GroupRights.php

diff --git a/GroupRights.php b/GroupRights.php
index 4180ef2..43034a9 100644 (file)
--- a/GroupRights.php
+++ b/GroupRights.php
@@ -14,6 +14,11 @@ class Pman_Admin_GroupRights extends Pman
         if (!$au) {
             $this->jerr("Not authenticated", array('authFailure' => true));
         }
+        
+        if ($au->company_id_comptype !='OWNER') {
+            $this->jerr("Error", "only company owners can manage groups");
+        }
+        
         $this->authUser = $au;
         return true;
     }