diff options
Diffstat (limited to 'httemplate/edit/cust_refund.cgi')
-rwxr-xr-x | httemplate/edit/cust_refund.cgi | 14 |
1 files changed, 3 insertions, 11 deletions
diff --git a/httemplate/edit/cust_refund.cgi b/httemplate/edit/cust_refund.cgi index 612e337f7..59417b4c4 100755 --- a/httemplate/edit/cust_refund.cgi +++ b/httemplate/edit/cust_refund.cgi @@ -130,6 +130,9 @@ <%init> +die "access denied" + unless $FS::CurrentUser::CurrentUser->access_right('Refund payment'); + my $conf = new FS::Conf; my $date_format = $conf->config('date_format') || '%m/%d/%Y'; @@ -140,17 +143,6 @@ my $payinfo = $cgi->param('payinfo'); my $reason = $cgi->param('reason'); my $link = $cgi->param('popup') ? 'popup' : ''; -my @rights = (); -push @rights, 'Post refund' if $payby /^(BILL|CASH)$/; -push @rights, 'Post check refund' if $payby eq 'BILL'; -push @rights, 'Post cash refund ' if $payby eq 'CASH'; -push @rights, 'Refund payment' if $payby /^(CARD|CHEK)$/; -push @rights, 'Refund credit card payment' if $payby eq 'CARD'; -push @rights, 'Refund Echeck payment' if $payby eq 'CHEK'; - -die "access denied" - unless $FS::CurrentUser::CurrentUser->access_right(\@rights); - my( $paynum, $cust_pay ) = ( '', '' ); if ( $cgi->param('paynum') =~ /^(\d+)$/ ) { $paynum = $1; |