public function preDispatch()
{
// make sure the id is valid
$id = $this->_getParam('id');
if ($id && $id != za()->getUser()->contactid) {
// see whether the id belongs to the same company at least
$contact = $this->byId();
$userContact = $this->clientService->getUserContact(za()->getUser());
if ($contact->clientid != $userContact->clientid) {
$this->requireLogin();
}
}
}