diff options
| author | mark <mark> | 2009-12-29 01:00:48 +0000 |
|---|---|---|
| committer | mark <mark> | 2009-12-29 01:00:48 +0000 |
| commit | 09b21d0180c2ea23c7dd0b6611d26a4af184a56d (patch) | |
| tree | 1884bc83b2c2a6ca9051f826adf1837a79ac1a45 /httemplate | |
| parent | b249b6d799647050468ead9cfcbd1e5ebbb026cc (diff) | |
Add Browse attachments ACL (RT#4964)
Diffstat (limited to 'httemplate')
| -rwxr-xr-x | httemplate/browse/cust_attachment.html | 3 | ||||
| -rw-r--r-- | httemplate/elements/menu.html | 2 |
2 files changed, 3 insertions, 2 deletions
diff --git a/httemplate/browse/cust_attachment.html b/httemplate/browse/cust_attachment.html index d95f2b18c..e19259d05 100755 --- a/httemplate/browse/cust_attachment.html +++ b/httemplate/browse/cust_attachment.html @@ -62,7 +62,8 @@ <%init> my $curuser = $FS::CurrentUser::CurrentUser; -die "access denied" if !$curuser->access-right('View attachments'); +die "access denied" if !$curuser->access_right('View attachments') + or !$curuser->access_right('Browse attachments'); my $conf = new FS::Conf; diff --git a/httemplate/elements/menu.html b/httemplate/elements/menu.html index 4490517d0..d4a915e15 100644 --- a/httemplate/elements/menu.html +++ b/httemplate/elements/menu.html @@ -323,7 +323,7 @@ $tools_menu{'Ticketing'} = [ \%tools_ticketing, 'Ticketing tools' ] $tools_menu{'Time Queue'} = [ $fsurl.'search/timeworked.html', 'View pending support time' ] if $curuser->access_right('Time queue'); $tools_menu{'Attachments'} = [ $fsurl.'browse/cust_attachment.html', 'View customer attachments' ] - if !$conf->config('disable_cust_attachment') and $curuser->access_right('View attachments'); + if !$conf->config('disable_cust_attachment') and $curuser->access_right('View attachments') and $curuser->access_right('Browse attachments'); $tools_menu{'Importing'} = [ \%tools_importing, 'Import tools' ] if $curuser->access_right('Import'); $tools_menu{'Exporting'} = [ \%tools_exporting, 'Export tools' ] |