From 2f2d78193bfa2e5a869b1eba527b24ea7212cd73 Mon Sep 17 00:00:00 2001
From: tomolimo <tomolimo@gmail.com>
Date: Thu, 18 Jan 2018 13:12:24 +0100
Subject: [PATCH] Added rights checking for deleting/purging Process_Profile

---
 inc/process_profile.class.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/inc/process_profile.class.php b/inc/process_profile.class.php
index b789a6d..dd27d4b 100644
--- a/inc/process_profile.class.php
+++ b/inc/process_profile.class.php
@@ -11,6 +11,11 @@
 class PluginProcessmakerProcess_Profile extends CommonDBTM
 {
    function can($ID, $right, array &$input = NULL) {
+      switch ($right) {
+         case DELETE :
+         case PURGE :
+            return (Session::haveRight('plugin_processmaker_config', UPDATE));
+      }
       return Session::haveRight('plugin_processmaker_config', $right);
    }