From: Web Access <rohan.katkar@webaccessglobal.com>
Date: Mon, 13 Jul 2015 09:26:25 +0000 (+0530)
Subject: Modifications to CRM-16777
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=9c74fabcb098f539436851b5d0f40fbe630908fb;p=civicrm-core.git

Modifications to CRM-16777
---

diff --git a/CRM/Admin/Form/ScheduleReminders.php b/CRM/Admin/Form/ScheduleReminders.php
index 6877fcacf0..721004ecb3 100644
--- a/CRM/Admin/Form/ScheduleReminders.php
+++ b/CRM/Admin/Form/ScheduleReminders.php
@@ -58,6 +58,11 @@ class CRM_Admin_Form_ScheduleReminders extends CRM_Admin_Form {
     $providersCount = CRM_SMS_BAO_Provider::activeProviderCount();
     $this->_context = CRM_Utils_Request::retrieve('context', 'String', $this);
 
+    //CRM-16777: Don't provide access to administer schedule reminder page, with user that does not have 'administer CiviCRM' permission
+    if (empty($this->_context) && !CRM_Core_Permission::check('administer CiviCRM')) {
+      CRM_Core_Error::fatal(ts('You do not have permission to access this page.'));
+    }
+
     if ($this->_action & (CRM_Core_Action::DELETE)) {
       $reminderName = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_ActionSchedule', $this->_id, 'title');
       if ($this->_context == 'event') {