From: Donald A. Lobo Date: Thu, 16 Jan 2014 21:41:38 +0000 (-0800) Subject: CRM-12882 - Payment Processor passwords should be better hidden X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=e16ce4cd1995dca6e92f75b5c8bb91b08f21d156;p=civicrm-core.git CRM-12882 - Payment Processor passwords should be better hidden http://issues.civicrm.org/jira/browse/CRM-12882 --- diff --git a/CRM/Admin/Form/PaymentProcessor.php b/CRM/Admin/Form/PaymentProcessor.php index d9c8f4d11a..39832402c9 100644 --- a/CRM/Admin/Form/PaymentProcessor.php +++ b/CRM/Admin/Form/PaymentProcessor.php @@ -47,6 +47,9 @@ class CRM_Admin_Form_PaymentProcessor extends CRM_Admin_Form { protected $_ppDAO; function preProcess() { + if(!CRM_Core_Permission::check('administer payment processors')) { + CRM_Core_Error::fatal('You do not have permission to administer payment processors'); + } parent::preProcess(); CRM_Utils_System::setTitle(ts('Settings - Payment Processor')); diff --git a/CRM/Core/Permission.php b/CRM/Core/Permission.php index 4f75345e49..7d9cebd1d2 100644 --- a/CRM/Core/Permission.php +++ b/CRM/Core/Permission.php @@ -552,6 +552,7 @@ class CRM_Core_Permission { 'delete all manual batches' => $prefix . ts('delete all manual batches'), 'export own manual batches' => $prefix . ts('export own manual batches'), 'export all manual batches' => $prefix . ts('export all manual batches'), + 'administer payment processors' => $prefix . ts('administer payment processors'), ); return $permissions; diff --git a/CRM/Core/xml/Menu/Admin.xml b/CRM/Core/xml/Menu/Admin.xml index c24d3ded1c..9d6d9a2ea1 100644 --- a/CRM/Core/xml/Menu/Admin.xml +++ b/CRM/Core/xml/Menu/Admin.xml @@ -477,6 +477,7 @@ Payment Processor setup for CiviCRM transactions CRM_Admin_Page_PaymentProcessor System Settings + administer payment processors admin/small/online_contribution_pages.png 30