diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2017-04-27 13:07:24 -0700 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2017-04-27 13:07:24 -0700 |
| commit | 6d922e31555a5888a1c070ea403e5d80608d357c (patch) | |
| tree | 4499feaed6a1917dc43c73dd5cc1a19c06a54723 | |
| parent | e0a759bb54e95c8b3502b33c3ac691e58de0641b (diff) | |
access control for List all customers, RT#75012
| -rwxr-xr-x | httemplate/search/cust_main.cgi | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/httemplate/search/cust_main.cgi b/httemplate/search/cust_main.cgi index a5293f455..1bd228801 100755 --- a/httemplate/search/cust_main.cgi +++ b/httemplate/search/cust_main.cgi @@ -351,9 +351,11 @@ my(@cust_main, $sortby, $orderby); my @select = (); my @addl_headers = (); my @addl_cols = (); -if ( $cgi->param('browse') - || $cgi->param('otaker_on') - || $cgi->param('agentnum_on') +if ( ( $cgi->param('browse') + || $cgi->param('otaker_on') + || $cgi->param('agentnum_on') + ) + and $curuser->access_right('List all customers') ) { my %search = (); |