mirror of
https://github.com/alextselegidis/easyappointments.git
synced 2024-11-14 03:52:21 +03:00
Correct permissions for the customers controller
This commit is contained in:
parent
75542d48c0
commit
98bf660aa2
1 changed files with 7 additions and 6 deletions
|
@ -28,6 +28,7 @@ class Customers extends EA_Controller {
|
||||||
|
|
||||||
$this->load->model('appointments_model');
|
$this->load->model('appointments_model');
|
||||||
$this->load->model('customers_model');
|
$this->load->model('customers_model');
|
||||||
|
$this->load->model('secretaries_model');
|
||||||
$this->load->model('roles_model');
|
$this->load->model('roles_model');
|
||||||
|
|
||||||
$this->load->library('accounts');
|
$this->load->library('accounts');
|
||||||
|
@ -46,7 +47,7 @@ class Customers extends EA_Controller {
|
||||||
|
|
||||||
$user_id = session('user_id');
|
$user_id = session('user_id');
|
||||||
|
|
||||||
if (cannot('view', PRIV_USERS))
|
if (cannot('view', PRIV_CUSTOMERS))
|
||||||
{
|
{
|
||||||
if ($user_id)
|
if ($user_id)
|
||||||
{
|
{
|
||||||
|
@ -115,7 +116,7 @@ class Customers extends EA_Controller {
|
||||||
{
|
{
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
if (cannot('view', PRIV_USERS))
|
if (cannot('view', PRIV_CUSTOMERS))
|
||||||
{
|
{
|
||||||
abort(403, 'Forbidden');
|
abort(403, 'Forbidden');
|
||||||
}
|
}
|
||||||
|
@ -160,7 +161,7 @@ class Customers extends EA_Controller {
|
||||||
{
|
{
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
if (cannot('add', PRIV_USERS))
|
if (cannot('add', PRIV_CUSTOMERS))
|
||||||
{
|
{
|
||||||
abort(403, 'Forbidden');
|
abort(403, 'Forbidden');
|
||||||
}
|
}
|
||||||
|
@ -187,7 +188,7 @@ class Customers extends EA_Controller {
|
||||||
{
|
{
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
if (cannot('edit', PRIV_USERS))
|
if (cannot('edit', PRIV_CUSTOMERS))
|
||||||
{
|
{
|
||||||
abort(403, 'Forbidden');
|
abort(403, 'Forbidden');
|
||||||
}
|
}
|
||||||
|
@ -214,7 +215,7 @@ class Customers extends EA_Controller {
|
||||||
{
|
{
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
if (cannot('delete', PRIV_USERS))
|
if (cannot('delete', PRIV_CUSTOMERS))
|
||||||
{
|
{
|
||||||
abort(403, 'Forbidden');
|
abort(403, 'Forbidden');
|
||||||
}
|
}
|
||||||
|
@ -240,7 +241,7 @@ class Customers extends EA_Controller {
|
||||||
{
|
{
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
if (cannot('view', PRIV_USERS))
|
if (cannot('view', PRIV_CUSTOMERS))
|
||||||
{
|
{
|
||||||
abort(403, 'Forbidden');
|
abort(403, 'Forbidden');
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue