ACLs

1 files changed, 17 insertions, 16 deletions

diff --git a/httemplate/edit/process/msgcat.cgi b/httemplate/edit/process/msgcat.cgi
index 9711143d6..7175fa2b3 100644
--- a/httemplate/edit/process/msgcat.cgi
+++ b/httemplate/edit/process/msgcat.cgi
@@ -1,21 +1,22 @@
-%
-%
-%my $error;
-%foreach my $param ( grep { /^\d+$/ } $cgi->param ) {
-%  my $old = qsearchs('msgcat', { msgnum=>$param } );
-%  next if $old->msg eq $cgi->param($param); #no need to update identical records
-%  my $new = new FS::msgcat { $old->hash };
-%  $new->msg($cgi->param($param));
-%  $error = $new->replace($old);
-%  last if $error;
-%}
-%
 %if ( $error ) {
 %  $cgi->param('error',$error);
-%  print $cgi->redirect($p. "msgcat.cgi?". $cgi->query_string );
+<% $cgi->redirect($p. "msgcat.cgi?". $cgi->query_string ) %>
 %} else {
-%  print $cgi->redirect(popurl(3). "browse/msgcat.cgi");
+<% $cgi->redirect(popurl(3). "browse/msgcat.cgi") %>
 %}
-%
-%
+<%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Configuration');
+
+my $error;
+foreach my $param ( grep { /^\d+$/ } $cgi->param ) {
+  my $old = qsearchs('msgcat', { msgnum=>$param } );
+  next if $old->msg eq $cgi->param($param); #no need to update identical records
+  my $new = new FS::msgcat { $old->hash };
+  $new->msg($cgi->param($param));
+  $error = $new->replace($old);
+  last if $error;
+}
 
+</%init>