From 87ff794bc37c12c22ddc03c4182e4d37446df245 Mon Sep 17 00:00:00 2001 From: ivan Date: Fri, 9 Dec 2011 01:02:10 +0000 Subject: [PATCH] Add "View email logs" ACL - "View customers of all agents" was definitely not the right ACL there --- FS/FS/AccessRight.pm | 1 + httemplate/elements/menu.html | 3 ++- httemplate/search/cust_msg.html | 3 ++- httemplate/view/cust_msg.html | 3 ++- 4 files changed, 7 insertions(+), 3 deletions(-) diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm index 7351c6d7f..1bfae03ad 100644 --- a/FS/FS/AccessRight.pm +++ b/FS/FS/AccessRight.pm @@ -264,6 +264,7 @@ tie my %rights, 'Tie::IxHash', 'Receivables report', 'Financial reports', { rightname=> 'List inventory', global=>1 }, + { rightname=>'View email logs', global=>1 }, #{ rightname => 'List customers of all agents', global=>1 }, ], diff --git a/httemplate/elements/menu.html b/httemplate/elements/menu.html index 6bfe712f8..746a5008e 100644 --- a/httemplate/elements/menu.html +++ b/httemplate/elements/menu.html @@ -413,7 +413,8 @@ $tools_menu{'Time Queue'} = [ $fsurl.'search/report_timeworked.html', 'View pen $tools_menu{'Attachments'} = [ $fsurl.'browse/cust_attachment.html', 'View customer attachments' ] if !$conf->config('disable_cust_attachment') and $curuser->access_right('View attachments') and $curuser->access_right('Browse attachments'); $tools_menu{'Outgoing messages'} = [ $fsurl.'search/cust_msg.html', 'View outgoing message log' ] #shouldn't this be in the reports menu? - if $curuser->access_right('Configuration'); + if $curuser->access_right('View email logs') + || $curuser->access_right('Configuration'); $tools_menu{'Importing'} = [ \%tools_importing, 'Import tools' ] if $curuser->access_right('Import'); $tools_menu{'Exporting'} = [ \%tools_exporting, 'Export tools' ] diff --git a/httemplate/search/cust_msg.html b/httemplate/search/cust_msg.html index 64fae30bd..88286aeee 100644 --- a/httemplate/search/cust_msg.html +++ b/httemplate/search/cust_msg.html @@ -41,7 +41,8 @@ <%init> #hmm... die "access denied" - unless $FS::CurrentUser::CurrentUser->access_right('View customers of all agents'); + unless $FS::CurrentUser::CurrentUser->access_right('View email logs') + || $FS::CurrentUser::CurrentUser->access_right('Configuration'); my $conf = new FS::Conf; diff --git a/httemplate/view/cust_msg.html b/httemplate/view/cust_msg.html index a5846109a..0992d8a26 100755 --- a/httemplate/view/cust_msg.html +++ b/httemplate/view/cust_msg.html @@ -38,7 +38,8 @@ readonly=1 cols=80 rows=20> <%init> my $curuser = $FS::CurrentUser::CurrentUser; -die "access denied" if !$curuser->access_right('View customers of all agents'); +die "access denied" if !$curuser->access_right('View email logs')) + && !$curuser->access_right('Configuration'); my ($custmsgnum) = $cgi->keywords; $custmsgnum =~ /^(\d+)$/ or die "illegal custmsgnum"; -- 2.11.0