From: Ivan Kohler <ivan@freeside.biz>
Date: Thu, 27 Apr 2017 01:21:03 +0000 (-0700)
Subject: add a separate ACL for churn report, RT#75012
X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=commitdiff_plain;h=beaeb82e3a714f6b086c5fae4b4f2ec509c9978b

add a separate ACL for churn report, RT#75012
---

diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm
index dac349eaf..285a770fc 100644
--- a/FS/FS/AccessRight.pm
+++ b/FS/FS/AccessRight.pm
@@ -296,6 +296,7 @@ tie my %rights, 'Tie::IxHash',
     { rightname=>'View system logs' },
 
     'Download report data',
+    'Customers: Customer churn report',
     'Services: Accounts',
     'Services: Accounts: Advanced search',
     'Services: Domains',
diff --git a/FS/FS/access_right.pm b/FS/FS/access_right.pm
index 13a826f29..1a0a1cb30 100644
--- a/FS/FS/access_right.pm
+++ b/FS/FS/access_right.pm
@@ -257,6 +257,7 @@ sub _upgrade_data { # class method
                                        'Change package contract end date',
                                      ],
     'Resend invoices' => 'Print and mail invoices',
+    'List customers' => 'Customers: Customer churn report',
   );
 
 #  foreach my $old_acl ( keys %onetime ) {
diff --git a/httemplate/elements/menu.html b/httemplate/elements/menu.html
index 23b1271c8..27626f313 100644
--- a/httemplate/elements/menu.html
+++ b/httemplate/elements/menu.html
@@ -133,9 +133,12 @@ $report_customers_lists{'with USPS-unvalidated addresses'} = [ $fsurl. 'search/c
 tie my %report_customers, 'Tie::IxHash';
 $report_customers{'List customers'} = [ \%report_customers_lists, 'List customers' ]
   if $curuser->access_right('List all customers');
-$report_customers{'Zip code distribution'}     = [ $fsurl. 'search/report_cust_main-zip.html', 'Zip codes by number of customers' ];
-$report_customers{'Customer signup report'}    = [ $fsurl. 'graph/report_cust_signup.html',    'New customer signups by date' ];
-$report_customers{'Customer churn report'} =  [ $fsurl.'graph/report_cust_churn.html', 'New customers, suspensions, and cancellations summary' ];
+$report_customers{'Zip code distribution'}     = [ $fsurl. 'search/report_cust_main-zip.html', 'Zip codes by number of customers' ]
+  if $curuser->access_right('List zip codes');
+$report_customers{'Customer signup report'}    = [ $fsurl. 'graph/report_cust_signup.html',    'New customer signups by date' ]
+  if $curuser->access_right('Financial reports');
+$report_customers{'Customer churn report'} =  [ $fsurl.'graph/report_cust_churn.html', 'New customers, suspensions, and cancellations summary' ]
+  if $curuser->access_right('Customers: Customer churn report');
 $report_customers{'Signup date report'}        = [ $fsurl. 'graph/report_signupdate.html',     'Signup date report (by date of signup)' ];
 $report_customers{'Advanced customer reports'} = [ $fsurl. 'search/report_cust_main.html',     'by status, signup date, agent, etc.' ]
   if $curuser->access_right('Advanced customer search');
@@ -443,7 +446,11 @@ $report_menu{'Quotations'}     = [ \%report_quotations, 'Quotation reports' ]
   if $curuser->access_right('List quotations');
 $report_menu{'Customers'}      = [ \%report_customers, 'Customer reports'  ]
   if $curuser->access_right('List customers')
-  || $curuser->access_right('List contacts');
+  || $curuser->access_right('List contacts')
+  || $curuser->access_right('Advanced customer search')
+  || $curuser->access_right('List zip codes')
+  || $curuser->access_right('Financial reports')
+  || $curuser->access_right('Customers: Customer churn report');
 $report_menu{'Invoices'}       =  [ \%report_invoices,  'Invoice reports'   ]
   if $curuser->access_right('List invoices');
 $report_menu{'Discounts'}      =  [ \%report_discounts, 'Discount reports'  ]
diff --git a/httemplate/graph/cust_churn.html b/httemplate/graph/cust_churn.html
index 07193c776..1777b05fd 100644
--- a/httemplate/graph/cust_churn.html
+++ b/httemplate/graph/cust_churn.html
@@ -18,7 +18,7 @@
 
 my $curuser = $FS::CurrentUser::CurrentUser;
 die "access denied"
-  unless $curuser->access_right('List customers');
+  unless $curuser->access_right('Customers: Customer churn report');
 
 my( $agentnum, $agent ) = ('', '');
 if ( $cgi->param('agentnum') =~ /^(\d+)$/ ) {
diff --git a/httemplate/graph/report_cust_churn.html b/httemplate/graph/report_cust_churn.html
index 3f942777f..7065544dd 100644
--- a/httemplate/graph/report_cust_churn.html
+++ b/httemplate/graph/report_cust_churn.html
@@ -27,6 +27,6 @@
 <%init>
 
 die "access denied"
-  unless $FS::CurrentUser::CurrentUser->access_right('List customers');
+  unless $FS::CurrentUser::CurrentUser->access_right('Customers: Customer churn report');
 
 </%init>