added readonly and show passwords options to admins

18 years ago · 36d28ee544
parent 7bbe73c9f5
commit 36d28ee544
8 changed files with 136 additions and 40 deletions
--- a/lib/admin/Controller/account.pm
+++ b/lib/admin/Controller/account.pm
@ -80,6 +80,15 @@ sub detail : Local {
                                                            \$c->session->{voip_account}{balance}
                                                          );

+        $c->session->{voip_account}{balance}{cash_balance} = 0
+            unless defined $c->session->{voip_account}{balance}{cash_balance};
+        $c->session->{voip_account}{balance}{cash_balance_interval} = 0
+            unless defined $c->session->{voip_account}{balance}{cash_balance_interval};
+        $c->session->{voip_account}{balance}{free_time_balance} = 0
+            unless defined $c->session->{voip_account}{balance}{free_time_balance};
+        $c->session->{voip_account}{balance}{free_time_balance_interval} = 0
+            unless defined $c->session->{voip_account}{balance}{free_time_balance_interval};
+
        $c->session->{voip_account}{balance}{cash_balance} = 
            sprintf "%.2f", $c->session->{voip_account}{balance}{cash_balance} / 100;
        $c->session->{voip_account}{balance}{cash_balance_interval} = 
--- a/lib/admin/Controller/admin.pm
+++ b/lib/admin/Controller/admin.pm
@ -80,6 +80,10 @@ sub do_edit_admin : Local {
        unless $admin eq $c->session->{admin}{login};
    $settings{is_active} = $c->request->params->{is_active} ? 1 : 0
        unless $admin eq $c->session->{admin}{login};
+    $settings{read_only} = $c->request->params->{read_only} ? 1 : 0
+        unless $admin eq $c->session->{admin}{login};
+    $settings{show_passwords} = $c->request->params->{show_passwords} ? 1 : 0
+        unless $admin eq $c->session->{admin}{login};

    unless(keys %messages) {
        if(keys %settings) {
@ -134,6 +138,8 @@ sub do_create_admin : Local {

    $settings{is_master} = $c->request->params->{is_master} ? 1 : 0;
    $settings{is_active} = $c->request->params->{is_active} ? 1 : 0;
+    $settings{read_only} = $c->request->params->{read_only} ? 1 : 0;
+    $settings{show_passwords} = $c->request->params->{show_passwords} ? 1 : 0;

    unless(keys %messages) {
        if($c->model('Provisioning')->call_prov( $c, 'billing', 'create_admin',
--- a/root/tt/account.tt
+++ b/root/tt/account.tt
@ -10,17 +10,19 @@
        <h3>Search by subscriber</h3>
        <div class="p1">
          <form action="/subscriber/search" method="post">
-            <input type="text" id="search_subscriber" name="search_string" value="[% search_string %]" />
+            <input type="text" id="search_subscriber" name="search_user" value="[% search_string %]" />
            <input type="submit" value="Search &#187;" class="but" />
          </form>
        </div>

+      [% UNLESS Catalyst.session.admin.read_only %]
        <h3>Create new account</h3>
        <div class="p1">
          <form action="/account/create_account" method="post">
            <input type="submit" value="Create &#187;" class="but" />
          </form>
        </div>
+      [% END %]

        [% IF subscriber_list %]

--- a/root/tt/account_detail.tt
+++ b/root/tt/account_detail.tt
@ -3,7 +3,7 @@
          #[% account.id %]</a>
        </h3>

-        [% IF ! account.terminate_timestamp %]
+        [% UNLESS account.terminate_timestamp || Catalyst.session.admin.read_only %]
          <div class="actions">
          [% IF billing_features %]
            <a href="detail?account_id=[% account.id %]&amp;edit_account=1" class="aaction">edit</a>
@ -96,7 +96,7 @@
      [% IF billing_features %]
        <h3>Account Balance</h3>

-        [% IF ! account.terminate_timestamp %]
+        [% UNLESS account.terminate_timestamp || Catalyst.session.admin.read_only %]
        <div class="actions">
          <a href="detail?account_id=[% account.id %]&amp;edit_balance=1" class="aaction">edit</a>
          [% IF edit_balance %]
@ -148,9 +148,11 @@

