[freeside-commits] freeside/httemplate/misc/process payment.cgi, 1.22.4.1, 1.22.4.2

Ivan,,, ivan at wavetail.420.am
Tue Aug 2 17:05:05 PDT 2011


Update of /home/cvs/cvsroot/freeside/httemplate/misc/process
In directory wavetail.420.am:/tmp/cvs-serv18077/httemplate/misc/process

Modified Files:
      Tag: FREESIDE_2_3_BRANCH
	payment.cgi 
Log Message:
resolve inconsistency with posting payments then not having the ACL to view them: add "View payments" and "View refunds" rights, redirect payment/refund posting back to customer view if you cannot see the result

Index: payment.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/payment.cgi,v
retrieving revision 1.22.4.1
retrieving revision 1.22.4.2
diff -u -w -d -r1.22.4.1 -r1.22.4.2
--- payment.cgi	2 Aug 2011 20:17:02 -0000	1.22.4.1
+++ payment.cgi	3 Aug 2011 00:05:03 -0000	1.22.4.2
@@ -10,13 +10,16 @@
 
   <% include('/elements/footer.html') %>
 
-% } else {
+% #2.5/2.7?# } elsif ( $curuser->access_right('View payments') ) {
+% } elsif ( $curuser->access_right(['View invoices', 'View payments']) ) {
 <% $cgi->redirect(popurl(3). "view/cust_pay.html?paynum=$paynum" ) %>
+% } else {
+<% $cgi->redirect(popurl(3). "view/cust_main.html?custnum=$custnum" ) %>
 % }
 <%init>
 
-die "access denied"
-  unless $FS::CurrentUser::CurrentUser->access_right('Process payment');
+my $curuser = $FS::CurrentUser::CurrentUser;
+die "access denied" unless $curuser->access_right('Process payment');
 
 #some false laziness w/MyAccount::process_payment
 



More information about the freeside-commits mailing list