projects / manu / RT-Extension-ImportCustomFieldValues.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Check permissions before allowing users to use this import tool
[manu/RT-Extension-ImportCustomFieldValues.git] / html / Callbacks / ImportCustomFieldValues / Elements / Tabs / Privileged
diff --git a/html/Callbacks/ImportCustomFieldValues/Elements/Tabs/Privileged b/html/Callbacks/ImportCustomFieldValues/Elements/Tabs/Privileged
index 60a8d6f..528489f 100644 (file)
--- a/html/Callbacks/ImportCustomFieldValues/Elements/Tabs/Privileged
+++ b/html/Callbacks/ImportCustomFieldValues/Elements/Tabs/Privileged
@@ -4,7 +4,10 @@ if ( $request_path =~ qr{^/Admin/CustomFields/} && $m->request_args->{'id'} &&
     my $tabs = PageMenu;
     my $CustomField = RT::CustomField->new( $session{'CurrentUser'} );
     $CustomField->Load($m->request_args->{'id'});
-    if ( $CustomField->Type && $CustomField->Type eq 'Select' ) {
+    if ( $CustomField->Type && $CustomField->Type eq 'Select' 
+         && ( $session{CurrentUser}->HasRight( Right => 'AdminCustomFieldValues', Object => $CustomField )
+         || $session{CurrentUser}->HasRight( Right => 'AdminCustomField', Object => $CustomField ) )
+        ) {
         $tabs->child(
             'cf-import-values' => title => loc('Import from CSV'),
             path => '/Admin/CustomFields/ImportValues.html?id=' . $m->request_args->{'id'}
Allow to import RT customfield values from CSV file