LP#1977761: (follow-up) enforce use of the permission at API level

Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>

diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Application/Acq/Financials.pm b/Open-ILS/src/perlmods/lib/OpenILS/Application/Acq/Financials.pm
index f5680f2..597faa6 100644 (file)
--- a/Open-ILS/src/perlmods/lib/OpenILS/Application/Acq/Financials.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS/Application/Acq/Financials.pm
@@ -1378,7 +1378,7 @@ sub process_fiscal_rollover {
 
     my $e = new_editor(xact=>1, authtoken=>$auth);
     return $e->die_event unless $e->checkauth;
-    return $e->die_event unless $e->allowed('ADMIN_FUND', $org_id);
+    return $e->die_event unless $e->allowed('ADMIN_FUND_ROLLOVER', $org_id);
     $options ||= {};
 
     my $combined = ($self->api_name =~ /combined/);