mirror of https://github.com/MISP/MISP
fix: Changed checks from isSiteAdmin to isAclSharingGroup for the org index anonymisation
parent
7772b9c43e
commit
297802c2cb
|
@ -283,7 +283,7 @@ class LogsController extends AppController {
|
|||
}
|
||||
|
||||
public function returnDates($org = 'all') {
|
||||
if (!$this->_isSiteAdmin() && !empty(Configure::read('Security.hide_organisation_index_from_users'))) {
|
||||
if (!$role['perm_sharing_group'] && !empty(Configure::read('Security.hide_organisation_index_from_users'))) {
|
||||
if ($org !== 'all' && $org !== $this->Auth->user('Organisation')['name']) {
|
||||
throw new MethodNotAllowedException('Invalid organisation.');
|
||||
}
|
||||
|
|
|
@ -18,7 +18,7 @@ class OrganisationsController extends AppController {
|
|||
);
|
||||
|
||||
public function index() {
|
||||
if (!$this->_isSiteAdmin() && Configure::read('Security.hide_organisation_index_from_users')) {
|
||||
if (!$role['perm_sharing_group'] && Configure::read('Security.hide_organisation_index_from_users')) {
|
||||
throw new MethodNotAllowedException('This feature is disabled on this instance for normal users.');
|
||||
}
|
||||
$conditions = array();
|
||||
|
|
|
@ -89,7 +89,7 @@
|
|||
<li><a href="<?php echo $baseurl;?>/users/view/me">My Profile</a></li>
|
||||
<li><a href="<?php echo $baseurl;?>/users/dashboard">Dashboard</a></li>
|
||||
<?php
|
||||
if ($isSiteAdmin || empty(Configure::read('Security.hide_organisation_index_from_users'))):
|
||||
if ($isAclSharingGroup || empty(Configure::read('Security.hide_organisation_index_from_users'))):
|
||||
?>
|
||||
<li><a href="<?php echo $baseurl;?>/organisations/index">Organisations</a></li>
|
||||
<?php
|
||||
|
|
|
@ -150,7 +150,7 @@
|
|||
<li id='liview'><a href="<?php echo $baseurl;?>/users/view/me">My Profile</a></li>
|
||||
<li id='lidashboard'><a href="<?php echo $baseurl;?>/users/dashboard">Dashboard</a></li>
|
||||
<?php
|
||||
if ($isSiteAdmin || empty(Configure::read('Security.hide_organisation_index_from_users'))):
|
||||
if ($isAclSharingGroup || empty(Configure::read('Security.hide_organisation_index_from_users'))):
|
||||
?>
|
||||
<li id='liindexOrg'><a href="<?php echo $baseurl;?>/organisations/index">List Organisations</a></li>
|
||||
<?php
|
||||
|
|
Loading…
Reference in New Issue