MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: Changed checks from isSiteAdmin to isAclSharingGroup for the org index anonymisation

pull/2831/head
iglocska 2018-01-13 17:00:44 +01:00
parent 7772b9c43e
commit 297802c2cb
4 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Controller/LogsController.php
View File

@ -283,7 +283,7 @@ class LogsController extends AppController {
}
public function returnDates($org = 'all') {
if (!$this->_isSiteAdmin() && !empty(Configure::read('Security.hide_organisation_index_from_users'))) {
if (!$role['perm_sharing_group'] && !empty(Configure::read('Security.hide_organisation_index_from_users'))) {
if ($org !== 'all' && $org !== $this->Auth->user('Organisation')['name']) {
throw new MethodNotAllowedException('Invalid organisation.');
}

2
app/Controller/OrganisationsController.php
View File

@ -18,7 +18,7 @@ class OrganisationsController extends AppController {
);
public function index() {
if (!$this->_isSiteAdmin() && Configure::read('Security.hide_organisation_index_from_users')) {
if (!$role['perm_sharing_group'] && Configure::read('Security.hide_organisation_index_from_users')) {
throw new MethodNotAllowedException('This feature is disabled on this instance for normal users.');
}
$conditions = array();

2
app/View/Elements/global_menu.ctp
View File

@ -89,7 +89,7 @@
<li><a href="<?php echo $baseurl;?>/users/view/me">My Profile</a></li>
<li><a href="<?php echo $baseurl;?>/users/dashboard">Dashboard</a></li>
<?php
if ($isSiteAdmin || empty(Configure::read('Security.hide_organisation_index_from_users'))):
if ($isAclSharingGroup || empty(Configure::read('Security.hide_organisation_index_from_users'))):
?>
<li><a href="<?php echo $baseurl;?>/organisations/index">Organisations</a></li>
<?php

2
app/View/Elements/side_menu.ctp
View File

@ -150,7 +150,7 @@
<li id='liview'><a href="<?php echo $baseurl;?>/users/view/me">My Profile</a></li>
<li id='lidashboard'><a href="<?php echo $baseurl;?>/users/dashboard">Dashboard</a></li>
<?php
if ($isSiteAdmin || empty(Configure::read('Security.hide_organisation_index_from_users'))):
if ($isAclSharingGroup || empty(Configure::read('Security.hide_organisation_index_from_users'))):
?>
<li id='liindexOrg'><a href="<?php echo $baseurl;?>/organisations/index">List Organisations</a></li>
<?php