X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=httemplate%2Fedit%2Fprocess%2Fsvc_forward.cgi;fp=httemplate%2Fedit%2Fprocess%2Fsvc_forward.cgi;h=fffad84d61282aec69e7b073ae4aac39cd79ef4f;hp=3205312f10de88bf76355713538a3ac95e6e3ec4;hb=0930d22ffc440f80c1b222b2e750cadbabd9e8f6;hpb=f49f11d4c3c4ba9480cc5c9acfaa606a5ba73ad1

diff --git a/httemplate/edit/process/svc_forward.cgi b/httemplate/edit/process/svc_forward.cgi
index 3205312f1..fffad84d6 100755
--- a/httemplate/edit/process/svc_forward.cgi
+++ b/httemplate/edit/process/svc_forward.cgi
@@ -1,30 +1,31 @@
-%
-%
-%$cgi->param('svcnum') =~ /^(\d*)$/ or die "Illegal svcnum!";
-%my $svcnum =$1;
-%
-%my $old = qsearchs('svc_forward',{'svcnum'=>$svcnum}) if $svcnum;
-%
-%my $new = new FS::svc_forward ( {
-%  map {
-%    ($_, scalar($cgi->param($_)));
-%  } ( fields('svc_forward'), qw( pkgnum svcpart ) )
-%} );
-%
-%my $error = '';
-%if ( $svcnum ) {
-%  $error = $new->replace($old);
-%} else {
-%  $error = $new->insert;
-%  $svcnum = $new->getfield('svcnum');
-%} 
-%
 %if ($error) {
 %  $cgi->param('error', $error);
-%  print $cgi->redirect(popurl(2). "svc_forward.cgi?". $cgi->query_string );
+<% $cgi->redirect(popurl(2). "svc_forward.cgi?". $cgi->query_string ) %>
 %} else {
-%  print $cgi->redirect(popurl(3). "view/svc_forward.cgi?$svcnum");
+<% $cgi->redirect(popurl(3). "view/svc_forward.cgi?$svcnum") %>
 %}
-%
-%
+<%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Provision customer service'); #something else more specific?
+
+$cgi->param('svcnum') =~ /^(\d*)$/ or die "Illegal svcnum!";
+my $svcnum =$1;
+
+my $old = qsearchs('svc_forward',{'svcnum'=>$svcnum}) if $svcnum;
+
+my $new = new FS::svc_forward ( {
+  map {
+    ($_, scalar($cgi->param($_)));
+  } ( fields('svc_forward'), qw( pkgnum svcpart ) )
+} );
+
+my $error = '';
+if ( $svcnum ) {
+  $error = $new->replace($old);
+} else {
+  $error = $new->insert;
+  $svcnum = $new->getfield('svcnum');
+} 
 
+</%init>