MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: Cannot delete users, fixes #1200

pull/1202/head
Iglocska 2016-06-03 17:43:27 +02:00
parent 3a28167a80
commit 6e9a448cbd
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
app/Controller/UsersController.php
View File

@ -562,15 +562,15 @@ class UsersController extends AppController {
}
if (!$this->_isAdmin()) throw new Exception('Administrators only.');
$this->User->id = $id;
$user = $this->User->read('email', $id);
$user = $this->User->find('first', array(
'conditions' => array('User.id' => $id),
'recursive' => -1
));
if (empty($user) || (!$this->_isSiteAdmin() && $user['User']['org_id'] != $this->Auth->user('id'))) {
throw new NotFoundException(__('Invalid user'));
}
$fieldsDescrStr = 'User (' . $id . '): ' . $user['User']['email'];
if (!$this->User->exists()) {
throw new NotFoundException(__('Invalid user'));
}
if (!$this->_isSiteAdmin && $this->User->data['User']['org_id'] != $this->Auth->user('id')) {
throw new NotFoundException(__('Invalid user'));
}
if ($this->User->delete()) {
if ($this->User->delete($id)) {
$this->__extralog("delete", $fieldsDescrStr, ''); // TODO Audit, check: modify User
$this->Session->setFlash(__('User deleted'));
$this->redirect(array('action' => 'index'));