1 files changed, 6 insertions, 3 deletions

diff --git a/application/modules/user/controllers/GroupController.php b/application/modules/user/controllers/GroupController.php
index e36bba7..2d4fc64 100644
--- a/application/modules/user/controllers/GroupController.php
+++ b/application/modules/user/controllers/GroupController.php
@@ -275,6 +275,8 @@ class User_GroupController extends Zend_Controller_Action
 
 	public function linkAction()
 	{
+		if(!Pbs_Acl::checkRight('glk'))
+			$this->_redirect('/user');
 		if (!isset($_POST["link"])){
 			$linkForm = new user_Form_GroupLink(array('grouplist' => $this->groupList));
 		} else {
@@ -304,7 +306,7 @@ class User_GroupController extends Zend_Controller_Action
 	{
 		// ACL delete a group
 		if(!Pbs_Acl::checkRight('gd'))
-		$this->_redirect('/user');
+			$this->_redirect('/user');
 
 		$this->_helper->viewRenderer->setNoRender();
 		$groupID = $this->_request->getParam('groupID');
@@ -343,7 +345,7 @@ class User_GroupController extends Zend_Controller_Action
 	{
 		// ACL grant a membership to request
 		if(!Pbs_Acl::checkRight('gam'))
-		$this->_redirect('/user');
+			$this->_redirect('/user');
 			
 		$this->_helper->viewRenderer->setNoRender();
 		if(isset($_POST['grouprequestID']) && isset($_POST['roleID'])) {
@@ -358,8 +360,9 @@ class User_GroupController extends Zend_Controller_Action
 			}
 			$membership = new Application_Model_Membership();
 			$membership->setGroupID($groupRequest->getGroupID());
-			$membership->setPersonID($groupRequest->getPersonID());
+			$membership->setPersonID($groupRequest->getPersonID());			
 			$membership->setRoleID($_POST['roleID']);
+			$membership->setSuspended(0);
 			try {
 				$id = $this->membershipMapper->save($membership);