use check_view_access instead of checking for admin

2025-03-11 16:35:38 +00:00 · 2021-06-23 17:55:35 +02:00 · 2021-06-23 17:55:35 +02:00 · cefcdc966b
commit cefcdc966b
parent 780d398d4c
1 changed files with 2 additions and 2 deletions
--- a/out/out.ImportUsers.php
+++ b/out/out.ImportUsers.php
@ -30,8 +30,8 @@ require_once("inc/inc.Authentication.php");

 $tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME']));
 $view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user));
-$accessop = new SeedDMS_AccessOperation($dms, null, $user, $settings);
-if (!$user->isAdmin()) {
+$accessop = new SeedDMS_AccessOperation($dms, $user, $settings);
+if (!$accessop->check_view_access($view, $_GET)) {
 	UI::exitError(getMLText("admin_tools"),getMLText("access_denied"));
 }