projects
/
freeside.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
"Edit password" ACL, #21178, part 2
[freeside.git]
/
httemplate
/
misc
/
process
/
change-password.html
diff --git
a/httemplate/misc/process/change-password.html
b/httemplate/misc/process/change-password.html
index
7005439
..
7cab9c4
100644
(file)
--- a/
httemplate/misc/process/change-password.html
+++ b/
httemplate/misc/process/change-password.html
@@
-1,11
+1,16
@@
<%init>
my $curuser = $FS::CurrentUser::CurrentUser;
<%init>
my $curuser = $FS::CurrentUser::CurrentUser;
-die "access denied" unless $curuser->access_right('Edit password');
$cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum";
my $svcnum = $1;
my $svc_acct = FS::svc_acct->by_key($svcnum)
or die "svc_acct $svcnum not found";
$cgi->param('svcnum') =~ /^(\d+)$/ or die "illegal svcnum";
my $svcnum = $1;
my $svc_acct = FS::svc_acct->by_key($svcnum)
or die "svc_acct $svcnum not found";
+my $part_svc = $svc_acct->part_svc;
+die "access denied" unless (
+ $curuser->access_right('Provision customer service') or
+ ( $curuser->access_right('Edit password') and
+ ! $part_svc->restrict_edit_password )
+ );
my $error = $svc_acct->set_password($cgi->param('password'))
|| $svc_acct->replace;
my $error = $svc_acct->set_password($cgi->param('password'))
|| $svc_acct->replace;