From 0329c68bf7d33e8acdcdcd3e06f9d676cd776025 Mon Sep 17 00:00:00 2001
From: michael pereira
Date: Mon, 11 Apr 2011 01:33:18 +0200
Subject: Bootmenu User/Admin View

---
 application/modules/user/controllers/ConfigController.php | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

(limited to 'application/modules/user/controllers/ConfigController.php')

diff --git a/application/modules/user/controllers/ConfigController.php b/application/modules/user/controllers/ConfigController.php
index df32385..6f5497a 100644
--- a/application/modules/user/controllers/ConfigController.php
+++ b/application/modules/user/controllers/ConfigController.php
@@ -26,10 +26,7 @@ class user_ConfigController extends Zend_Controller_Action
 
 			$this->db = Zend_Db_Table::getDefaultAdapter();
 			
-			
 			$this->type = $this->_request->getParam('type');
-
-				
 		} else {
 			$this->_helper->redirector('login', 'auth');
 		}
@@ -155,10 +152,10 @@ class user_ConfigController extends Zend_Controller_Action
     	$this->configMapper->find($configID, $config);
     	
     	if($config->getMembershipID() != null){
-    		if($this->membership->getID() != $config->getMembershipID())
+    		if($this->membership->getID() != $config->getMembershipID() || !Pbs_Acl::checkRight('ceo'))
     			$this->_redirect('/user/config/index/type/'.$this->type.'/page/'.$this->page.'/modifyresult/forbidden');
     	}else{
-    		if($this->membership->getGroupID() != $config->getGroupID())
+    		if($this->membership->getGroupID() != $config->getGroupID() || (!Pbs_Acl::checkRight('ce') && !Pbs_Acl::checkRight('cem')))
     			$this->_redirect('/user/config/index/type/'.$this->type.'/page/'.$this->page.'/modifyresult/forbidden');
     	}
     	        
-- 
cgit v1.2.3-55-g7522