separate access control for payment reports, RT#77007

[freeside.git] / httemplate / elements / menu.html

diff --git a/httemplate/elements/menu.html b/httemplate/elements/menu.html
index 621165d..c3f3dbf 100644 (file)
--- a/httemplate/elements/menu.html
+++ b/httemplate/elements/menu.html
@@ -129,13 +129,17 @@ $report_customers_lists{'by active trouble tickets'} = [ $fsurl. 'search/cust_ma
   if $conf->config('ticket_system');
 $report_customers_lists{'with USPS-unvalidated addresses'} = [ $fsurl. 'search/cust_main.cgi?browse=uspsunvalid', '' ]
   if $conf->config('usps_webtools-userid') && $conf->config('usps_webtools-password');
+$report_customers_lists{'with referrals'} = [ $fsurl. 'search/cust_main.html?with_referrals=1' ];
 
 tie my %report_customers, 'Tie::IxHash';
 $report_customers{'List customers'} = [ \%report_customers_lists, 'List customers' ]
   if $curuser->access_right('List all customers');
-$report_customers{'Zip code distribution'}     = [ $fsurl. 'search/report_cust_main-zip.html', 'Zip codes by number of customers' ];
-$report_customers{'Customer signup report'}    = [ $fsurl. 'graph/report_cust_signup.html',    'New customer signups by date' ];
-$report_customers{'Customer churn report'} =  [ $fsurl.'graph/report_cust_churn.html', 'New customers, suspensions, and cancellations summary' ];
+$report_customers{'Zip code distribution'}     = [ $fsurl. 'search/report_cust_main-zip.html', 'Zip codes by number of customers' ]
+  if $curuser->access_right('List zip codes');
+$report_customers{'Customer signup report'}    = [ $fsurl. 'graph/report_cust_signup.html',    'New customer signups by date' ]
+  if $curuser->access_right('Financial reports');
+$report_customers{'Customer churn report'} =  [ $fsurl.'graph/report_cust_churn.html', 'New customers, suspensions, and cancellations summary' ]
+  if $curuser->access_right('Customers: Customer churn report');
 $report_customers{'Signup date report'}        = [ $fsurl. 'graph/report_signupdate.html',     'Signup date report (by date of signup)' ];
 $report_customers{'Advanced customer reports'} = [ $fsurl. 'search/report_cust_main.html',     'by status, signup date, agent, etc.' ]
   if $curuser->access_right('Advanced customer search');
@@ -341,20 +345,25 @@ $report_employees{'Employee Audit Report'} = [ $fsurl.'search/report_employee_au
   if $curuser->access_right('Employees: Audit Report');
 ;
 
-tie my %report_payments, 'Tie::IxHash',
-  'Payments' => [ $fsurl.'search/report_cust_pay.html', 'Payment report (by type and/or date range)' ],
-  'Payment application detail' => [ $fsurl.'search/report_cust_bill_pay_pkg.html', 'Line item application detail' ],
-;
+tie my %report_payments, 'Tie::IxHash';
+$report_payments{'Payments'} = [ $fsurl.'search/report_cust_pay.html', 'Payment report (by type and/or date range)' ]
+  if $curuser->access_right('Basic payment and refund reports');
+$report_payments{'Payment application detail'} = [ $fsurl.'search/report_cust_bill_pay_pkg.html', 'Line item application detail' ]
+  if $curuser->access_right('Financial reports');
 $report_payments{'Pending Payments'} = [ $fsurl.'search/cust_pay_pending.html?magic=_date;statusNOT=done', 'Pending real-time payments' ]
   if $curuser->access_right('View customer pending payments');
-$report_payments{'Unapplied Payments'} = [ $fsurl.'search/report_cust_pay.html?unapplied=1', 'Unapplied payment report (by type and/or date range)' ];
+$report_payments{'Unapplied Payments'} = [ $fsurl.'search/report_cust_pay.html?unapplied=1', 'Unapplied payment report (by type and/or date range)' ]
+  if $curuser->access_right('Financial reports'); #not enforced
 $report_payments{'Voided Payments'} = [ $fsurl.'search/report_cust_pay.html?void=1', 'Voided payment report (by type and/or date range)' ]
-  if $curuser->access_right('View customer pending payments');
+  if $curuser->access_right('Financial reports'); #not enforced
 $report_payments{'Payment Batches'} = [ $fsurl.'search/pay_batch.html', 'Payment batches (by status and/or date range)' ]
-  if $conf->exists('batch-enable') || $conf->config('batch-enable_payby');
-$report_payments{'Unapplied Payment Aging'} = [ $fsurl.'search/report_unapplied_cust_pay.html', 'Unapplied payment aging report' ];
+  if ( $conf->exists('batch-enable') || $conf->config('batch-enable_payby') )
+  && $curuser->access_right('Financial reports');
+$report_payments{'Unapplied Payment Aging'} = [ $fsurl.'search/report_unapplied_cust_pay.html', 'Unapplied payment aging report' ]
+  if $curuser->access_right('Financial reports');
 $report_payments{'Deleted Payments / Payment history table'} = [ $fsurl.'search/report_h_cust_pay.html', 'Deleted payments / payment history table' ]
-  if $conf->exists('payment-history-report');
+  if $conf->exists('payment-history-report')
+  && $curuser->access_right('Financial reports');
 
