Added Readonly Preorder API user (Meridiam)

application/Api/v1/Modules/Preorder/Activation.php

@@ -18,6 +18,8 @@ class Activation extends Modules\ApiControllerModule {
    * POST /preorder/:code/serviceActivated
    */
   public function setServiceActive($code) {
+    if($this->me->is("Preorderreadonly")) return \mfResponse::Forbidden();
+
     $code = trim($code);
     if(!$code) {
       return \mfResponse::NotFound(["message" => "Preorder not found"]);

application/Api/v1/Modules/Preorder/Cif.php

@@ -18,6 +18,8 @@ class Cif extends Modules\ApiControllerModule {
    * GET /preorder/:code/clientInstallationFinished
    */
   public function providerSetCif($code) {
+    if($this->me->is("Preorderreadonly")) return \mfResponse::Forbidden();
+
     $code = trim($code);
     if(!$code) {
       return \mfResponse::NotFound(["message" => "Preorder not found"]);
@@ -59,6 +61,7 @@ class Cif extends Modules\ApiControllerModule {
    * GET /preorder/customerInstallationFeedback
    */
   public function getCifData() {
+    if($this->me->is("Preorderreadonly")) return \mfResponse::Forbidden();
     
     if(!array_key_exists("ciftoken", $this->get) || !$this->get['ciftoken']) {
       return \mfResponse::BadRequest(["message" => "ciftoken missing"]);
@@ -91,6 +94,7 @@ class Cif extends Modules\ApiControllerModule {
    * POST /preorder/customerInstallationFeedback
    */
   public function userSetCif() {
+    if($this->me->is("Preorderreadonly")) return \mfResponse::Forbidden();
     //return \mfResponse::InternalServerError();
     
     $ciftoken = false;