ifl/iflrandevu
1
1
Fork 0
forked from mirrors/easyappointments
Code Issues 6 Pull requests Releases 3 Activity

Correct permissions for the customers controller

Browse source
This commit is contained in:
Alex Tselegidis 2022-05-10 14:26:43 +02:00
parent 75542d48c0
commit 98bf660aa2
1 changed files with 7 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
application/controllers/Customers.php
View file

@ -28,6 +28,7 @@ class Customers extends EA_Controller {
$this->load->model('appointments_model');
$this->load->model('customers_model');
$this->load->model('secretaries_model');
$this->load->model('roles_model');
$this->load->library('accounts');
@ -46,7 +47,7 @@ class Customers extends EA_Controller {
$user_id = session('user_id');
if (cannot('view', PRIV_USERS))
if (cannot('view', PRIV_CUSTOMERS))
{
if ($user_id)
{
@ -115,7 +116,7 @@ class Customers extends EA_Controller {
{
try
{
if (cannot('view', PRIV_USERS))
if (cannot('view', PRIV_CUSTOMERS))
{
abort(403, 'Forbidden');
}
@ -160,7 +161,7 @@ class Customers extends EA_Controller {
{
try
{
if (cannot('add', PRIV_USERS))
if (cannot('add', PRIV_CUSTOMERS))
{
abort(403, 'Forbidden');
}
@ -187,7 +188,7 @@ class Customers extends EA_Controller {
{
try
{
if (cannot('edit', PRIV_USERS))
if (cannot('edit', PRIV_CUSTOMERS))
{
abort(403, 'Forbidden');
}
@ -214,7 +215,7 @@ class Customers extends EA_Controller {
{
try
{
if (cannot('delete', PRIV_USERS))
if (cannot('delete', PRIV_CUSTOMERS))
{
abort(403, 'Forbidden');
}
@ -240,7 +241,7 @@ class Customers extends EA_Controller {
{
try
{
if (cannot('view', PRIV_USERS))
if (cannot('view', PRIV_CUSTOMERS))
{
abort(403, 'Forbidden');
}