diff options
| author | Mark Wells <mark@freeside.biz> | 2013-02-27 12:28:49 -0800 |
|---|---|---|
| committer | Mark Wells <mark@freeside.biz> | 2013-02-27 12:32:45 -0800 |
| commit | 61ad2af332888443d8dae59274693229d0258a97 (patch) | |
| tree | f258200565afb54679e2b91bdffe6166b8a96188 /httemplate/misc | |
| parent | 556250142547918eaeeee3711d2a01ee4bf878c9 (diff) | |
"Edit password" ACL, #21178, part 2
Diffstat (limited to 'httemplate/misc')
| -rw-r--r-- | httemplate/misc/process/change-password.html | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/httemplate/misc/process/change-password.html b/httemplate/misc/process/change-password.html index 7005439cc..7cab9c4e3 100644 --- a/httemplate/misc/process/change-password.html +++ b/httemplate/misc/process/change-password.html @@ -1,11 +1,16 @@ <%init> my $curuser = $FS::CurrentUser::CurrentUser; -die "access denied" unless $curuser->access_right('Edit password'); $cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum"; my $svcnum = $1; my $svc_acct = FS::svc_acct->by_key($svcnum) or die "svc_acct $svcnum not found"; +my $part_svc = $svc_acct->part_svc; +die "access denied" unless ( + $curuser->access_right('Provision customer service') or + ( $curuser->access_right('Edit password') and + ! $part_svc->restrict_edit_password ) + ); my $error = $svc_acct->set_password($cgi->param('password')) || $svc_acct->replace; |