summaryrefslogtreecommitdiff
path: root/httemplate/misc/process/template_image-delete.cgi
diff options
context:
space:
mode:
Diffstat (limited to 'httemplate/misc/process/template_image-delete.cgi')
-rw-r--r--httemplate/misc/process/template_image-delete.cgi28
1 files changed, 28 insertions, 0 deletions
diff --git a/httemplate/misc/process/template_image-delete.cgi b/httemplate/misc/process/template_image-delete.cgi
new file mode 100644
index 000000000..58c3f2c68
--- /dev/null
+++ b/httemplate/misc/process/template_image-delete.cgi
@@ -0,0 +1,28 @@
+<% $server->process %>
+
+<%init>
+
+my $curuser = $FS::CurrentUser::CurrentUser;
+
+# make sure user can generally edit
+die "access denied"
+ unless $curuser->access_right([ 'Edit templates', 'Edit global templates' ]);
+
+# make sure user can edit this particular image
+my %arg = $cgi->param('arg');
+my $imgnum = $arg{'imgnum'};
+die "bad imgnum" unless $imgnum =~ /^\d+$/;
+die "access denied" unless qsearchs({
+ 'table' => 'template_image',
+ 'select' => 'imgnum',
+ 'hashref' => { 'imgnum' => $imgnum },
+ 'extra_sql' => ' AND ' .
+ $curuser->agentnums_sql(
+ 'null_right' => ['Edit global templates']
+ ),
+ });
+
+my $server =
+ new FS::UI::Web::JSRPC 'FS::template_image::process_image_delete', $cgi;
+
+</%init>
generated by cgit v1.2.1 (git 2.18.0) at 2024-10-06 22:46:11 +0000