From 5a19b786ad119c32a2c0096e285e47a974cd4057 Mon Sep 17 00:00:00 2001
From: Uma S <uma.s@vtiger.com>
Date: Fri, 9 Aug 2019 18:11:41 +0530
Subject: [PATCH] Checkpermission on ConvertLead is added

---
 modules/Leads/views/ConvertLead.php     | 13 +++++--------
 modules/Leads/views/SaveConvertLead.php | 13 +++++--------
 2 files changed, 10 insertions(+), 16 deletions(-)

diff --git a/modules/Leads/views/ConvertLead.php b/modules/Leads/views/ConvertLead.php
index f3aae631b..99a84155a 100644
--- a/modules/Leads/views/ConvertLead.php
+++ b/modules/Leads/views/ConvertLead.php
@@ -10,14 +10,11 @@
 
 class Leads_ConvertLead_View extends Vtiger_Index_View {
 
-	function checkPermission(Vtiger_Request $request) {
-		$moduleName = $request->getModule();
-		$moduleModel = Vtiger_Module_Model::getInstance($moduleName);
-
-		$currentUserPriviligesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
-		if(!$currentUserPriviligesModel->hasModuleActionPermission($moduleModel->getId(), 'ConvertLead')) {
-			throw new AppException(vtranslate('LBL_PERMISSION_DENIED', $moduleName));
-		}
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView', 'record_parameter' => 'record');
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'ConvertLead', 'record_parameter' => 'record');
+		return $permissions;
 	}
 
 	function process(Vtiger_Request $request) {
diff --git a/modules/Leads/views/SaveConvertLead.php b/modules/Leads/views/SaveConvertLead.php
index ba5fd0bbf..dd28a74ea 100644
--- a/modules/Leads/views/SaveConvertLead.php
+++ b/modules/Leads/views/SaveConvertLead.php
@@ -11,14 +11,11 @@ vimport('~~/include/Webservices/ConvertLead.php');
 
 class Leads_SaveConvertLead_View extends Vtiger_View_Controller {
 
-	function checkPermission(Vtiger_Request $request) {
-		$moduleName = $request->getModule();
-		$moduleModel = Vtiger_Module_Model::getInstance($moduleName);
-
-		$currentUserPrivilegesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
-		if(!$currentUserPrivilegesModel->hasModuleActionPermission($moduleModel->getId(), 'ConvertLead')) {
-			throw new AppException(vtranslate('LBL_CONVERT_LEAD_PERMISSION_DENIED', $moduleName));
-		}
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView', 'record_parameter' => 'record');
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'ConvertLead', 'record_parameter' => 'record');
+		return $permissions;
 	}
 
 	public function process(Vtiger_Request $request) {
-- 
GitLab