From 1111f2f81b3aeac2d2c6a0a95d9191ecc0fb4e73 Mon Sep 17 00:00:00 2001
From: Uma S <uma.s@vtiger.com>
Date: Thu, 8 Aug 2019 17:50:45 +0530
Subject: [PATCH] Checkpermission genralized on security issue

---
 modules/Accounts/actions/TransferOwnership.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/modules/Accounts/actions/TransferOwnership.php b/modules/Accounts/actions/TransferOwnership.php
index 1fa983429..d5b11d18f 100644
--- a/modules/Accounts/actions/TransferOwnership.php
+++ b/modules/Accounts/actions/TransferOwnership.php
@@ -27,6 +27,9 @@ class Accounts_TransferOwnership_Action extends Vtiger_Action_Controller {
 			if($permissionStatus){
 				$this->transferRecordIds[] = $recordId;
 			}
+			if(empty($this->transferRecordIds)){
+				throw new AppException(vtranslate('LBL_RECORD_PERMISSION_DENIED'));
+			}
 		}
 		return true;
 	}
-- 
GitLab