        <h3>Subscribers</h3>

+      [% UNLESS Catalyst.session.admin.read_only %]
        <div class="actions">
            <a href="/subscriber/detail?account_id=[% account.id %]&amp;new=1" class="aaction">create new</a>
        </div>
+      [% END %]
        <div class="p1">
        [% IF account.subscribers %]
          <table>
--- a/root/tt/admin.tt
+++ b/root/tt/admin.tt
@ -10,6 +10,8 @@
              <td>password</td>
              <td>master</td>
              <td>active</td>
+              <td> r/o </td>
+              <td> PW </td>
              <td />
              <td />
            </tr>
@ -31,6 +33,16 @@
                             [% IF admin.login == Catalyst.session.admin.login %]disabled="disabled"[% END %]
                             [% IF erefill.is_active or !erefill && admin.is_active %]checked="checked" [% END %] />
                    </td>
+                    <td class="tdcenter">
+                      <input type="checkbox" class="checkbox" name="read_only"
+                             [% IF admin.login == Catalyst.session.admin.login %]disabled="disabled"[% END %]
+                             [% IF erefill.read_only or !erefill && admin.read_only %]checked="checked" [% END %] />
+                    </td>
+                    <td class="tdcenter">
+                      <input type="checkbox" class="checkbox" name="show_passwords"
+                             [% IF admin.login == Catalyst.session.admin.login %]disabled="disabled"[% END %]
+                             [% IF erefill.show_passwords or !erefill && admin.show_passwords %]checked="checked" [% END %] />
+                    </td>
                    <td>
                      <div class="postlink">
                        <label for="admsave[% id %]">save</label>
@ -41,10 +53,28 @@
                  <td><a href="/admin" class="aaction">cancel</a></td>
                [% ELSE %]
                  <td>********</td>
-                  <td class="tdcenter"><input type="checkbox" class="checkbox" disabled="disabled"[% IF admin.is_master %] checked="checked"[% END %] /></td>
-                  <td class="tdcenter"><input type="checkbox" class="checkbox" disabled="disabled"[% IF admin.is_active %] checked="checked"[% END %] /></td>
-                  <td><a href="/admin?edit_admin=[% admin.login %]" class="aaction">edit</a></td>
-                  [% IF admin.login != Catalyst.session.admin.login %]
+                  <td class="tdcenter">
+                    <input type="checkbox" class="checkbox" disabled="disabled"
+                           [% IF admin.is_master %]checked="checked"[% END %] />
+                  </td>
+                  <td class="tdcenter">
+                    <input type="checkbox" class="checkbox" disabled="disabled"
+                           [% IF admin.is_active %] checked="checked"[% END %] />
+                  </td>
+                  <td class="tdcenter">
+                    <input type="checkbox" class="checkbox" disabled="disabled"
+                           [% IF admin.read_only %] checked="checked"[% END %] />
+                  </td>
+                  <td class="tdcenter">
+                    <input type="checkbox" class="checkbox" disabled="disabled"
+                           [% IF admin.show_passwords %] checked="checked"[% END %] />
+                  </td>
+                  <td>
+                    [% UNLESS Catalyst.session.admin.read_only && admin.login != Catalyst.session.admin.login %]
+                      <a href="/admin?edit_admin=[% admin.login %]" class="aaction">edit</a>
+                    [% END %]
+                  </td>
+                  [% IF admin.login != Catalyst.session.admin.login && ! Catalyst.session.admin.read_only %]
                    <form action="/admin/do_delete_admin" method="post">
                      <td>
                        <input type="hidden" name="admin" value="[% admin.login %]" />
@ -73,7 +103,7 @@
          </table>
        </div>

-      [% IF Catalyst.session.admin.is_master || Catalyst.session.admin.is_superuser %]
+      [% IF ! Catalyst.session.admin.read_only && (Catalyst.session.admin.is_master || Catalyst.session.admin.is_superuser) %]
        <h3>Create Administrator Account</h3>

        <div class="p1">
@ -81,30 +111,53 @@
          [% IF messages.cadmerr %]<div class="errormsg">[% messages.cadmerr %]</div>[% END %]

