diff options
| author | ivan <ivan> | 2011-08-03 00:05:03 +0000 |
|---|---|---|
| committer | ivan <ivan> | 2011-08-03 00:05:03 +0000 |
| commit | 8256b8f583dd8db0cd7e27e6089d356f5cc97377 (patch) | |
| tree | 4f81d3b2189662a019876f20fae667519090e12d /httemplate/view/cust_pay.html | |
| parent | 2e7177fab34d9b1a7366d14cab722aebdf7722a7 (diff) | |
resolve inconsistency with posting payments then not having the ACL to view them: add "View payments" and "View refunds" rights, redirect payment/refund posting back to customer view if you cannot see the result
Diffstat (limited to 'httemplate/view/cust_pay.html')
| -rw-r--r-- | httemplate/view/cust_pay.html | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/httemplate/view/cust_pay.html b/httemplate/view/cust_pay.html index c9b2d51b5..d02f1543d 100644 --- a/httemplate/view/cust_pay.html +++ b/httemplate/view/cust_pay.html @@ -134,8 +134,8 @@ my $curuser = $FS::CurrentUser::CurrentUser; die "access denied" - unless $curuser->access_right('View invoices') #remove this in 1.9 EVENTUALLY - || $curuser->access_right('View customer payments'); + unless $curuser->access_right('View invoices') #remove this in 2.5 (2.7?) + || $curuser->access_right('View payments'); $cgi->param('paynum') =~ /^(\d+)$/ or die "no paynum"; my $paynum = $1; |