From 97e6cec67c0c99ce1b6f0667a09f1e009100189d Mon Sep 17 00:00:00 2001
From: ivan <ivan>
Date: Sun, 13 Jan 2008 21:14:32 +0000
Subject: ACLs

---
 httemplate/misc/process/cdr-import.html | 44 ++++++++++++++-------------------
 1 file changed, 18 insertions(+), 26 deletions(-)

(limited to 'httemplate/misc/process/cdr-import.html')

diff --git a/httemplate/misc/process/cdr-import.html b/httemplate/misc/process/cdr-import.html
index 93137c3d0..4848fa325 100644
--- a/httemplate/misc/process/cdr-import.html
+++ b/httemplate/misc/process/cdr-import.html
@@ -1,30 +1,22 @@
-%
-%
-%  my $fh = $cgi->upload('csvfile');
-%
-%  my $error = defined($fh)
-%    ? FS::cdr::batch_import( {
-%        'filehandle' => $fh,
-%        'format'     => $cgi->param('format'),
-%      } )
-%    : 'No file';
-%
-%  if ( $error ) {
-%    
-
-    <!-- mason kludge -->
-%
-% errorpage($error);
-%#    $cgi->param('error', $error);
-%#    print $cgi->redirect( "${p}cust_main-import.cgi
-%  } else {
-%    
-
-    <!-- mason kludge -->
+% if ( $error ) {
+%   errorpage($error);
+% } else {
     <% include("/elements/header.html",'Import successful') %>
     <!-- XXX redirect to batch search like the payment entry... -->
     <% include("/elements/footer.html",'Import successful') %> 
-%
-%  }
-%
+% }
+<%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Import');
+
+my $fh = $cgi->upload('csvfile');
+
+my $error = defined($fh)
+  ? FS::cdr::batch_import( {
+      'filehandle' => $fh,
+      'format'     => $cgi->param('format'),
+    } )
+  : 'No file';
 
+</%init>
-- 
cgit v1.2.1