          <table>
-            <tr class="table_header">
-              <td>login</td>
-              <td>password</td>
-              <td>master</td>
-              <td>active</td>
-              <td />
-              <td />
-            </tr>
            <form action="/admin/do_create_admin" method="post">
              <tr>
+                <td>login:</td>
                <td><input type="text" size="20" name="admin" id="adminaddtxt" value="[% arefill.admin %]" /></td>
+              </tr>
+              <tr>
+                <td>password:</td>
                <td><input type="password" name="password" value="" /></td>
-                <td class="tdcenter"><input type="checkbox" class="checkbox" name="is_master"[% IF arefill.is_master %] checked="checked"[% END %] /></td>
-                <td class="tdcenter"><input type="checkbox" class="checkbox" name="is_active"[% IF arefill.is_active %] checked="checked"[% END %] /></td>
+              </tr>
+              <tr>
+                <td>master:</td>
+                <td>
+                  <input type="checkbox" class="checkbox" name="is_master"
+                         [% IF arefill.is_master %]checked="checked"[% END %] />
+                </td>
+              </tr>
+              <tr>
+                <td>active:</td>
+                <td>
+                  <input type="checkbox" class="checkbox" name="is_active"
+                         [% IF arefill.is_active %]checked="checked"[% END %] />
+                </td>
+              </tr>
+              <tr>
+                <td>readonly:</td>
+                <td>
+                  <input type="checkbox" class="checkbox" name="read_only"
+                         [% IF arefill.read_only %]checked="checked"[% END %] />
+                </td>
+              </tr>
+              <tr>
+                <td>show passwords:</td>
+                <td>
+                  <input type="checkbox" class="checkbox" name="show_passwords"
+                         [% IF arefill.show_passwords %]checked="checked"[% END %] />
+                </td>
+              </tr>
+              <tr>
                <td>
                  <div class="postlink">
                    <label for="adminadd">Add</label>
                    <input type="image" class="hidden" src="/static/images/dot_trans.gif" alt="" id="adminadd" />
                  </div>
                </td>
-                <td />
              </tr>
              [% IF messages.alogin || messages.apass %]
-                <tr><td colspan="5">
+                <tr><td colspan="2">
                  <div class="errormsg">
                    [% messages.alogin %]
                    [% IF messages.alogin && messages.apass %]<br />[% END %]
--- a/root/tt/customer_detail.tt
+++ b/root/tt/customer_detail.tt
@ -3,6 +3,7 @@
          #[% customer.id %]</a>
        </h3>

+      [% UNLESS Catalyst.session.admin.read_only %]
        <div class="actions">
 <!--
          <a href="detail?customer_id=[% customer.id %]&amp;edit_customer=1" class="aaction">edit</a>
@ -12,6 +13,7 @@
 -->
          <a href="delete?customer_id=[% customer.id %]" class="aaction">delete</a>
        </div>
+      [% END %]

        <div class="p1">
          [% IF messages.custmsg %]<div class="goodmsg">[% messages.custmsg %]</div>[% END %]
@ -34,11 +36,14 @@
                  <input type="text" id="shoppass" name="shoppass" value="[% customer.edit_shoppass %]" />
                [% ELSE %]
                  <input type="text" id="shoppass" name="shoppass" class="disabled" disabled="disabled"
-                  [% IF show_pass %]
+                  [% IF show_pass && Catalyst.session.admin.show_passwords %]
                    value="[% customer.shoppass %]" /> <a href="?customer_id=[% customer.id %]" class="apass">Hide</a>
                  [% ELSE %]
                    [% IF customer.shoppass %]
-                      value="********" /> <a href="?customer_id=[% customer.id %]&amp;show_pass=1" class="apass">Show</a>
+                      value="********" />
+                      [% IF Catalyst.session.admin.show_passwords %]
+                        <a href="?customer_id=[% customer.id %]&amp;show_pass=1" class="apass">Show</a>
+                      [% END %]
                    [% ELSE %]
                      value="" />
                    [% END %]
@ -57,12 +62,14 @@

        <h3 id="contact">Contact</h3>

+      [% UNLESS Catalyst.session.admin.read_only %]
        <div class="actions">
          <a href="detail?customer_id=[% customer.id %]&amp;edit_contact=1#contact" class="aaction">edit</a>
          [% IF edit_contact %]
          <a href="detail?customer_id=[% customer.id %]#contact" class="aaction">cancel</a>
          [% END %]
        </div>
+      [% END %]

        <div class="p1">
          [% IF messages.contmsg %]<div class="goodmsg">[% messages.contmsg %]</div>[% END %]
@ -159,12 +166,14 @@

