right('Edit password') and
+ ! $part_svc->restrict_edit_password )
+ );
my $error = $svc_acct->set_password($cgi->param('password'))
|| $svc_acct->replace;
diff --git a/httemplate/view/elements/svc_Common.html b/httemplate/view/elements/svc_Common.html
index f7c685c..46b9c28 100644
--- a/httemplate/view/elements/svc_Common.html
+++ b/httemplate/view/elements/svc_Common.html
@@ -52,7 +52,7 @@ function areyousure(href) {
<% mt('Service #') |h %><B><% $svcnum %></B>
% my $url = $opt{'edit_url'} || $p. 'edit/'. $opt{'table'}. '.cgi?';
-| <& /view/elements/svc_edit_link.html, 'svc' => $svc_x, 'edit_url' => $url &>
+<& /view/elements/svc_edit_link.html, 'svc' => $svc_x, 'edit_url' => $url &>
<BR>
<% ntable("#cccccc") %><TR><TD><% ntable("#cccccc",2) %>
diff --git a/httemplate/view/elements/svc_edit_link.html b/httemplate/view/elements/svc_edit_link.html
index d65db0a..5438ed2 100644
--- a/httemplate/view/elements/svc_edit_link.html
+++ b/httemplate/view/elements/svc_edit_link.html
@@ -7,8 +7,12 @@ function areyousure_delete() {
window.location.href = '<% $cancel_url %>';
}
</SCRIPT>
-<A HREF="<% $edit_url %>"><% mt("Edit this [_1]", $label) |h %></A> |
-<A HREF="javascript:areyousure_delete()"><% mt('Unprovision this Service') |h %></A>
+% if ( $curuser->access_right('Provision customer service') ) {
+| <A HREF="<% $edit_url %>"><% mt("Edit this [_1]", $label) |h %></A>
+% }
+% if ( $curuser->access_right('Unprovision customer service') ) {
+| <A HREF="javascript:areyousure_delete()"><% mt('Unprovision this Service') |h %></A>
+% }
% }
<%init>
my %opt = @_;
@@ -20,4 +24,5 @@ my $cancel_url = $p . 'misc/unprovision.cgi?' . $svc_x->svcnum;
my $cust_svc = $svc_x->cust_svc; # always exists
my $cancel_date = $cust_svc->pkg_cancel_date;
my ($label) = $cust_svc->label;
+my $curuser = $FS::CurrentUser::CurrentUser;
</%init>
diff --git a/httemplate/view/svc_acct.cgi b/httemplate/view/svc_acct.cgi
index 1995913..76631ba 100755
--- a/httemplate/view/svc_acct.cgi
+++ b/httemplate/view/svc_acct.cgi
@@ -37,7 +37,6 @@
&>
<% mt('Service #') |h %><B><% $svcnum %></B>
-|
<& /view/elements/svc_edit_link.html, 'svc' => $svc_acct &>
<& svc_acct/change_svc.html,
'part_svc' => \@part_svc,
@@ -90,8 +89,12 @@ die "access denied"
my $addl_from = ' LEFT JOIN cust_svc USING ( svcnum ) '.
' LEFT JOIN cust_pkg USING ( pkgnum ) '.
' LEFT JOIN cust_main USING ( custnum ) ';
-
-my($query) = $cgi->keywords;
+my $query;
+if ( $cgi->keywords ) {
+ ($query) = $cgi->keywords;
+} else {
+ $query = $cgi->param('svcnum');
+}
$query =~ /^(\d+)$/;
my $svcnum = $1;
my $svc_acct = qsearchs({
diff --git a/httemplate/view/svc_acct/basics.html b/httemplate/view/svc_acct/basics.html
index 2d9953f..04e7bcf 100644
--- a/httemplate/view/svc_acct/basics.html
+++ b/httemplate/view/svc_acct/basics.html
@@ -20,7 +20,7 @@
% if ( $password =~ /^\*\w+\* (.*)$/ ) {
% $password = $1;
% $show_pw .= '<I>('. mt('login disabled') .')</I> ';
-% }
+% }
% if ( ! $password
% && $svc_acct->_password_encryption ne 'plain'
% && $svc_acct->_password
@@ -28,13 +28,27 @@
% {
% $show_pw .= '<I>('. uc($svc_acct->_password_encryption). ' '.mt('encrypted').')</I>';
% } elsif ( $conf->exists('showpasswords') ) {
-% $show_pw .= '<PRE>'. encode_entities($password). '</PRE>';
+% $show_pw .= '<SPAN >'. encode_entities($password). '</PRE>';
% } else {
+% $password = '';
% $show_pw .= '<I>('. mt('hidden') .')</I>';
-% }
-% $password = '';
-<& /view/elements/tr.html, label=>mt('Password'), value=>$show_pw &>
-
+% }
+<TR>
+ <TD ALIGN="right"><% mt('Password') %></TD>
+ <TD STYLE="background-color: #ffffff; white-space: nowrap">
+ <% $show_pw %>
+% my $curuser = $FS::CurrentUser::CurrentUser;
+% if ( $curuser->access_right('Provision customer service') or
+% ($curuser->access_right('Edit password') and
+% ! $part_svc->restrict_edit_password) )
+% {
+ <& /elements/change_password.html,
+ 'svc_acct' => $svc_acct,
+ 'curr_value' => $password,
+ &>
+% }
+ </TD>
+</TR>
% if ( $conf->exists('security_phrase') ) {
<& /view/elements/tr.html, label=>mt('Security phrase'), value=>$svc_acct->sec_phrase &>
commit a5e611f5ffc045a59fee9e1b03f8ac79ef794d00
Author: Mark Wells <mark at freeside.biz>
Date: Wed Feb 27 12:34:17 2013 -0800
