Skip to content
This repository has been archived by the owner on Sep 3, 2018. It is now read-only.

Commit

Permalink
N°1328 Fix CSV import : check if user has rights on imported class
Browse files Browse the repository at this point in the history
git-svn-id: http://svn.code.sf.net/p/itop/code/trunk@5597 a333f486-631f-4898-b8df-5754b55c2be0
  • Loading branch information
pgoiffon committed Apr 3, 2018
1 parent 85a34aa commit eb77b7a
Showing 1 changed file with 7 additions and 1 deletion.
8 changes: 7 additions & 1 deletion pages/csvimport.php
Original file line number Diff line number Diff line change
Expand Up @@ -192,6 +192,13 @@ function DisplaySynchroBanner(WebPage $oP, $sClass, $iCount)
*/
function ProcessCSVData(WebPage $oPage, $bSimulate = true)
{
$sClassName = utils::ReadParam('class_name', '', false, 'class');
// Class access right check for the import
if (UserRights::IsActionAllowed($sClassName, UR_ACTION_MODIFY) == UR_ALLOWED_NO)
{
throw new CoreException(Dict::S('UI:ActionNotAllowed'));
}

$aResult = array();
$sCSVData = utils::ReadParam('csvdata', '', false, 'raw_data');
$sCSVDataTruncated = utils::ReadParam('csvdata_truncated', '', false, 'raw_data');
Expand All @@ -203,7 +210,6 @@ function ProcessCSVData(WebPage $oPage, $bSimulate = true)
{
$iSkippedLines = utils::ReadParam('nb_skipped_lines', '0');
}
$sClassName = utils::ReadParam('class_name', '', false, 'class');
$aFieldsMapping = utils::ReadParam('field', array(), false, 'raw_data');
$aSearchFields = utils::ReadParam('search_field', array(), false, 'field_name');
$iCurrentStep = $bSimulate ? 4 : 5;
Expand Down

0 comments on commit eb77b7a

Please sign in to comment.