From 50fc1d226ec89bf5fb66622ee913ec9e470b8d6c Mon Sep 17 00:00:00 2001 From: Jonathan Prykop Date: Mon, 23 May 2016 16:55:57 -0500 Subject: [PATCH] RT#40215: OFM - Separate permissions for edit dates and contract dates [v3 only] --- FS/FS/AccessRight.pm | 1 + httemplate/edit/REAL_cust_pkg.cgi | 16 +++++++++++++--- httemplate/edit/process/REAL_cust_pkg.cgi | 12 ++++++++---- httemplate/misc/confirm-cust_pkg-edit_dates.html | 11 +++++++++-- httemplate/view/cust_main/packages/package.html | 2 +- 5 files changed, 32 insertions(+), 10 deletions(-) diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm index 8879500d7..a162cf0fb 100644 --- a/FS/FS/AccessRight.pm +++ b/FS/FS/AccessRight.pm @@ -154,6 +154,7 @@ tie my %rights, 'Tie::IxHash', 'View appointments', #NEWNEW 'Make appointment', 'View package definition costs', #NEWNEW + 'Change package contract end date', ], ### diff --git a/httemplate/edit/REAL_cust_pkg.cgi b/httemplate/edit/REAL_cust_pkg.cgi index ac8aa40cb..606cf87e7 100755 --- a/httemplate/edit/REAL_cust_pkg.cgi +++ b/httemplate/edit/REAL_cust_pkg.cgi @@ -35,6 +35,11 @@ function confirm_changes() {
+% if ($contract_only) { + + +% } + % # raw error from below % if ( $error ) { Error: <% $error %> @@ -124,8 +129,10 @@ function confirm_changes() { % my $value = $cust_pkg->get($column); % $value = $value ? time2str($format, $value) : ""; % +% if ($contract_only and $column ne 'contract_end') { + <& .row_display, %ARGS &> % # if_primary for the dates that can't be edited on supplemental packages -% if ($if_primary and $cust_pkg->main_pkgnum) { +% } elsif ($if_primary and $cust_pkg->main_pkgnum) { <& .row_display, %ARGS &> @@ -198,12 +205,15 @@ my $date_format = $conf->config('date_format') || '%m/%d/%Y'; my $format = $date_format. ' %T'; # %z (%Z)'; +my $contract_only = $FS::CurrentUser::CurrentUser->access_right('Edit customer package dates') ? 0 : 1; + <%init> +# see $contract_only in shared block above die "access denied" - unless $FS::CurrentUser::CurrentUser->access_right('Edit customer package dates'); - + unless $FS::CurrentUser::CurrentUser->access_right('Edit customer package dates') + or $FS::CurrentUser::CurrentUser->access_right('Change package contract end date'); my $error = ''; my( $pkgnum, $cust_pkg ); diff --git a/httemplate/edit/process/REAL_cust_pkg.cgi b/httemplate/edit/process/REAL_cust_pkg.cgi index fd2893487..0757c7611 100755 --- a/httemplate/edit/process/REAL_cust_pkg.cgi +++ b/httemplate/edit/process/REAL_cust_pkg.cgi @@ -14,12 +14,16 @@ my $curuser = $FS::CurrentUser::CurrentUser; die "access denied" - unless $curuser->access_right('Edit customer package dates'); + unless $curuser->access_right('Edit customer package dates') + or $curuser->access_right('Change package contract end date'); + +my $contract_only = $curuser->access_right('Edit customer package dates') ? 0 : 1; +$contract_only = 1 if $cgi->param('contract_only'); my $pkgnum = $cgi->param('pkgnum') or die; my $old = qsearchs('cust_pkg',{'pkgnum'=>$pkgnum}); my %hash = $old->hash; -foreach ( qw( start_date setup bill last_bill contract_end ) ) { +foreach ( $contract_only ? qw( contract_end ) : qw( start_date setup bill last_bill contract_end ) ) { if ( $cgi->param($_) =~ /^(\d+)$/ ) { $hash{$_} = $1; } else { @@ -36,11 +40,11 @@ $error = $new->replace($old); if (!$error) { my @supp_pkgs = $old->supplemental_pkgs; foreach $new (@supp_pkgs) { - foreach ( qw( start_date setup contract_end ) ) { + foreach ( $contract_only ? qw( contract_end ) : qw( start_date setup contract_end ) ) { # propagate these to supplementals $new->set($_, $hash{$_}); } - if ( $hash{'bill'} ne $old->get('bill') ) { + if (( $hash{'bill'} ne $old->get('bill') ) && !$contract_only ) { if ( $hash{'bill'} and $old->get('bill') ) { # adjust by the same interval my $diff = $hash{'bill'} - $old->get('bill'); diff --git a/httemplate/misc/confirm-cust_pkg-edit_dates.html b/httemplate/misc/confirm-cust_pkg-edit_dates.html index 8e548527a..a0f79cdf0 100755 --- a/httemplate/misc/confirm-cust_pkg-edit_dates.html +++ b/httemplate/misc/confirm-cust_pkg-edit_dates.html @@ -2,15 +2,19 @@ my $curuser = $FS::CurrentUser::CurrentUser; die "access denied" - unless $curuser->access_right('Edit customer package dates'); + unless $curuser->access_right('Edit customer package dates') + or $curuser->access_right('Change package contract end date'); my %arg = $cgi->Vars; +my $contract_only = $curuser->access_right('Edit customer package dates') ? 0 : 1; +$contract_only = 1 if $arg{'contract_only'}; + my $pkgnum = $arg{'pkgnum'}; $pkgnum =~ /^\d+$/ or die "bad pkgnum '$pkgnum'"; my $cust_pkg = qsearchs('cust_pkg',{'pkgnum'=>$pkgnum}); my %hash = $cust_pkg->hash; -foreach (qw( start_date setup bill last_bill contract_end )) { +foreach ( $contract_only ? qw( contract_end ) : qw( start_date setup bill last_bill contract_end )) { # adjourn, expire, resume not editable this way if( $arg{$_} =~ /^\d+$/ ) { $hash{$_} = $arg{$_}; @@ -262,6 +266,9 @@ if ( @errors ) { % foreach (keys %hash) { % } +% if ($contract_only) { + +% }