[freeside-commits] freeside/httemplate/edit/process part_pkg.cgi, 1.26, 1.27
Ivan,,,
ivan at wavetail.420.am
Wed Jan 16 20:23:16 PST 2008
Update of /home/cvs/cvsroot/freeside/httemplate/edit/process
In directory wavetail:/tmp/cvs-serv15286/edit/process
Modified Files:
part_pkg.cgi
Log Message:
fix ACLs to allow the limited "package editing" of customizing customer packages
Index: part_pkg.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/edit/process/part_pkg.cgi,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -d -r1.26 -r1.27
--- part_pkg.cgi 13 Jan 2008 21:39:01 -0000 1.26
+++ part_pkg.cgi 17 Jan 2008 04:23:14 -0000 1.27
@@ -11,10 +11,6 @@
%}
<%init>
-die "access denied"
- unless $FS::CurrentUser::CurrentUser->access_right('Edit package definitions')
- || $FS::CurrentUser::CurrentUser->access_right('Edit global package definitions');
-
my $dbh = dbh;
my $conf = new FS::Conf;
@@ -70,6 +66,8 @@
map { $_->svcpart }
qsearch('part_svc', {} );
+my $curuser = $FS::CurrentUser::CurrentUser;
+
my $custnum = '';
if ( $error ) {
@@ -81,12 +79,21 @@
} elsif ( $pkgpart ) {
+ die "access denied"
+ unless $curuser->access_right('Edit package definitions')
+ || $curuser->access_right('Edit global package definitions');
+
$error = $new->replace( $old,
pkg_svc => \%pkg_svc,
primary_svc => scalar($cgi->param('pkg_svc_primary')),
);
} else {
+ die "access denied"
+ unless $curuser->access_right('Edit package definitions')
+ || $curuser->access_right('Edit global package definitions');
+ || ( $cgi->param('pkgnum') && $curuser->access_right('Customize customer package') );
+
$error = $new->insert( pkg_svc => \%pkg_svc,
primary_svc => scalar($cgi->param('pkg_svc_primary')),
cust_pkg => $cgi->param('pkgnum'),
More information about the freeside-commits
mailing list