[freeside-commits] freeside/httemplate/misc/process payment.cgi, 1.22.4.1, 1.22.4.2
Ivan,,,
ivan at wavetail.420.am
Tue Aug 2 17:05:05 PDT 2011
Update of /home/cvs/cvsroot/freeside/httemplate/misc/process
In directory wavetail.420.am:/tmp/cvs-serv18077/httemplate/misc/process
Modified Files:
Tag: FREESIDE_2_3_BRANCH
payment.cgi
Log Message:
resolve inconsistency with posting payments then not having the ACL to view them: add "View payments" and "View refunds" rights, redirect payment/refund posting back to customer view if you cannot see the result
Index: payment.cgi
===================================================================
RCS file: /home/cvs/cvsroot/freeside/httemplate/misc/process/payment.cgi,v
retrieving revision 1.22.4.1
retrieving revision 1.22.4.2
diff -u -w -d -r1.22.4.1 -r1.22.4.2
--- payment.cgi 2 Aug 2011 20:17:02 -0000 1.22.4.1
+++ payment.cgi 3 Aug 2011 00:05:03 -0000 1.22.4.2
@@ -10,13 +10,16 @@
<% include('/elements/footer.html') %>
-% } else {
+% #2.5/2.7?# } elsif ( $curuser->access_right('View payments') ) {
+% } elsif ( $curuser->access_right(['View invoices', 'View payments']) ) {
<% $cgi->redirect(popurl(3). "view/cust_pay.html?paynum=$paynum" ) %>
+% } else {
+<% $cgi->redirect(popurl(3). "view/cust_main.html?custnum=$custnum" ) %>
% }
<%init>
-die "access denied"
- unless $FS::CurrentUser::CurrentUser->access_right('Process payment');
+my $curuser = $FS::CurrentUser::CurrentUser;
+die "access denied" unless $curuser->access_right('Process payment');
#some false laziness w/MyAccount::process_payment
More information about the freeside-commits
mailing list