Improved access checks for swap_roles.php.

[timetracker.git] / topdf.php

diff --git a/topdf.php b/topdf.php
index b8f6684c475b447b4ae50e16e8a54af33178cb07..475522ef9ca87cb6dbe121929f48cabf3d583268 100644 (file)
--- a/topdf.php
+++ b/topdf.php
@@ -35,11 +35,12 @@ import('form.Form');
 import('form.ActionForm');
 import('ttReportHelper');
 
-// Access check.
-if (!ttAccessAllowed('view_own_reports')) {
+// Access checks.
+if (!(ttAccessAllowed('view_own_reports') || ttAccessAllowed('view_reports'))) {
   header('Location: access_denied.php');
   exit();
 }
+// End of access checks.
 
 // Check whether TCPDF library is available.
 if (!file_exists('WEB-INF/lib/tcpdf/'))