diff options
| author | Mark Wells <mark@freeside.biz> | 2013-02-27 12:47:34 -0800 |
|---|---|---|
| committer | Mark Wells <mark@freeside.biz> | 2013-02-27 12:47:34 -0800 |
| commit | 2920cfc494c2811ca7879d6ecaa353d216c9f69d (patch) | |
| tree | 5d19fbcb32f75a67940609afa1cf71fc72297228 /httemplate/misc/process | |
| parent | a5e611f5ffc045a59fee9e1b03f8ac79ef794d00 (diff) | |
"Edit password" ACL, #21178, part 2
Diffstat (limited to 'httemplate/misc/process')
| -rw-r--r-- | httemplate/misc/process/change-password.html | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/httemplate/misc/process/change-password.html b/httemplate/misc/process/change-password.html index 7005439cc..7cab9c4e3 100644 --- a/httemplate/misc/process/change-password.html +++ b/httemplate/misc/process/change-password.html @@ -1,11 +1,16 @@ <%init> my $curuser = $FS::CurrentUser::CurrentUser; -die "access denied" unless $curuser->access_right('Edit password'); $cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum"; my $svcnum = $1; my $svc_acct = FS::svc_acct->by_key($svcnum) or die "svc_acct $svcnum not found"; +my $part_svc = $svc_acct->part_svc; +die "access denied" unless ( + $curuser->access_right('Provision customer service') or + ( $curuser->access_right('Edit password') and + ! $part_svc->restrict_edit_password ) + ); my $error = $svc_acct->set_password($cgi->param('password')) || $svc_acct->replace; |