From d68a1e54e40ec5ce8d9ed3da0627f50b605d7216 Mon Sep 17 00:00:00 2001
From: Brady Miller <brady.g.miller@gmail.com>
Date: Tue, 26 Apr 2022 18:27:57 -0700
Subject: [PATCH] bug fix a1

---
 interface/main/tabs/menu/menus/standard.json     | 10 +++++++---
 interface/reports/background_services.php        |  6 ++++++
 interface/reports/direct_message_log.php         |  6 ++++++
 sites/default/documents/custom_menus/Custom.json | 10 +++++++---
 4 files changed, 26 insertions(+), 6 deletions(-)

diff --git a/interface/main/tabs/menu/menus/standard.json b/interface/main/tabs/menu/menus/standard.json
index 64b4282737c..2dccc7c01cb 100644
--- a/interface/main/tabs/menu/menus/standard.json
+++ b/interface/main/tabs/menu/menus/standard.json
@@ -1989,7 +1989,7 @@
             "requirement": 0,
             "acl_req": [
               "admin",
-              "batchcom"
+              "super"
             ]
           },
           {
@@ -1998,13 +1998,17 @@
             "target": "rep",
             "url": "/interface/reports/direct_message_log.php",
             "children": [],
-            "requirement": 0
+            "requirement": 0,
+            "acl_req": [
+              "admin",
+              "super"
+            ]
           }
         ],
         "requirement": 0,
         "acl_req": [
           "admin",
-          "batchcom"
+          "super"
         ]
       }
     ],
diff --git a/interface/reports/background_services.php b/interface/reports/background_services.php
index f2a28ee7694..53041f6719e 100644
--- a/interface/reports/background_services.php
+++ b/interface/reports/background_services.php
@@ -12,7 +12,13 @@
 
 require_once("../globals.php");
 
+use OpenEMR\Common\Acl\AclMain;
 use OpenEMR\Core\Header;
+
+if (!AclMain::aclCheckCore('admin', 'super')) {
+    echo xlt('Not Authorized');
+    exit;
+}
 ?>
 
 <html>
diff --git a/interface/reports/direct_message_log.php b/interface/reports/direct_message_log.php
index e44080f342b..bac7527c966 100644
--- a/interface/reports/direct_message_log.php
+++ b/interface/reports/direct_message_log.php
@@ -12,9 +12,15 @@
 
 require_once("../globals.php");
 
+use OpenEMR\Common\Acl\AclMain;
 use OpenEMR\Common\Csrf\CsrfUtils;
 use OpenEMR\Core\Header;
 
+if (!AclMain::aclCheckCore('admin', 'super')) {
+    echo xlt('Not Authorized');
+    exit;
+}
+
 if (!empty($_POST)) {
     if (!CsrfUtils::verifyCsrfToken($_POST["csrf_token_form"])) {
         CsrfUtils::csrfNotVerified();
diff --git a/sites/default/documents/custom_menus/Custom.json b/sites/default/documents/custom_menus/Custom.json
index 64b4282737c..2dccc7c01cb 100644
--- a/sites/default/documents/custom_menus/Custom.json
+++ b/sites/default/documents/custom_menus/Custom.json
@@ -1989,7 +1989,7 @@
             "requirement": 0,
             "acl_req": [
               "admin",
-              "batchcom"
+              "super"
             ]
           },
           {
@@ -1998,13 +1998,17 @@
             "target": "rep",
             "url": "/interface/reports/direct_message_log.php",
             "children": [],
-            "requirement": 0
+            "requirement": 0,
+            "acl_req": [
+              "admin",
+              "super"
+            ]
           }
         ],
         "requirement": 0,
         "acl_req": [
           "admin",
-          "batchcom"
+          "super"
         ]
       }
     ],