# This patch file was generated by NetBeans IDE
# Following Index: paths are relative to: Joomla root
# This patch can be applied using context Tools: Patch action on respective folder.
# It uses platform neutral UTF-8 encoding and \n newlines.
# Above lines and this line are ignored by the patching process.
--- /administrator/components/com_comprofiler/library/cb/cb.acl.php
+++ /administrator/components/com_comprofiler/library/cb/cb.acl.php
@@ -604,6 +604,81 @@
 		return $rows;
 	}
 
+	function get_groups_above_me( $myId = null, $raw = false ) {
+		global $_CB_framework;
+
+		static $gids			=	array();
+
+		if ( $myId === null ) {
+			$myId				=	$_CB_framework->myId();
+		} else {
+			$myId				=	(int) $myId;
+		}
+
+		if ( ! isset( $gids[$myId] ) ) {
+			if ( checkJversion() == 2 ) {
+				$my_groups		=	$this->get_object_groups( $myId );
+			} elseif ( checkJversion() == 1 ) {
+				$aro_id			=	$this->get_object_id( 'users', $myId, 'ARO' );
+				$my_groups		=	$this->get_object_groups( $aro_id, 'ARO' );
+			} else {
+				$my_groups		=	$this->get_object_groups( 'users', $myId, 'ARO' );
+			}
+
+			$my_gids			=	array();
+
+			if ( $my_groups ) foreach ( $my_groups as $gid ) {
+				$my_gids		=	array_unique( array_merge( $my_gids, $this->get_group_parent_ids( $gid ) ) );
+
+				if ( checkJversion() == 2 ) {
+					$my_gids	=	array_unique( array_merge( $my_gids, $this->get_object_groups( $myId, null, 'RECURSE' ) ) );
+				}
+			}
+
+			if ( ( ! is_array( $my_gids ) ) || empty( $my_gids ) ) {
+				$my_gids		=	array();
+			} else {
+				cbArrayToInts( $my_gids );
+
+				$below_me		=	$this->get_groups_below_me( $myId, true );
+
+				if ( $below_me ) foreach ( $my_gids as $k => $v ) {
+					if ( in_array( $v, $below_me ) ) {
+						unset( $my_gids[$k] );
+					}
+				}
+			}
+
+			$groups				=	$this->get_group_children_tree( null, 'USERS', false );
+
+			if ( $groups ) foreach ( $groups as $k => $v ) {
+				if ( ! in_array( (int) $v->value, $my_gids ) ) {
+					unset( $groups[$k] );
+				}
+			}
+
+			$gids[$myId]		=	array_values( $groups );
+		}
+
+		$rows					=	$gids[$myId];
+
+		if ( $rows ) {
+			if ( $raw ) {
+				$grps			=	array();
+
+				foreach ( $rows as $row ) {
+					$grps[]		=	(int) $row->value;
+				}
+
+				$rows			=	$grps;
+			}
+		} else {
+			$rows				=	array();
+		}
+
+		return $rows;
+	}
+
 	/**
 	 * Prepare top most GID from array of IDs
 	 *
@@ -711,41 +786,33 @@
 				if ( ( ! $allow_myself ) && ( $user_id == $_CB_framework->myId() ) ){
 	 				$msg				.=	"You cannot $action Yourself! ";
 	 			} else {
-//// OLD WAY:
-	 				$myGid				=	$this->get_user_group_id( $_CB_framework->myId() );
-
-	 				if ( $myGid != $cms_super_admin ) {
-		 				if ( ( ( $obj->gid == $myGid ) && ! in_array( $myGid, $cms_admins ) ) || ( $user_id && $obj->gid && ! in_array( $obj->gid, $this->get_group_children_ids( $myGid ) ) ) ) {
-							$msg		.=	"You cannot $action a `$this_group`. Only higher-level users have this power. ";
-		 				}
-	 				}
-//// NEW WAY:
+	 				$userGids			=	$this->get_groups_above_me( $user_id, true );
 	 				$myGids				=	$this->get_groups_below_me( $_CB_framework->myId(), true );
 
-	 				if ( ! in_array( $cms_super_admin, $myGids ) ) {
-						if ( ( ( ! array_intersect( $myGids, $obj->gids ) ) && ( ! array_intersect( $myGids, $cms_admins ) ) ) || ( $user_id && $obj->gids && ( ! array_intersect( $obj->gids, $myGids ) ) ) ) {
+					if ( checkJversion() == 2 ) {
+						$myGroups		=	$this->get_object_groups( $_CB_framework->myId() );
+					} elseif ( checkJversion() == 1 ) {
+						$myAro_id		=	$this->get_object_id( 'users', $_CB_framework->myId(), 'ARO' );
+						$myGroups		=	$this->get_object_groups( $myAro_id, 'ARO' );
+					} else {
+						$myGroups		=	$this->get_object_groups( 'users', $_CB_framework->myId(), 'ARO' );
+					}
+
+					if ( ( ! in_array( $cms_super_admin, $myGids ) ) && ( ! ( ( $user_id == $_CB_framework->myId() ) && array_intersect( $myGids, $cms_admins ) ) ) ) {
+						if ( ( ( ! array_intersect( $userGids, $myGroups ) ) && ( ! array_intersect( $myGids, $cms_admins ) ) ) || ( $user_id && $obj->gids && ( ! array_intersect( $userGids, $myGroups ) ) ) ) {
 							$msg		.=	"You cannot $action a `$this_group`. Only higher-level users have this power. ";
 		 				}
 	 				}
-//// END.
 				}
 			}
 		} else {
 			$this_group 				=	'Registered';
 			$gid 						=	$this->get_group_id( $this_group, 'ARO' );
-//// OLD WAY:
-			$myGid						=	$this->get_user_group_id( $_CB_framework->myId() );
-
-			if ( ( ( $gid == $myGid ) && ! in_array( $myGid, $cms_admins ) ) || ( $gid && ! in_array( $gid, $this->get_group_children_ids( $myGid ) ) ) ) {
-				$msg					.=	"You cannot $action a `$this_group`. Only higher-level users have this power. ";
-			}
-//// NEW WAY:
 			$myGids						=	$this->get_groups_below_me( $_CB_framework->myId(), true );
 
-			if ( ( ! array_intersect( $myGids, array( $gid ) ) && ( ! array_intersect( $myGids, $cms_admins ) ) ) || ( $gid && ( ! array_intersect( array( $gid ), $myGids ) ) ) ) {
+			if ( ( ! in_array( $gid, $myGids ) && ( ! array_intersect( $myGids, $cms_admins ) ) ) || ( $gid && ( ! in_array( $gid, $myGids ) ) ) ) {
 				$msg					.=	"You cannot $action a `$this_group`. Only higher-level users have this power. ";
 			}
-//// END.
\ No newline at end of file
 		}
 
 		return $msg;