[freeside-commits] branch master updated. 99106a6f323b554fb4d6abe5d80f69e48f75ab85

Ivan ivan at 420.am
Fri Aug 25 15:31:55 PDT 2017 

The branch, master has been updated
       via  99106a6f323b554fb4d6abe5d80f69e48f75ab85 (commit)
      from  cbfeb5f6b7490f78361318ce6290bfb442dbfcbe (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 99106a6f323b554fb4d6abe5d80f69e48f75ab85
Author: Ivan Kohler <ivan at freeside.biz>
Date:   Fri Aug 25 15:31:54 2017 -0700

    separate access control for payment reports, RT#77007

diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm
index ccabf27..471e32a 100644
--- a/FS/FS/AccessRight.pm
+++ b/FS/FS/AccessRight.pm
@@ -291,6 +291,7 @@ tie my %rights, 'Tie::IxHash',
     { rightname=> 'List rating data', desc=>'Usage reports', global=>1 },
     'Billing event reports',
     'Receivables report',
+    'Basic payment and refund reports',
     'Financial reports',
     { rightname=>'Send reports to customers', global=>1 },
     { rightname=> 'List inventory', global=>1 },
diff --git a/FS/FS/access_right.pm b/FS/FS/access_right.pm
index 4a36033..155da73 100644
--- a/FS/FS/access_right.pm
+++ b/FS/FS/access_right.pm
@@ -260,6 +260,7 @@ sub _upgrade_data { # class method
     'List customers' => 'Customers: Customer churn report',
     'Edit customer note' => 'Delete customer note',
     'Edit customer' => 'Edit customer invoice terms',
+    'Financial reports' => 'Basic payment and refund reports',
   );
 
 #  foreach my $old_acl ( keys %onetime ) {
diff --git a/httemplate/elements/menu.html b/httemplate/elements/menu.html
index cadbd86..d963094 100644
--- a/httemplate/elements/menu.html
+++ b/httemplate/elements/menu.html
@@ -343,20 +343,25 @@ tie my %report_bill_event, 'Tie::IxHash',
   'Billing event errors' => [ $fsurl.'search/report_cust_event.html?failed=1', 'Failed credit cards, processor or printer problems, etc.' ],
 ;
 
-tie my %report_payments, 'Tie::IxHash',
-  'Payments' => [ $fsurl.'search/report_cust_pay.html', 'Payment report (by type and/or date range)' ],
-  'Payment application detail' => [ $fsurl.'search/report_cust_bill_pay_pkg.html', 'Line item application detail' ],
-;
+tie my %report_payments, 'Tie::IxHash';
+$report_payments{'Payments'} = [ $fsurl.'search/report_cust_pay.html', 'Payment report (by type and/or date range)' ]
+  if $curuser->access_right('Basic payment and refund reports');
+$report_payments{'Payment application detail'} = [ $fsurl.'search/report_cust_bill_pay_pkg.html', 'Line item application detail' ]
+  if $curuser->access_right('Financial reports');
 $report_payments{'Pending Payments'} = [ $fsurl.'search/cust_pay_pending.html?magic=_date;statusNOT=done', 'Pending real-time payments' ]
   if $curuser->access_right('View customer pending payments');
-$report_payments{'Unapplied Payments'} = [ $fsurl.'search/report_cust_pay.html?unapplied=1', 'Unapplied payment report (by type and/or date range)' ];
+$report_payments{'Unapplied Payments'} = [ $fsurl.'search/report_cust_pay.html?unapplied=1', 'Unapplied payment report (by type and/or date range)' ]
+  if $curuser->access_right('Financial reports'); #not enforced
 $report_payments{'Voided Payments'} = [ $fsurl.'search/report_cust_pay.html?void=1', 'Voided payment report (by type and/or date range)' ]
-  if $curuser->access_right('View customer pending payments');
+  if $curuser->access_right('Financial reports'); #not enforced
 $report_payments{'Payment Batches'} = [ $fsurl.'search/pay_batch.html', 'Payment batches (by status and/or date range)' ]
-  if $conf->exists('batch-enable') || $conf->config('batch-enable_payby');
-$report_payments{'Unapplied Payment Aging'} = [ $fsurl.'search/report_unapplied_cust_pay.html', 'Unapplied payment aging report' ];
+  if ( $conf->exists('batch-enable') || $conf->config('batch-enable_payby') )
+  && $curuser->access_right('Financial reports');
+$report_payments{'Unapplied Payment Aging'} = [ $fsurl.'search/report_unapplied_cust_pay.html', 'Unapplied payment aging report' ]
+  if $curuser->access_right('Financial reports');
 $report_payments{'Deleted Payments / Payment history table'} = [ $fsurl.'search/report_h_cust_pay.html', 'Deleted payments / payment history table' ]
-  if $conf->exists('payment-history-report');
+  if $conf->exists('payment-history-report')
+  && $curuser->access_right('Financial reports');
 
 tie my %report_credits, 'Tie::IxHash',
   'Credit Report' => [ $fsurl.'search/report_cust_credit.html', 'Credit report (by employee and/or date range)' ],
@@ -461,7 +466,7 @@ $report_menu{'Invoices'}       =  [ \%report_invoices,  'Invoice reports'   ]
 $report_menu{'Discounts'}      =  [ \%report_discounts, 'Discount reports'  ]
   if $curuser->access_right('Financial reports');
 $report_menu{'Payments'}       =  [ \%report_payments,  'Payment reports'   ]
-  if $curuser->access_right('Financial reports');
+  if keys %report_payments;
 $report_menu{'Packages'}       =  [ \%report_packages,  'Package reports'   ]
   if $curuser->access_right('List packages');
 $report_menu{'Services'}       =  [ \%report_services,  'Services reports'  ]
diff --git a/httemplate/search/elements/cust_pay_or_refund.html b/httemplate/search/elements/cust_pay_or_refund.html
index 99f9ba0..fbcae9d 100755
--- a/httemplate/search/elements/cust_pay_or_refund.html
+++ b/httemplate/search/elements/cust_pay_or_refund.html
@@ -87,7 +87,7 @@ my $conf = FS::Conf->new;
 my $money = ($conf->config('money_char') || '$') . '%.2f';
 
 die "access denied"
-  unless $curuser->access_right('Financial reports');
+  unless $curuser->access_right('Basic payment and refund reports');
 
 my $table = $opt{'table'} || 'cust_'.$opt{'thing'};
 
diff --git a/httemplate/search/elements/report_cust_pay_or_refund.html b/httemplate/search/elements/report_cust_pay_or_refund.html
index bff470a..f7a81a0 100644
--- a/httemplate/search/elements/report_cust_pay_or_refund.html
+++ b/httemplate/search/elements/report_cust_pay_or_refund.html
@@ -174,7 +174,7 @@ my $table = 'cust_'.$opt{'thing'};
 my $name_singular = $opt{'name_singular'};
 
 die "access denied"
-  unless $FS::CurrentUser::CurrentUser->access_right('Financial reports');
+  unless $FS::CurrentUser::CurrentUser->access_right('Basic payment and refund reports');
 
 my $conf = new FS::Conf;
 

-----------------------------------------------------------------------

Summary of changes:
 FS/FS/AccessRight.pm                               |    1 +
 FS/FS/access_right.pm                              |    1 +
 httemplate/elements/menu.html                      |   25 ++++++++++++--------
 httemplate/search/elements/cust_pay_or_refund.html |    2 +-
 .../search/elements/report_cust_pay_or_refund.html |    2 +-
 5 files changed, 19 insertions(+), 12 deletions(-)

More information about the freeside-commits mailing list