[freeside-commits] branch master updated. c2e0d0fcb917af1832dd6eb1d1dd787b492eb387

Christopher Burger burgerc at 420.am
Wed Jul 26 07:53:18 PDT 2017 

The branch, master has been updated
       via  c2e0d0fcb917af1832dd6eb1d1dd787b492eb387 (commit)
      from  f3c59969f9182b4b9d157508a65da0c66f753379 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit c2e0d0fcb917af1832dd6eb1d1dd787b492eb387
Author: Christopher Burger <burgerc at freeside.biz>
Date:   Wed Jul 26 10:53:18 2017 -0400

    RT# 74537 - added checks in MyAccount.pm for config option ach read only

diff --git a/FS/FS/ClientAPI/MyAccount.pm b/FS/FS/ClientAPI/MyAccount.pm
index 49e61ab..2b4d52d 100644
--- a/FS/FS/ClientAPI/MyAccount.pm
+++ b/FS/FS/ClientAPI/MyAccount.pm
@@ -742,6 +742,11 @@ sub edit_info {
   my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } )
     or return { 'error' => "unknown custnum $custnum" };
 
+  my $conf = new FS::Conf;
+  if (($p->{payby} eq "CHEK" || $p->{payby} eq "DCHEK") && $conf->exists('selfservice-ACH_info_readonly')) {
+    return { 'error' => "You do not have authority to add a bank account" };
+  }
+
   my $new = new FS::cust_main { $cust_main->hash };
 
   $new->set( $_ => $p->{$_} )
@@ -769,8 +774,6 @@ sub edit_info {
   # but if it hasn't been passed in at all, leave ship_location alone--
   # DON'T change it to match bill_location.
 
-  my $conf = new FS::Conf;
-
   my @invoicing_list;
   if ( exists $p->{'invoicing_list'} || exists $p->{'postal_invoicing'} ) {
     #false laziness with httemplate/edit/process/cust_main.cgi
@@ -987,12 +990,18 @@ sub validate_payment {
     my $payinfo2 = $1;
     $payinfo = $payinfo1. '@'. $payinfo2;
 
+    my $achonfile = 0;
     foreach my $cust_payby ($cust_main->cust_payby('CHEK','DCHK')) {
       if ( $cust_payby->paymask eq $payinfo ) {
         $payinfo = $cust_payby->payinfo;
+        $achonfile = 1;
         last;
       }
     }
+
+    if ($conf->exists('selfservice-ACH_info_readonly') && !$achonfile) {
+      return { 'error' => "You are not allowed to change your payment information." };
+    }
    
   } elsif ( $payby eq 'CARD' || $payby eq 'DCRD' ) {
    
diff --git a/fs_selfservice/FS-SelfService/cgi/make_ach_payment.html b/fs_selfservice/FS-SelfService/cgi/make_ach_payment.html
index 37fd464..1183b2b 100644
--- a/fs_selfservice/FS-SelfService/cgi/make_ach_payment.html
+++ b/fs_selfservice/FS-SelfService/cgi/make_ach_payment.html
@@ -31,7 +31,7 @@ EOF
 <%=
   $OUT = '';
   if ($ach_read_only) {
-    if ($payby == 'CHEK') {
+    if ($payby eq 'CHEK') {
       $OUT .= '<TR><TD COLSPAN=2><INPUT TYPE="hidden" NAME="auto" VALUE="1"></TD></TR>';
     }
   } else {

-----------------------------------------------------------------------

Summary of changes:
 FS/FS/ClientAPI/MyAccount.pm                            |   13 +++++++++++--
 fs_selfservice/FS-SelfService/cgi/make_ach_payment.html |    2 +-
 2 files changed, 12 insertions(+), 3 deletions(-)

More information about the freeside-commits mailing list