4 require_once 'Pman/Roo.php';
8 * This extends the standard Roo API
10 * however it has to verify that we send data protected, as it's pretty open!!!
16 class MTrackWeb_Roo extends Pman_Roo
18 var $validTables = array(
19 'mtrack_ticket', /// all of these MUST have applyFilters, and check authenication..
20 'Mtrack_ticket', /// all of these MUST have applyFilters, and check authenication..
32 Pman::getAuth(); // load company!
33 $au = $this->getAuthUser();
34 $this->authUser = false;
36 $this->authUser = $au;
44 $this->jerr("Delete not permitted yet...");
45 // only post requests..???
46 // need perms sorting out first.
49 function checkPerm($obj, $lvl, $req=null) {
50 $res = parent::checkPerm($obj,$lvl,$req);
55 if (!$this->authUser && $this->authUser->company()->comptype == 'OWNER') {
58 // these checks only apply to non-company users.
60 // normally allowed, but we have more restrictions...
61 switch($obj->tablename()) {
63 if (empty($req['etype'])) {
70 switch ($req['etype']) {
72 case 'classification':
79 // not a member of the company..