From e08464c07d045dc946e9d4ea8decb8031a10411c Mon Sep 17 00:00:00 2001
From: Christopher Burger <burgerc@freeside.biz>
Date: Wed, 26 Jul 2017 10:53:18 -0400
Subject: [PATCH] RT# 74537 - added checks in MyAccount.pm for config option
 ach read only

Conflicts:
	FS/FS/ClientAPI/MyAccount.pm
---
 FS/FS/ClientAPI/MyAccount.pm                         | 20 ++++++++++++++++++--
 .../FS-SelfService/cgi/make_ach_payment.html         |  2 +-
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/FS/FS/ClientAPI/MyAccount.pm b/FS/FS/ClientAPI/MyAccount.pm
index 4614af2f5..1df91e424 100644
--- a/FS/FS/ClientAPI/MyAccount.pm
+++ b/FS/FS/ClientAPI/MyAccount.pm
@@ -722,6 +722,11 @@ sub edit_info {
   my $cust_main = qsearchs('cust_main', { 'custnum' => $custnum } )
     or return { 'error' => "unknown custnum $custnum" };
 
+  my $conf = new FS::Conf;
+  if (($p->{payby} eq "CHEK" || $p->{payby} eq "DCHEK") && $conf->exists('selfservice-ACH_info_readonly')) {
+    return { 'error' => "You do not have authority to add a bank account" };
+  }
+
   my $new = new FS::cust_main { $cust_main->hash };
 
   $new->set( $_ => $p->{$_} )
@@ -756,8 +761,6 @@ sub edit_info {
     $payby = $1;
   }
 
-  my $conf = new FS::Conf;
-
   if ( $payby =~ /^(CARD|DCRD)$/ ) {
 
     $new->paydate($p->{'year'}. '-'. $p->{'month'}. '-01');
@@ -1011,6 +1014,19 @@ sub validate_payment {
 
     $payinfo = $cust_main->payinfo
       if $cust_main->paymask eq $payinfo;
+
+    my $achonfile = 0;
+    foreach my $cust_payby ($cust_main->cust_payby('CHEK','DCHK')) {
+      if ( $cust_payby->paymask eq $payinfo ) {
+        $payinfo = $cust_payby->payinfo;
+        $achonfile = 1;
+        last;
+      }
+    }
+
+    if ($conf->exists('selfservice-ACH_info_readonly') && !$achonfile) {
+      return { 'error' => "You are not allowed to change your payment information." };
+    }
    
   } elsif ( $payby eq 'CARD' || $payby eq 'DCRD' ) {
    
diff --git a/fs_selfservice/FS-SelfService/cgi/make_ach_payment.html b/fs_selfservice/FS-SelfService/cgi/make_ach_payment.html
index 37fd46435..1183b2ba0 100644
--- a/fs_selfservice/FS-SelfService/cgi/make_ach_payment.html
+++ b/fs_selfservice/FS-SelfService/cgi/make_ach_payment.html
@@ -31,7 +31,7 @@ EOF
 <%=
   $OUT = '';
   if ($ach_read_only) {
-    if ($payby == 'CHEK') {
+    if ($payby eq 'CHEK') {
       $OUT .= '<TR><TD COLSPAN=2><INPUT TYPE="hidden" NAME="auto" VALUE="1"></TD></TR>';
     }
   } else {
-- 
2.11.0