getAuthUser(); $this->authUser = false; if ($au) { $this->authUser = $au; } return true; } function delete($c, $req) { $this->jerr("Delete not permitted yet..."); // only post requests..??? // need perms sorting out first. } function checkPerm($obj, $lvl, $req=null) { //if ($this->authUser) { $res = parent::checkPerm($obj,$lvl,$req); if ($res) { return $res; } //} // not authenticated... // these checks only apply to non-company users. // normally allowed, but we have more restrictions... switch($obj->tablename()) { case 'core_enum': if (empty($req['etype'])) { return false; } if ($lvl != 'S') { return false; } switch ($req['etype']) { case 'classification': case 'severity': case 'resolution': case 'priority': case 'ticketstate': // not a member of the company.. // not allowed in.. return true; default: return false; } break; // should not get here... default: return false; } } }