From e28e785831554de605442db48a669db6ec6ffdb1 Mon Sep 17 00:00:00 2001 From: Martin Renvoize Date: Tue, 4 Aug 2020 15:06:02 +0100 Subject: [PATCH] Bug 26017: (follow-up) Serverside permission check on registers page This patch adds a serverside permissions check for the display of the registers summary page. Signed-off-by: Jonathan Druart (cherry picked from commit 1ae7efa3bb7806ac5a7e3f2882a7139e627b22c6) Signed-off-by: Lucas Gass --- pos/registers.pl | 1 + 1 file changed, 1 insertion(+) diff --git a/pos/registers.pl b/pos/registers.pl index 620b45dbab..c2194a2417 100755 --- a/pos/registers.pl +++ b/pos/registers.pl @@ -34,6 +34,7 @@ my ( $template, $loggedinuser, $cookie, $user_flags ) = get_template_and_user( query => $input, type => 'intranet', authnotrequired => 0, + flagsrequired => { cash_management => [ 'cashup', 'anonymous_refund' ] }, } ); my $logged_in_user = Koha::Patrons->find($loggedinuser) or die "Not logged in"; -- 2.39.5