###
'Reporting/listing rights' => [
'List customers',
+ 'List all customers',
'List zip codes', #NEW
'List invoices',
'List packages',
{ rightname=> 'List inventory', global=>1 },
{ rightname=>'View email logs', global=>1 },
+ 'Download report data',
+
#{ rightname => 'List customers of all agents', global=>1 },
],
},
{
+ 'key' => 'disable_maxselect',
+ 'section' => 'UI',
+ 'description' => 'Prevent changing the number of records per page.',
+ 'type' => 'checkbox',
+ },
+
+ {
'key' => 'session-start',
'section' => 'session',
'description' => 'If defined, the command which is executed on the Freeside machine when a session begins. The contents of the file are treated as a double-quoted perl string, with the following variables available: <code>$ip</code>, <code>$nasip</code> and <code>$nasfqdn</code>, which are the IP address of the starting session, and the IP address and fully-qualified domain name of the NAS this session is on.',
'index' => [],
},
+ 'upgrade_journal' => {
+ 'columns' => [
+ 'upgradenum', 'serial', '', '', '', '',
+ '_date', 'int', '', '', '', '',
+ 'upgrade', 'varchar', '', $char_d, '', '',
+ 'status', 'varchar', '', $char_d, '', '',
+ 'statustext', 'varchar', 'NULL', $char_d, '', '',
+ ],
+ 'primary_key' => 'upgradenum',
+ 'unique' => [ [ 'upgradenum' ] ],
+ 'index' => [ [ 'upgrade' ] ],
+ },
+
%{ tables_hashref_torrus() },
# tables of ours for doing torrus virtual port combining
use FS::UID qw( dbh driver_name );
use FS::Conf;
use FS::Record qw(qsearchs qsearch str2time_sql);
+use FS::upgrade_journal;
use FS::svc_domain;
$FS::svc_domain::whois_hack = 1;
}
+ my @all_groups = qsearch('access_group', {});
+
+ ### ACL_list_all_customers
+ if ( !FS::upgrade_journal->is_done('ACL_list_all_customers') ) {
+
+ # grant "List all customers" to all users who have "List customers"
+ for my $group (@all_groups) {
+ if ( $group->access_right('List customers') ) {
+ my $access_right = FS::access_right->new( {
+ 'righttype' => 'FS::access_group',
+ 'rightobjnum' => $group->groupnum,
+ 'rightname' => 'List all customers',
+ } );
+ my $error = $access_right->insert;
+ die $error if $error;
+ }
+ }
+
+ FS::upgrade_journal->set_done('ACL_list_all_customers');
+ }
+
+ ### ACL_download_report_data
+ if ( !FS::upgrade_journal->is_done('ACL_download_report_data') ) {
+
+ # grant to everyone
+ for my $group (@all_groups) {
+ my $access_right = FS::access_right->new( {
+ 'righttype' => 'FS::access_group',
+ 'rightobjnum' => $group->groupnum,
+ 'rightname' => 'Download report data',
+ } );
+ my $error = $access_right->insert;
+ die $error if $error;
+ }
+
+ FS::upgrade_journal->set_done('ACL_download_report_data');
+ }
+
'';
}
t/h_svc_cert.t
FS/contact_class.pm
t/contact_class.t
+FS/upgrade_journal.pm
+t/upgrade_journal.t
tie my %report_customers, 'Tie::IxHash';
$report_customers{'List customers'} = [ \%report_customers_lists, 'List customers' ]
- if $curuser->access_right('List customers');
+ if $curuser->access_right('List all customers');
$report_customers{'Zip code distribution'} = [ $fsurl. 'search/report_cust_main-zip.html', 'Zip codes by number of customers' ];
$report_customers{'Customer signup report'} = [ $fsurl. 'graph/report_cust_signup.html', 'New customer signups by date' ],
$report_customers{'Advanced customer reports'} = [ $fsurl. 'search/report_cust_main.html', 'by status, signup date, agent, etc.' ]
my $curuser = $FS::CurrentUser::CurrentUser;
die "access denied"
- unless $curuser->access_right('List customers');
+ unless $curuser->access_right('List all customers');
my $conf = new FS::Conf;
my $maxrecords = $conf->config('maxsearchrecordsperpage');
</TD>
-% unless ( $opt{'disable_download'} || $type eq 'html-print' ) {
+% if ( $curuser->access_right('Download report data')
+% and !$opt{'disable_download'}
+% and $type ne 'html-print' ) {
<TD ALIGN="right">
% }
<%init>
+my $curuser = $FS::CurrentUser::CurrentUser;
+
my %args = @_;
my $type = $args{'type'};
my $header = $args{'header'};
%
<% include('search-csv.html', header=>$header, rows=>$rows, opt=>\%opt ) %>
%
-% #} elsif ( $type eq 'excel' ) {
% } elsif ( $type =~ /\.xls$/ ) {
%
<% include('search-xls.html', header=>$header, rows=>$rows, opt=>\%opt ) %>
%
<% include('search-xml.html', rows=>$rows, opt=>\%opt ) %>
%
-% } else { # regular HTML
+% } else {
%
<% include('search-html.html',
type => $type,
my $type = $cgi->param('_type') =~ /^(csv|\w*\.xls|xml|select|html(-print)?)$/
? $1 : 'html' ;
+if ( !$curuser->access_right('Download report data') ) {
+ $opt{'disable_download'} = 1;
+ $type = 'html';
+}
+
my %align = (
'l' => 'left',
'r' => 'right',
$maxrecords ||= $confmax;
}
+ $opt{'disable_maxselect'} ||= $conf->exists('disable_maxselect');
+
$limit = $maxrecords ? "LIMIT $maxrecords" : '';
$offset = $cgi->param('offset') =~ /^(\d+)$/ ? $1 : 0;