 tie my %report_credits, 'Tie::IxHash',
   'Credit Report' => [ $fsurl.'search/report_cust_credit.html', 'Credit report (by employee and/or date range)' ],
@@ -436,13 +445,17 @@ $report_menu{'Quotations'}     = [ \%report_quotations, 'Quotation reports' ]
   if $curuser->access_right('List quotations');
 $report_menu{'Customers'}      = [ \%report_customers, 'Customer reports'  ]
   if $curuser->access_right('List customers')
-  || $curuser->access_right('List contacts');
+  || $curuser->access_right('List contacts')
+  || $curuser->access_right('Advanced customer search')
+  || $curuser->access_right('List zip codes')
+  || $curuser->access_right('Financial reports')
+  || $curuser->access_right('Customers: Customer churn report');
 $report_menu{'Invoices'}       =  [ \%report_invoices,  'Invoice reports'   ]
   if $curuser->access_right('List invoices');
 $report_menu{'Discounts'}      =  [ \%report_discounts, 'Discount reports'  ]
   if $curuser->access_right('Financial reports');
 $report_menu{'Payments'}       =  [ \%report_payments,  'Payment reports'   ]
-  if $curuser->access_right('Financial reports');
+  if keys %report_payments;
 $report_menu{'Packages'}       =  [ \%report_packages,  'Package reports'   ]
   if $curuser->access_right('List packages');
 $report_menu{'Services'}       =  [ \%report_services,  'Services reports'  ]
@@ -659,8 +672,7 @@ tie my %config_cust, 'Tie::IxHash',
   'Contact types'    =>  [ $fsurl.'browse/contact_class.html', ''], #XXX useful description
 ;
   
-$config_cust{'Note classes'} = [ $fsurl.'browse/cust_note_class.html', 'Note classes define groups of customer notes for reporting.' ]
-    if ($conf->exists('note-classes') && $conf->config('note-classes') > 0);
+$config_cust{'Note classes'} = [ $fsurl.'browse/cust_note_class.html', 'Note classes define groups of customer notes for reporting.' ];
 
 tie my %config_agent, 'Tie::IxHash',
   'Agent types' => [ $fsurl.'browse/agent_type.cgi', 'Agent types define groups of package definitions that you can then assign to particular agents' ],
@@ -819,7 +831,7 @@ $config_menu{'Billing'} = [ \%config_billing, '' ]
   if keys %config_billing;
 $config_menu{'Ticketing'} = [ \%config_ticketing, '' ]
   if $conf->config('ticket_system')
-  && FS::TicketSystem->access_right(\%session, 'ShowConfigTab');
+  && eval { FS::TicketSystem->access_right(\%session, 'ShowConfigTab') };
 $config_menu{'Network Monitoring'} = [ \%config_nms, '' ]
   if $curuser->access_right('Configure network monitoring')
   && $conf->config('network_monitoring_system') eq 'Torrus_Internal';