{
// first check they have perms to do this..
if (!$this->authUser || ($this->authUser->company_id_comptype != 'OWNER') || !$this->hasPerm('Core.Person', 'E')) {
- $this->jerr(
- }
+ $this->jerr("User switching not permitted");
+ }
+
+ $tbl = empty($ff->Pman['authTable']) ? 'Person' : $ff->Pman['authTable'];
+ $u = DB_DataObject::factory($tbl);
+ $u->get($id);
+ if (!$u->active()) {
+ $this->jerr('Account disabled');
+ }
+
+
}