mirror of https://github.com/MISP/MISP
chg: [acl] Move org index access to ACLComponent
parent
2f63e89257
commit
ecd3943e34
|
@ -468,7 +468,7 @@ class ACLComponent extends Component
|
|||
'fetchOrgsForSG' => array('perm_sharing_group'),
|
||||
'fetchSGOrgRow' => array('*'),
|
||||
'getUUIDs' => array('perm_sync'),
|
||||
'index' => array('*'),
|
||||
'index' => ['organisation_index'],
|
||||
'view' => array('*'),
|
||||
),
|
||||
'pages' => array(
|
||||
|
@ -854,6 +854,13 @@ class ACLComponent extends Component
|
|||
$this->dynamicChecks['not_read_only_authkey'] = function (array $user) {
|
||||
return !isset($user['authkey_read_only']) || !$user['authkey_read_only'];
|
||||
};
|
||||
// If `Security.hide_organisation_index_from_users` is enabled, only user with sharing group permission can see org index
|
||||
$this->dynamicChecks['organisation_index'] = function (array $user) {
|
||||
if (Configure::read('Security.hide_organisation_index_from_users')) {
|
||||
return $user['Role']['perm_sharing_group'];
|
||||
}
|
||||
return true;
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -27,9 +27,6 @@ class OrganisationsController extends AppController
|
|||
|
||||
public function index()
|
||||
{
|
||||
if (!$this->Auth->user('Role')['perm_sharing_group'] && Configure::read('Security.hide_organisation_index_from_users')) {
|
||||
throw new MethodNotAllowedException(__('This feature is disabled on this instance for normal users.'));
|
||||
}
|
||||
$conditions = array();
|
||||
// We can either index all of the organisations existing on this instance (default)
|
||||
// or we can pass the 'external' keyword in the URL to look at the added external organisations
|
||||
|
|
|
@ -654,7 +654,7 @@ $divider = $this->element('/genericElements/SideMenu/side_menu_divider');
|
|||
'url' => $baseurl . '/dashboards',
|
||||
'text' => __('Dashboard')
|
||||
));
|
||||
if ($isAclSharingGroup || empty(Configure::read('Security.hide_organisation_index_from_users'))) {
|
||||
if ($this->Acl->canAccess('organisations', 'index')) {
|
||||
echo $this->element('/genericElements/SideMenu/side_menu_link', array(
|
||||
'element_id' => 'indexOrg',
|
||||
'url' => $baseurl . '/organisations/index',
|
||||
|
|
|
@ -186,7 +186,7 @@
|
|||
array(
|
||||
'text' => __('Organisations'),
|
||||
'url' => $baseurl . '/organisations/index',
|
||||
'requirement' => $isAclSharingGroup || empty(Configure::read('Security.hide_organisation_index_from_users'))
|
||||
'requirement' => $this->Acl->canAccess('organisations', 'index'),
|
||||
),
|
||||
array(
|
||||
'text' => __('Role Permissions'),
|
||||
|
|
Loading…
Reference in New Issue