From 8256b8f583dd8db0cd7e27e6089d356f5cc97377 Mon Sep 17 00:00:00 2001
From: ivan <ivan>
Date: Wed, 3 Aug 2011 00:05:03 +0000
Subject: resolve inconsistency with posting payments then not having the ACL
 to view them: add "View payments" and "View refunds" rights, redirect
 payment/refund posting back to customer view if you cannot see the result

---
 httemplate/view/cust_pay.html    | 4 ++--
 httemplate/view/cust_refund.html | 6 ++----
 2 files changed, 4 insertions(+), 6 deletions(-)

(limited to 'httemplate/view')

diff --git a/httemplate/view/cust_pay.html b/httemplate/view/cust_pay.html
index c9b2d51b5..d02f1543d 100644
--- a/httemplate/view/cust_pay.html
+++ b/httemplate/view/cust_pay.html
@@ -134,8 +134,8 @@
 my $curuser = $FS::CurrentUser::CurrentUser;
 
 die "access denied"
-  unless $curuser->access_right('View invoices') #remove this in 1.9 EVENTUALLY
-  || $curuser->access_right('View customer payments');
+  unless $curuser->access_right('View invoices') #remove this in 2.5 (2.7?)
+  || $curuser->access_right('View payments');
 
 $cgi->param('paynum') =~ /^(\d+)$/ or die "no paynum";
 my $paynum = $1;
diff --git a/httemplate/view/cust_refund.html b/httemplate/view/cust_refund.html
index f19c61b1f..996b4c05a 100644
--- a/httemplate/view/cust_refund.html
+++ b/httemplate/view/cust_refund.html
@@ -105,10 +105,8 @@
 my $curuser = $FS::CurrentUser::CurrentUser;
 
 die "access denied"
-  unless $curuser->access_right('View invoices') #remove this in 1.9 EVENTUALLY
-      || $curuser->access_right('View customer payments');
-      #'View customer refunds' ???
-
+  unless $curuser->access_right('View invoices') #remove this in 2.5 (2.7?)
+      || $curuser->access_right('View refunds');
 
 $cgi->param('refundnum') =~ /^(\d+)$/ or die "no refundnum";
 my $refundnum = $1;
-- 
cgit v1.2.1