Some minor internal fixes

classes/lnApp/Auth/ORM.php

@@ -98,7 +98,7 @@ abstract class lnApp_Auth_ORM extends Kohana_Auth_ORM {
 	 * @return boolean TRUE if authorised, FALSE if not.
 	 */
 	public function authorised(Model_Account $ao) {
-		return (($uo = $this->get_user()) AND $uo->loaded() AND ($uo == $ao OR in_array($ao->id,$uo->RTM->customers($uo->RTM))));
+		return (($uo = $this->get_user()) AND $uo->loaded() AND ($uo == $ao OR ($uo->admin > $ao->admin)));
 	}
 
 	public function get_groups() {
@@ -158,7 +158,8 @@ abstract class lnApp_Auth_ORM extends Kohana_Auth_ORM {
 
 		// If we are not a valid user object, then we are not logged in
 		if (is_object($uo) AND ($uo instanceof Model_Account) AND $uo->loaded())
-			$status = TRUE;
+			if (empty($role) OR ($role <= $uo->admin))
+				$status = TRUE;
 
 		return $status;
 	}