Replaced the hardcoded 'level' checks, and incorporated (as a first pass) the new permission mechanism

git-svn-id: file:///svn-source/pmgr/branches/pre_0.1_work_20090819@802 97e9348a-65ac-dc4b-aefc-98561f571b83

site/controllers/ledgers_controller.php

@@ -86,9 +86,8 @@ class LedgersController extends AppController {
       $conditions[] = array('Ledger.close_transaction_id !=' => null);
     }
 
-    // REVISIT <AP>: 20090811
-    //  No security issues have been worked out yet
-    $conditions[] = array('Account.level >=' => 10);
+    $conditions[] = array('Account.level >=' =>
+			  $this->Permission->level('controller.accounts'));
 
     return $conditions;
   }
@@ -107,8 +106,12 @@ class LedgersController extends AppController {
   }
 
   function gridDataPostProcessLinks(&$params, &$model, &$records, $links) {
-    $links['Ledger'] = array('name');
-    $links['Account'] = array('name');
+    // REVISIT <AP>: 20090827
+    //  Need to take 'level' into account
+    if ($this->Permission->allow('controller.accounts')) {
+      $links['Ledger'] = array('sequence');
+      $links['Account'] = array('name');
+    }
     return parent::gridDataPostProcessLinks($params, $model, $records, $links);
   }
 
@@ -128,9 +131,8 @@ class LedgersController extends AppController {
 		   'Account',
 		   ),
 	     'conditions' => array(array('Ledger.id' => $id),
-				   // REVISIT <AP>: 20090811
-				   //  No security issues have been worked out yet
-				   array('Account.level >=' => 10),
+				   array('Account.level >=' =>
+					 $this->Permission->level('controller.accounts')),
 				   ),
 	     )
        );