diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2017-04-27 13:07:21 -0700 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2017-04-27 13:07:21 -0700 |
| commit | 1d94d421c28cb157e6cb2f8ff30d1ac85b399b57 (patch) | |
| tree | 01836194b5f101910842866d5a8838315f9f1b4b | |
| parent | 21c46e9e4af497f692dc95b171bf9f6d3f9c66e5 (diff) | |
access control for List all customers, RT#75012
| -rwxr-xr-x | httemplate/search/cust_main.cgi | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/httemplate/search/cust_main.cgi b/httemplate/search/cust_main.cgi index 74cc5f32c..cce4f0d7d 100755 --- a/httemplate/search/cust_main.cgi +++ b/httemplate/search/cust_main.cgi @@ -352,9 +352,11 @@ my(@cust_main, $sortby, $orderby); my @select = (); my @addl_headers = (); my @addl_cols = (); -if ( $cgi->param('browse') - || $cgi->param('otaker_on') - || $cgi->param('agentnum_on') +if ( ( $cgi->param('browse') + || $cgi->param('otaker_on') + || $cgi->param('agentnum_on') + ) + and $curuser->access_right('List all customers') ) { my %search = (); |