Check permissions before displaying download buttons

author: Ted Trask <ttrask01@yahoo.com> 2011-09-09 20:49:31 +0000
committer: Ted Trask <ttrask01@yahoo.com> 2011-09-09 20:49:31 +0000
commit: 049eb581d3169f87b167bb99de5ed3af1c7bcab3 (patch)
tree: ffcf64d413d8dd6562617b261a8e4abae16933e8 /weblog-adhocquery-html.lsp
parent: 5b3647c7f98f04f33ae21e28e75dca9b8d9e9ff5 (diff)
download: acf-weblog-049eb581d3169f87b167bb99de5ed3af1c7bcab3.tar.bz2
acf-weblog-049eb581d3169f87b167bb99de5ed3af1c7bcab3.tar.xz
1 files changed, 2 insertions, 0 deletions
diff --git a/weblog-adhocquery-html.lsp b/weblog-adhocquery-html.lsp
index 69feb37..2923005 100644
--- a/weblog-adhocquery-html.lsp
+++ b/weblog-adhocquery-html.lsp
@@ -33,12 +33,14 @@ require("viewfunctions")
 		<% end %>
 		</TABLE>
 
+		<% if viewlibrary.check_permission("downloadadhocquery") then %>
 		<form action="/cgi-bin/acf/weblog/weblog/downloadadhocquery" method="POST">
 		<input class="hidden" type="hidden"  name="query"  value="<%= html.html_escape(form.value.query.value) %>" >
 		<DL>
 		<DT>Download query result</DT><DD><input class="submit" type="submit" name="Download" value="Download"></DD>
 		</DL>
 		</FORM>
+		<% end %>
 	<% end %>
 <% end %>
author	Ted Trask <ttrask01@yahoo.com>	2011-09-09 20:49:31 +0000
committer	Ted Trask <ttrask01@yahoo.com>	2011-09-09 20:49:31 +0000
commit	049eb581d3169f87b167bb99de5ed3af1c7bcab3 (patch)
tree	ffcf64d413d8dd6562617b261a8e4abae16933e8 /weblog-adhocquery-html.lsp
parent	5b3647c7f98f04f33ae21e28e75dca9b8d9e9ff5 (diff)
download	acf-weblog-049eb581d3169f87b167bb99de5ed3af1c7bcab3.tar.bz2 acf-weblog-049eb581d3169f87b167bb99de5ed3af1c7bcab3.tar.xz