Bootmenu User/Admin View

1 files changed, 2 insertions, 5 deletions

diff --git a/application/modules/user/controllers/ConfigController.php b/application/modules/user/controllers/ConfigController.php
index df32385..6f5497a 100644
--- a/application/modules/user/controllers/ConfigController.php
+++ b/application/modules/user/controllers/ConfigController.php
@@ -26,10 +26,7 @@ class user_ConfigController extends Zend_Controller_Action
 
 			$this->db = Zend_Db_Table::getDefaultAdapter();
 			
-			
 			$this->type = $this->_request->getParam('type');
-
-				
 		} else {
 			$this->_helper->redirector('login', 'auth');
 		}
@@ -155,10 +152,10 @@ class user_ConfigController extends Zend_Controller_Action
     	$this->configMapper->find($configID, $config);
     	
     	if($config->getMembershipID() != null){
-    		if($this->membership->getID() != $config->getMembershipID())
+    		if($this->membership->getID() != $config->getMembershipID() || !Pbs_Acl::checkRight('ceo'))
     			$this->_redirect('/user/config/index/type/'.$this->type.'/page/'.$this->page.'/modifyresult/forbidden');
     	}else{
-    		if($this->membership->getGroupID() != $config->getGroupID())
+    		if($this->membership->getGroupID() != $config->getGroupID() || (!Pbs_Acl::checkRight('ce') && !Pbs_Acl::checkRight('cem')))
     			$this->_redirect('/user/config/index/type/'.$this->type.'/page/'.$this->page.'/modifyresult/forbidden');
     	}