summaryrefslogtreecommitdiffstats
path: root/application/modules/user/controllers/AuthController.php
diff options
context:
space:
mode:
Diffstat (limited to 'application/modules/user/controllers/AuthController.php')
-rw-r--r--application/modules/user/controllers/AuthController.php18
1 files changed, 12 insertions, 6 deletions
diff --git a/application/modules/user/controllers/AuthController.php b/application/modules/user/controllers/AuthController.php
index 7eccc98..8160104 100644
--- a/application/modules/user/controllers/AuthController.php
+++ b/application/modules/user/controllers/AuthController.php
@@ -2,9 +2,7 @@
class User_AuthController extends Zend_Controller_Action
{
-
protected $personmapper = null;
-
private $db = null;
public function init()
@@ -120,11 +118,19 @@ class User_AuthController extends Zend_Controller_Action
public function deleteAction()
{
+ if($this->_request->getParam('personID')) {
+ if(!Pbs_Acl::checkRight('peoa')) {
+ $this->_redirect('/user');
+ }
+ $personID = $this->_request->getParam('personID');
+ } else {
+ if(!Pbs_Acl::checkRight('pdo')) {
+ $this->_redirect('/user');
+ }
+ $userIDsNamespace = Zend_Session::namespaceGet('userIDs');
+ $personID = $userIDsNamespace['personID'];
+ }
if($_POST['confirmdelete']) {
- $auth = Zend_Auth::getInstance();
- $result = $this->personmapper->findBy(array('email' => $auth->getIdentity()),true);
- $person = $result[0];
- $personID = $person["personID"];
if (isset($personID)){
$this->personmapper = new Application_Model_PersonMapper();
$person = $this->personmapper->find($personID);