acls on new import

diff --git a/httemplate/misc/cust_main_note-import.cgi b/httemplate/misc/cust_main_note-import.cgi
index 07b922f..690ca78 100644 (file)
--- a/httemplate/misc/cust_main_note-import.cgi
+++ b/httemplate/misc/cust_main_note-import.cgi
@@ -198,3 +198,10 @@
 </FORM>
 </BODY>
 </HTML>
+
+<%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Import');
+
+</%init>

diff --git a/httemplate/misc/cust_main_note-import.html b/httemplate/misc/cust_main_note-import.html
index 67f49f3..d8fefa7 100644 (file)
--- a/httemplate/misc/cust_main_note-import.html
+++ b/httemplate/misc/cust_main_note-import.html
@@ -5,7 +5,7 @@
 Import a CSV file containing customer notes records.
 <BR><BR>
 
-File format is CSV, with the following field order: <i>[custnum], last, first, notefield1, notefield2, notefield3...</i>
+File format is CSV, with the following field order: <i>[custnum,] last, first, notefield1, notefield2, notefield3...</i>
 <BR>
 The optional custnum field is identified by being numeric.
 Anything after the character sequence #! is ignored.
@@ -30,3 +30,10 @@ Anything after the character sequence #! is ignored.
 
 <% include('/elements/footer.html') %>
 
+<%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Import');
+
+</%init>
+

diff --git a/httemplate/misc/process/cust_main_note-import.cgi b/httemplate/misc/process/cust_main_note-import.cgi
index af06ae9..efc6224 100644 (file)
--- a/httemplate/misc/process/cust_main_note-import.cgi
+++ b/httemplate/misc/process/cust_main_note-import.cgi
@@ -22,6 +22,10 @@ The following items <% $op eq 'Preview' ? 'would be' : 'were' %> imported.  (See
 </PRE>
   
 <%init>
+
+die "access denied"
+  unless $FS::CurrentUser::CurrentUser->access_right('Import');
+
 my $date = time;
 my $otaker = $FS::CurrentUser::CurrentUser->username;
 my $csv = new Text::CSV_XS;