"Edit password" ACL, #21178, part 1
diff --git a/httemplate/elements/change_password.html b/httemplate/elements/change_password.html
new file mode 100644
index 0000000..625ba1f
--- /dev/null
+++ b/httemplate/elements/change_password.html
@@ -0,0 +1,41 @@
+<STYLE>
+.passwordbox {
+ border: 1px solid #7e0079;
+ padding: 2px;
+ position: absolute;
+ font-size: 80%;
+ background-color: #ffffff;
+ display: none;
+}
+</STYLE>
+<A ID="<%$pre%>link" HREF="#" onclick="<%$pre%>toggle(true)">(<% mt('change') %>)</A>
+<DIV ID="<%$pre%>form" CLASS="passwordbox">
+ <FORM METHOD="POST" ACTION="<%$fsurl%>misc/process/change-password.html">
+ <INPUT TYPE="hidden" NAME="svcnum" VALUE="<% $svc_acct->svcnum |h%>">
+ <INPUT TYPE="text" ID="<%$pre%>password" NAME="password" VALUE="<% $curr_value |h%>">
+ <& /elements/random_pass.html, $pre.'password', 'randomize' &>
+ <INPUT TYPE="submit" VALUE="change">
+ <INPUT TYPE="button" VALUE="cancel" onclick="<%$pre%>toggle(false)">
+% if ( $error ) {
+ <BR><SPAN STYLE="color: #ff0000"><% $error |h %></SPAN>
+% }
+ </FORM>
+</DIV>
+<SCRIPT TYPE="text/javascript">
+function <%$pre%>toggle(val) {
+ document.getElementById('<%$pre%>form').style.display =
+ val ? 'inline-block' : 'none';
+ document.getElementById('<%$pre%>link').style.display =
+ val ? 'none' : 'inline';
+}
+% if ( $error ) {
+<%$pre%>toggle(true);
+% }
+</SCRIPT>
+<%init>
+my %opt = @_;
+my $svc_acct = $opt{'svc_acct'};
+my $curr_value = $opt{'curr_value'} || '';
+my $pre = 'changepw'.$svc_acct->svcnum.'_';
+my $error = $cgi->param($pre.'error');
+</%init>
diff --git a/httemplate/elements/random_pass.html b/httemplate/elements/random_pass.html
new file mode 100644
index 0000000..b215b77
--- /dev/null
+++ b/httemplate/elements/random_pass.html
@@ -0,0 +1,17 @@
+<INPUT TYPE="button" VALUE="<% emt($label) %>" onclick="randomPass()">
+<SCRIPT TYPE="text/javascript">
+function randomPass() {
+ var i=0;
+ var pw_set='<% join('', 'a'..'z', 'A'..'Z', '0'..'9' ) %>';
+ var pass='';
+ while(i < 8) {
+ i++;
+ pass += pw_set.charAt(Math.floor(Math.random() * pw_set.length));
+ }
+ document.getElementById('<% $id %>').value = pass;
+}
+</SCRIPT>
+<%init>
+my $id = shift;
+my $label = shift || 'Generate';
+</%init>
diff --git a/httemplate/misc/process/change-password.html b/httemplate/misc/process/change-password.html
new file mode 100644
index 0000000..7005439
--- /dev/null
+++ b/httemplate/misc/process/change-password.html
@@ -0,0 +1,21 @@
+<%init>
+my $curuser = $FS::CurrentUser::CurrentUser;
+die "access denied" unless $curuser->access_right('Edit password');
+
+$cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum";
+my $svcnum = $1;
+my $svc_acct = FS::svc_acct->by_key($svcnum)
+ or die "svc_acct $svcnum not found";
+my $error = $svc_acct->set_password($cgi->param('password'))
+ || $svc_acct->replace;
+
+# annoyingly specific to view/svc_acct.cgi, for now...
+$cgi->delete('password');
+</%init>
+% if ( $error ) {
+% $cgi->param('svcnum', $svcnum);
+% $cgi->param("changepw${svcnum}_error", $error);
+% } else {
+% $cgi->query_string($svcnum);
+% }
+<% $cgi->redirect($fsurl.'view/svc_acct.cgi?'.$cgi->query_string) %>
-----------------------------------------------------------------------
Summary of changes:
FS/FS/AccessRight.pm | 1 +
FS/FS/Schema.pm | 4 ++-
FS/FS/access_right.pm | 4 ++-
FS/FS/part_svc.pm | 10 ++++++-
httemplate/browse/part_svc.cgi | 15 +++++++--
httemplate/edit/part_svc.cgi | 16 +++++++++-
httemplate/edit/process/cust_svc.cgi | 2 +-
httemplate/edit/svc_acct.cgi | 18 ++---------
httemplate/elements/change_password.html | 41 ++++++++++++++++++++++++++
httemplate/elements/random_pass.html | 17 +++++++++++
httemplate/misc/process/change-password.html | 26 ++++++++++++++++
httemplate/view/elements/svc_Common.html | 2 +-
httemplate/view/elements/svc_edit_link.html | 9 ++++-
httemplate/view/svc_acct.cgi | 9 ++++--
httemplate/view/svc_acct/basics.html | 26 ++++++++++++----
15 files changed, 164 insertions(+), 36 deletions(-)
create mode 100644 httemplate/elements/change_password.html
create mode 100644 httemplate/elements/random_pass.html
create mode 100644 httemplate/misc/process/change-password.html
More information about the freeside-commits
mailing list