projects / manu / RT-Extension-ImportCustomFieldValues.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Check permissions before allowing users to use this import tool
[manu/RT-Extension-ImportCustomFieldValues.git] / html / Admin / CustomFields / ImportValues.html
diff --git a/html/Admin/CustomFields/ImportValues.html b/html/Admin/CustomFields/ImportValues.html
index 9df496f..6a197e2 100644 (file)
--- a/html/Admin/CustomFields/ImportValues.html
+++ b/html/Admin/CustomFields/ImportValues.html
@@ -73,7 +73,11 @@
 my ($title, @results, $values);
 my $CustomField = RT::CustomField->new( $session{'CurrentUser'} );
 unless ( $CustomField->Load( $id ) ) {
-    Abort("CustomField not found");
+    Abort(loc("CustomField not found"));
+}
+unless ( $session{CurrentUser}->HasRight( Right => 'AdminCustomFieldValues', Object => $CustomField )
+         || $session{CurrentUser}->HasRight( Right => 'AdminCustomField', Object => $CustomField ) ) {
+    Abort(loc("No permissions to edit this customfield values"));
 }
 $title = loc( 'Importing values for CustomField [_1]', $CustomField->Name );
 my $name =  'Import-'. $CustomField->Id . '-Values';
Allow to import RT customfield values from CSV file