From 33b9c827617bb2cd71772dfd32a1ac3902532c36 Mon Sep 17 00:00:00 2001 From: Ivan Kohler Date: Fri, 25 Aug 2017 15:04:54 -0700 Subject: [PATCH] force employee logouts, employee session reports, RT#74953 --- FS/FS/AccessRight.pm | 2 +- FS/FS/access_right.pm | 5 ++--- httemplate/elements/menu.html | 12 ++++++++---- httemplate/search/employee_audit.html | 2 +- httemplate/search/report_access_user_log.html | 2 +- httemplate/search/report_employee_audit.html | 2 +- 6 files changed, 14 insertions(+), 11 deletions(-) diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm index 9649e5e0c..9cccb01f4 100644 --- a/FS/FS/AccessRight.pm +++ b/FS/FS/AccessRight.pm @@ -329,7 +329,7 @@ tie my %rights, 'Tie::IxHash', 'Usage: Unrateable CDRs', 'Usage: Time worked', #gone in 4.x as a distinct ACL (for now?) { rightname=>'Employees: Commission Report', global=>1 }, - { rightname=>'Employees: Audit Report', global=>1 }, + { rightname=>'Employee Reports', global=>1 }, #{ rightname => 'List customers of all agents', global=>1 }, ], diff --git a/FS/FS/access_right.pm b/FS/FS/access_right.pm index 29c91b00f..3926fafcc 100644 --- a/FS/FS/access_right.pm +++ b/FS/FS/access_right.pm @@ -155,6 +155,7 @@ sub _upgrade_data { # class method 'Refund payment' => [ 'Refund credit card payment', 'Refund Echeck payment' ], 'Regular void' => [ 'Void payments' ], 'Unvoid' => [ 'Unvoid payments', 'Unvoid invoices' ], + 'Employees: Audit Report' => [ 'Employee Reports' ], ); foreach my $oldright (keys %migrate) { @@ -233,9 +234,7 @@ sub _upgrade_data { # class method 'Usage: Unrateable CDRs', ], 'Provision customer service' => [ 'Edit password' ], - 'Financial reports' => [ 'Employees: Commission Report', - 'Employees: Audit Report', - ], + 'Financial reports' => 'Employee Reports', 'Change customer package' => 'Detach customer package', 'Services: Accounts' => 'Services: Cable Subscribers', 'Bulk change customer packages' => 'Bulk move customer services', diff --git a/httemplate/elements/menu.html b/httemplate/elements/menu.html index 58a7d5783..cadbd864d 100644 --- a/httemplate/elements/menu.html +++ b/httemplate/elements/menu.html @@ -428,8 +428,6 @@ $report_logs{'Billing events'} = [ $fsurl.'search/report_cust_event.html', 'Sea if $curuser->access_right('Billing event reports'); $report_logs{'Credit limit incidents'} = [ $fsurl.'search/report_cust_main_credit_limit.html', '' ] if $curuser->access_right('List rating data'); -$report_logs{'Employee activity'} = [ $fsurl.'search/report_employee_audit.html', '' ] - if $curuser->access_right('Employees: Audit Report'); $report_logs{'System log'} = [ $fsurl.'search/log.html', 'View system events and debugging information.' ], if $curuser->access_right('View system logs') || $curuser->access_right('Configuration'); @@ -437,6 +435,12 @@ $report_logs{'Outgoing messages'} = [ $fsurl.'search/cust_msg.html', 'View outgo if $curuser->access_right('View email logs') || $curuser->access_right('Configuration'); +tie my %report_employee, 'Tie::IxHash', + 'Employee activity' => [ $fsurl.'search/report_employee_audit.html', '' ], + 'Employee sessions' => [ $fsurl.'search/report_access_user_session_log.html', '' ], + 'Access log statistics' => [ $fsurl.'search/report_access_user_log.html?group_by=path', '' ], +; + tie my %report_menu, 'Tie::IxHash'; $report_menu{'Saved searches'} = [ \%report_saved_searches, 'My saved searches' ] if keys(%report_saved_searches); @@ -475,6 +479,8 @@ $report_menu{'Financial (Receivables)'} = [ \%report_financial, 'Financial repor $report_menu{'Financial (Payables)'} = [ \%report_payable, 'Financial reports (Payables)' ] if $curuser->access_right('Financial reports'); +$report_menu{'Employees'} = [ \%report_employee, 'Employee reports' ] + if $curuser->access_right('Employee Reports'); $report_menu{'Logs'} = [ \%report_logs, 'System and email logs' ] if (keys %report_logs); # empty if the user has no rights to it $report_menu{'SQL Query'} = [ $fsurl.'search/report_sql.html', 'SQL Query'] @@ -554,8 +560,6 @@ $tools_system{'Status'} = [ $fsurl.'view/Status.html', 'System status' ] if $curuser->access_right('Configuration'); # 'View system status'); $tools_system{'Job Queue'} = [ $fsurl.'search/queue.html', 'View pending job queue' ] if $curuser->access_right('Job queue'); -$tools_system{'Access log statistics'} = [ $fsurl.'search/report_access_user_log.html?group_by=path', '' ] - if $curuser->access_right('Configuration'); # 'View profiling data'); tie my %tools_menu, 'Tie::IxHash', (); $tools_menu{'Customers'} = [ \%tools_customers, 'Customer tools' ] diff --git a/httemplate/search/employee_audit.html b/httemplate/search/employee_audit.html index 2bc6ff46e..991758c4a 100644 --- a/httemplate/search/employee_audit.html +++ b/httemplate/search/employee_audit.html @@ -7,7 +7,7 @@ <%init> die "access denied" - unless $FS::CurrentUser::CurrentUser->access_right('Employees: Audit Report'); + unless $FS::CurrentUser::CurrentUser->access_right('Employee Reports'); my %tables = ( cust_pay => 'Payments', diff --git a/httemplate/search/report_access_user_log.html b/httemplate/search/report_access_user_log.html index 0c8acb35e..d43c74274 100644 --- a/httemplate/search/report_access_user_log.html +++ b/httemplate/search/report_access_user_log.html @@ -27,7 +27,7 @@ <%init> die "access denied" - unless $FS::CurrentUser::CurrentUser->access_right('Configuration'); + unless $FS::CurrentUser::CurrentUser->access_right('Employee Reports'); my $group_by = ''; if ( $cgi->param('group_by') =~ /^(\w+)$/ ) { diff --git a/httemplate/search/report_employee_audit.html b/httemplate/search/report_employee_audit.html index 461849b76..6008e1caa 100644 --- a/httemplate/search/report_employee_audit.html +++ b/httemplate/search/report_employee_audit.html @@ -23,7 +23,7 @@ <%init> die "access denied" - unless $FS::CurrentUser::CurrentUser->access_right('Employees: Audit Report'); + unless $FS::CurrentUser::CurrentUser->access_right('Employee Reports'); my %tables = ( cust_pay => 'Payments', -- 2.11.0