ACLs

author: ivan <ivan> 2008-01-13 21:14:32 +0000
committer: ivan <ivan> 2008-01-13 21:14:32 +0000
commit: 97e6cec67c0c99ce1b6f0667a09f1e009100189d (patch)
tree: 1d43c279a429c8284611e98e327a6049e971192d /httemplate/misc/delete-part_export.cgi
parent: c223e0957b194e24dccbda5bbc29841385cc0961 (diff)
1 files changed, 19 insertions, 15 deletions
diff --git a/httemplate/misc/delete-part_export.cgi b/httemplate/misc/delete-part_export.cgi
index 5f2ebb99c..52404e0c4 100755
--- a/httemplate/misc/delete-part_export.cgi
+++ b/httemplate/misc/delete-part_export.cgi
@@ -1,16 +1,20 @@
-%
-%
-%#untaint exportnum
-%my($query) = $cgi->keywords;
-%$query =~ /^(\d+)$/ || die "Illegal exportnum";
-%my $exportnum = $1;
-%
-%my $part_export = qsearchs('part_export',{'exportnum'=>$exportnum});
-%
-%my $error = $part_export->delete;
-%errorpage($error) if $error;
-%
-%print $cgi->redirect($p. "browse/part_export.cgi");
-%
-%
+% if ( $error ) {
+%   errorpage($error);
+% } else {
+<% $cgi->redirect($p. "browse/part_export.cgi") %>
+% }
+<%init>
 
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Configuration');
+
+#untaint exportnum
+my($query) = $cgi->keywords;
+$query =~ /^(\d+)$/ || die "Illegal exportnum";
+my $exportnum = $1;
+
+my $part_export = qsearchs('part_export',{'exportnum'=>$exportnum});
+
+my $error = $part_export->delete;
+
+</%init>
author	ivan <ivan>	2008-01-13 21:14:32 +0000
committer	ivan <ivan>	2008-01-13 21:14:32 +0000
commit	97e6cec67c0c99ce1b6f0667a09f1e009100189d (patch)
tree	1d43c279a429c8284611e98e327a6049e971192d /httemplate/misc/delete-part_export.cgi
parent	c223e0957b194e24dccbda5bbc29841385cc0961 (diff)