Bug 20861: Correct EDI permissions on EDI messsages

The permission for EDI is edi_manage, but 2 pages asked
for manage_edi, allowing users not to access those.

To test:
- Add edi_manage to your permissions
- Try to access the EDIFACT messages from the
  acq start page
- Verify it doesn't work
- Apply patch and try again
- You should be able to access the page now
- Try to access the other page directly (if you don't
  have EDI data):
  /cgi-bin/koha/acqui/edimsg.pl
- Verify you can access the page and don't get a
  permission error

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

diff --git a/acqui/edifactmsgs.pl b/acqui/edifactmsgs.pl
index c706d92..12e2257 100755 (executable)
--- a/acqui/edifactmsgs.pl
+++ b/acqui/edifactmsgs.pl
@@ -31,7 +31,7 @@ my ( $template, $loggedinuser, $cookie, $userflags ) = get_template_and_user(
         query           => $q,
         type            => 'intranet',
         authnotrequired => 0,
-        flagsrequired   => { acquisition => 'manage_edi' },
+        flagsrequired   => { acquisition => 'edi_manage' },
         debug           => 1,
     }
 );

diff --git a/acqui/edimsg.pl b/acqui/edimsg.pl
index acc5bea..af6771f 100755 (executable)
--- a/acqui/edimsg.pl
+++ b/acqui/edimsg.pl
@@ -31,7 +31,7 @@ my ( $template, $loggedinuser, $cookie, $userflags ) = get_template_and_user(
         query           => $q,
         type            => 'intranet',
         authnotrequired => 0,
-        flagsrequired   => { acquisition => 'manage_edi' },
+        flagsrequired   => { acquisition => 'edi_manage' },
         debug           => 1,
     }
 );