diff options
| author | ivan <ivan> | 2011-08-03 00:05:01 +0000 |
|---|---|---|
| committer | ivan <ivan> | 2011-08-03 00:05:01 +0000 |
| commit | 524f46a00ec9610c82a519bea2469cb1711abc1b (patch) | |
| tree | 6102fab6fd6b1a41bd276cf0804fa3625e8e828c /httemplate/view/cust_pay.html | |
| parent | 9fa60cbce4bb13ef227749706c99c5bf584bbf3e (diff) | |
resolve inconsistency with posting payments then not having the ACL to view them: add "View payments" and "View refunds" rights, redirect payment/refund posting back to customer view if you cannot see the result
Diffstat (limited to 'httemplate/view/cust_pay.html')
| -rw-r--r-- | httemplate/view/cust_pay.html | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/httemplate/view/cust_pay.html b/httemplate/view/cust_pay.html index c9b2d51b5..d02f1543d 100644 --- a/httemplate/view/cust_pay.html +++ b/httemplate/view/cust_pay.html @@ -134,8 +134,8 @@ my $curuser = $FS::CurrentUser::CurrentUser; die "access denied" - unless $curuser->access_right('View invoices') #remove this in 1.9 EVENTUALLY - || $curuser->access_right('View customer payments'); + unless $curuser->access_right('View invoices') #remove this in 2.5 (2.7?) + || $curuser->access_right('View payments'); $cgi->param('paynum') =~ /^(\d+)$/ or die "no paynum"; my $paynum = $1; |