Skip to content
This repository has been archived by the owner. It is now read-only.
Permalink
Browse files

N°1328 Fix CSV import : check if user has rights on imported class

git-svn-id: http://svn.code.sf.net/p/itop/code/trunk@5597 a333f486-631f-4898-b8df-5754b55c2be0
  • Loading branch information...
pgoiffon
pgoiffon committed Apr 3, 2018
1 parent 85a34aa commit eb77b7a2473d6e04590a32241668d9a73fe14951
Showing with 7 additions and 1 deletion.
  1. +7 −1 pages/csvimport.php
@@ -192,6 +192,13 @@ function DisplaySynchroBanner(WebPage $oP, $sClass, $iCount)
*/
function ProcessCSVData(WebPage $oPage, $bSimulate = true)
{
$sClassName = utils::ReadParam('class_name', '', false, 'class');
// Class access right check for the import
if (UserRights::IsActionAllowed($sClassName, UR_ACTION_MODIFY) == UR_ALLOWED_NO)
{
throw new CoreException(Dict::S('UI:ActionNotAllowed'));
}
$aResult = array();
$sCSVData = utils::ReadParam('csvdata', '', false, 'raw_data');
$sCSVDataTruncated = utils::ReadParam('csvdata_truncated', '', false, 'raw_data');
@@ -203,7 +210,6 @@ function ProcessCSVData(WebPage $oPage, $bSimulate = true)
{
$iSkippedLines = utils::ReadParam('nb_skipped_lines', '0');
}
$sClassName = utils::ReadParam('class_name', '', false, 'class');
$aFieldsMapping = utils::ReadParam('field', array(), false, 'raw_data');
$aSearchFields = utils::ReadParam('search_field', array(), false, 'field_name');
$iCurrentStep = $bSimulate ? 4 : 5;

0 comments on commit eb77b7a

Please sign in to comment.
You can’t perform that action at this time.