URL Permissions for Joomla Front-End Dashboard

Environment: Civicrm beta4, Joomla 1.5.4

I intend to allow a user in charge of an Organization to edit that Organization's Info and edit all members of the Organization. Once you establish needed relationships (owner-> organization, organization-> members) and logon as the owner of the organization through the Joomla front-end the dashboard shows the Organization however only Dashboard link works out of three. 'Edit Contact Information' link is blocked by URL filter in components/com_civicrm.php. In order for it to function I addedd 'contact' in allowed type of URL's ($validPath array).

// all profile and file urls, as well as user dashboard and tell-a-friend are valid
$arg1 = CRM_Utils_Array::value( 1, $args );
$validPaths = array( 'profile', 'user', 'dashboard', 'friend', 'file','contact' );
if ( in_array( $arg1 , $validPaths ) )

{ return true; }

1) My first question is: is that a horrible thing to do security-wise?
2) Once you get to edit the contact information the fancy Country/State selector doesn't work: administrator/components/com_civicrm/civicrm/bin/ajax.php&return=countries
Not sure how to fix it Sad