Bug 26017: (follow-up) Serverside permission check on registers page

author Martin Renvoize <martin.renvoize@ptfs-europe.com>

Tue, 4 Aug 2020 14:06:02 +0000 (15:06 +0100)

committer Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Thu, 6 Aug 2020 09:37:06 +0000 (11:37 +0200)
author Martin Renvoize <martin.renvoize@ptfs-europe.com>
Tue, 4 Aug 2020 14:06:02 +0000 (15:06 +0100)
committer Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Thu, 6 Aug 2020 09:37:06 +0000 (11:37 +0200)
diff --git a/pos/registers.pl b/pos/registers.pl

index 620b45d..c2194a2 100755 (executable)
--- a/pos/registers.pl
+++ b/pos/registers.pl
@@ -34,6 +34,7 @@ my ( $template, $loggedinuser, $cookie, $user_flags ) = get_template_and_user(
         query           => $input,
         type            => 'intranet',
         authnotrequired => 0,
+        flagsrequired   => { cash_management => [ 'cashup', 'anonymous_refund' ] },
     }
 );
 my $logged_in_user = Koha::Patrons->find($loggedinuser) or die "Not logged in";
author	Martin Renvoize <martin.renvoize@ptfs-europe.com>
	Tue, 4 Aug 2020 14:06:02 +0000 (15:06 +0100)
committer	Jonathan Druart <jonathan.druart@bugs.koha-community.org>
	Thu, 6 Aug 2020 09:37:06 +0000 (11:37 +0200)