        <h3 id="commercial">Commercial Contact</h3>

+      [% UNLESS Catalyst.session.admin.read_only %]
        <div class="actions">
          <a href="detail?customer_id=[% customer.id %]&amp;edit_commercial=1#commercial" class="aaction">edit</a>
          [% IF edit_commercial %]
          <a href="detail?customer_id=[% customer.id %]#commercial" class="aaction">cancel</a>
          [% END %]
        </div>
+      [% END %]

        <div class="p1">
          [% IF messages.commmsg %]<div class="goodmsg">[% messages.commmsg %]</div>[% END %]
@ -231,12 +240,14 @@

        <h3 id="technical">Technical Contact</h3>

+      [% UNLESS Catalyst.session.admin.read_only %]
        <div class="actions">
          <a href="detail?customer_id=[% customer.id %]&amp;edit_technical=1#technical" class="aaction">edit</a>
          [% IF edit_technical %]
          <a href="detail?customer_id=[% customer.id %]#technical" class="aaction">cancel</a>
          [% END %]
        </div>
+      [% END %]

        <div class="p1">
          [% IF messages.techmsg %]<div class="goodmsg">[% messages.techmsg %]</div>[% END %]
@ -303,10 +314,7 @@

        <h3 id="contract">Contracts</h3>

-<!--        <div class="actions">
-            <a href="/subscriber/detail?customer_id=[% customer.id %]&amp;new=1" class="aaction">create new</a>
-        </div>
-->        <div class="p1">
+        <div class="p1">
        [% IF customer.contracts %]
          <table class="contracts">
            <tr>
@ -358,11 +366,6 @@

        <h3 id="order">Orders</h3>

-<!--
-        <div class="actions">
-          <a href="/subscriber/detail?customer_id=[% customer.id %]&amp;new=1" class="aaction">create new</a>
-        </div>
-->
        <div class="p1">
        [% IF customer.orders %]
          <table class="orders">
--- a/root/tt/domain.tt
+++ b/root/tt/domain.tt
@ -32,14 +32,20 @@
                [% ELSE %]
                <td class="tdcenter">[% domain.cc %]</td>
                <td>[% domain.timezone %]</td>
-                <td><a href="/domain?edit_domain=[% domain.domain %]" class="aaction">edit</a></td>
+                <td>
+                [% UNLESS Catalyst.session.admin.read_only %]
+                  <a href="/domain?edit_domain=[% domain.domain %]" class="aaction">edit</a>
+                [% END %]
+                </td>
                <form action="/domain/do_delete_domain" method="post">
                  <input type="hidden" name="domain" value="[% domain.domain %]" />
                  <td>
+                  [% UNLESS Catalyst.session.admin.read_only %]
                    <div class="postlink">
                      <label for="domdel[% id %]">delete</label>
                      <input type="image" class="hidden" src="/static/images/dot_trans.gif" alt="" id="domdel[% id %]" />
                    </div>
+                  [% END %]
                  </td>
                </form>
                [% END %]
@ -60,6 +66,7 @@
          </table>
        </div>

+      [% UNLESS Catalyst.session.admin.read_only %]
        <h3>Create domain</h3>

        <div class="p1">
@ -101,4 +108,5 @@
          </table>

        </div>
+      [% END %]

--- a/root/tt/subscriber_detail.tt
+++ b/root/tt/subscriber_detail.tt
@ -3,13 +3,14 @@
          <a class="noarrow" href="detail?subscriber_id=[% subscriber.subscriber_id %]">
            [% subscriber.username %]@[% subscriber.domain %]</a>
        </h3>
-
-        <div class="actions">
-          <a href="detail?subscriber_id=[% subscriber.subscriber_id %]&amp;edit_subscriber=1" class="aaction">edit</a>
        [% ELSE %]
        <h3>New subscriber</h3>
+        [% END %]

+      [% UNLESS Catalyst.session.admin.read_only %]
        <div class="actions">
+        [% IF subscriber.subscriber_id %]
+          <a href="detail?subscriber_id=[% subscriber.subscriber_id %]&amp;edit_subscriber=1" class="aaction">edit</a>
        [% END %]
        [% IF edit_subscriber %]
          [% IF subscriber.subscriber_id %]
@ -30,6 +31,8 @@
          <a href="terminate?subscriber_id=[% subscriber.subscriber_id %]" class="aaction">terminate</a>
        [% END %]
        </div>
+      [% END %]
+
        <div class="p1">
        [% IF subscriber.is_locked %]
          <div class="alert">[% subscriber.is_locked %]</div>
@ -57,11 +60,14 @@
                  <input type="text" name="webpassword" id="edit_webpass" value="[% subscriber.edit_webpass %]" />
                [% ELSE %]
                  <input type="text" id="edit_webpass" class="disabled" disabled="disabled"
-                  [% IF show_webpass %]
+                  [% IF show_webpass  && Catalyst.session.admin.show_passwords %]
                    value="[% subscriber.webpassword %]" /> <a href="?subscriber_id=[% subscriber.subscriber_id %]" class="apass">Hide</a>
                  [% ELSE %]
                    [% IF subscriber.webpassword %]
-                      value="********" /> <a href="?subscriber_id=[% subscriber.subscriber_id %]&amp;show_webpass=1" class="apass">Show</a>
+                      value="********" />
+                      [% IF Catalyst.session.admin.show_passwords %]
+                        <a href="?subscriber_id=[% subscriber.subscriber_id %]&amp;show_webpass=1" class="apass">Show</a>
+                      [% END %]
                    [% ELSE %]
                      value="" />
                    [% END %]
@ -115,11 +121,14 @@
                  <input type="text" name="password" id="edit_pass" value="[% subscriber.edit_pass %]" />
                [% ELSE %]
                  <input type="text" id="edit_pass" class="disabled" disabled="disabled"
-                  [% IF show_pass %]
+                  [% IF show_pass && Catalyst.session.admin.show_passwords %]
                    value="[% subscriber.password %]" /> <a href="?subscriber_id=[% subscriber.subscriber_id %]" class="apass">Hide</a>
                  [% ELSE %]
                    [% IF subscriber.password %]
-                      value="********" /> <a href="?subscriber_id=[% subscriber.subscriber_id %]&amp;show_pass=1" class="apass">Show</a>
+                      value="********" />
+                      [% IF Catalyst.session.admin.show_passwords %]
+                        <a href="?subscriber_id=[% subscriber.subscriber_id %]&amp;show_pass=1" class="apass">Show</a>
+                      [% END %]
                    [% ELSE %]
                      value="" />
                    [% END %]
@ -187,12 +196,14 @@

        <h3 id="userprefs">User Preferences</h3>

+      [% UNLESS Catalyst.session.admin.read_only %]
        <div class="actions">
          <a href="detail?subscriber_id=[% subscriber.subscriber_id %]&amp;edit_preferences=1#userprefs" class="aaction">edit</a>
          [% IF edit_preferences %]
          <a href="detail?subscriber_id=[% subscriber.subscriber_id %]#userprefs" class="aaction">cancel</a>
          [% END %]
        </div>
+      [% END %]
        <div class="p1">
          [% IF messages.prefmsg %]<div class="goodmsg">[% messages.prefmsg %]</div>[% END %]
          [% IF messages.preferr %]<div class="errormsg">[% messages.preferr %]</div>[% END %]
@ -304,7 +315,7 @@
                    <option />
                  </select>
                  [% END %]
-                  [% IF ! edit_preferences %]
+                  [% IF ! edit_preferences && ! Catalyst.session.admin.read_only %]
                    &nbsp;
                    <a href="edit_list?subscriber_id=[% subscriber.subscriber_id %]&amp;list_name=[% preference.key %]"
                       class="aaction">edit list</a>
@ -323,12 +334,14 @@

        <h3 id="vboxprefs">Voicebox Preferences</h3>

+      [% UNLESS Catalyst.session.admin.read_only %]
        <div class="actions">
          <a href="detail?subscriber_id=[% subscriber.subscriber_id %]&amp;edit_voicebox=1#vboxprefs" class="aaction">edit</a>
          [% IF edit_voicebox %]
          <a href="detail?subscriber_id=[% subscriber.subscriber_id %]#vboxprefs" class="aaction">cancel</a>
          [% END %]
        </div>
+      [% END %]
        <div class="p1">
          [% IF messages.vboxmsg %]<div class="goodmsg">[% messages.vboxmsg %]</div>[% END %]
          [% IF messages.vboxerr %]<div class="errormsg">[% messages.vboxerr %]</div>[% END %]