2020-05-29 13:41:58 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace App\Controller;
|
|
|
|
|
|
|
|
use App\Controller\AppController;
|
|
|
|
use Cake\Utility\Hash;
|
|
|
|
use Cake\Utility\Text;
|
|
|
|
use Cake\Database\Expression\QueryExpression;
|
|
|
|
use Cake\Http\Exception\NotFoundException;
|
|
|
|
use Cake\Http\Exception\MethodNotAllowedException;
|
|
|
|
use Cake\Http\Exception\ForbiddenException;
|
2021-08-26 16:12:55 +02:00
|
|
|
use Cake\ORM\TableRegistry;
|
2020-05-29 13:41:58 +02:00
|
|
|
|
|
|
|
class IndividualsController extends AppController
|
|
|
|
{
|
2021-09-10 11:55:54 +02:00
|
|
|
public $quickFilterFields = ['uuid', ['email' => true], ['first_name' => true], ['last_name' => true], 'position'];
|
|
|
|
public $filterFields = ['uuid', 'email', 'first_name', 'last_name', 'position', 'Organisations.id', 'Alignments.type'];
|
|
|
|
public $containFields = ['Alignments' => 'Organisations'];
|
2021-11-17 17:04:39 +01:00
|
|
|
public $statisticsFields = ['position'];
|
2021-08-30 15:11:21 +02:00
|
|
|
|
2020-05-29 13:41:58 +02:00
|
|
|
public function index()
|
|
|
|
{
|
2022-10-31 14:42:58 +01:00
|
|
|
$currentUser = $this->ACL->getUser();
|
|
|
|
$orgAdmin = !$currentUser['role']['perm_admin'] && $currentUser['role']['perm_org_admin'];
|
2020-06-19 00:37:56 +02:00
|
|
|
$this->CRUD->index([
|
2021-09-10 11:55:54 +02:00
|
|
|
'filters' => $this->filterFields,
|
|
|
|
'quickFilters' => $this->quickFilterFields,
|
2021-11-10 15:28:09 +01:00
|
|
|
'quickFilterForMetaField' => ['enabled' => true, 'wildcard_search' => true],
|
2021-11-17 17:04:39 +01:00
|
|
|
'contain' => $this->containFields,
|
|
|
|
'statisticsFields' => $this->statisticsFields,
|
2022-11-13 11:09:34 +01:00
|
|
|
'afterFind' => function($data) use ($currentUser) {
|
|
|
|
if ($currentUser['role']['perm_admin']) {
|
|
|
|
$data['user'] = $this->Individuals->Users->find()->select(['id', 'username', 'Organisations.id', 'Organisations.name'])->contain('Organisations')->where(['individual_id' => $data['id']])->all()->toArray();
|
|
|
|
}
|
|
|
|
return $data;
|
|
|
|
}
|
2020-06-19 00:37:56 +02:00
|
|
|
]);
|
2021-01-11 16:28:07 +01:00
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
return $responsePayload;
|
2020-05-29 13:41:58 +02:00
|
|
|
}
|
2022-10-31 14:42:58 +01:00
|
|
|
$editableIds = null;
|
|
|
|
if ($orgAdmin) {
|
|
|
|
$editableIds = $this->Individuals->getValidIndividualsToEdit($currentUser);
|
|
|
|
}
|
|
|
|
$this->set('editableIds', $editableIds);
|
2020-06-19 00:37:56 +02:00
|
|
|
$this->set('alignmentScope', 'individuals');
|
2020-05-29 13:41:58 +02:00
|
|
|
}
|
|
|
|
|
2021-08-30 15:11:21 +02:00
|
|
|
public function filtering()
|
|
|
|
{
|
|
|
|
$this->CRUD->filtering();
|
|
|
|
}
|
|
|
|
|
2020-05-29 13:41:58 +02:00
|
|
|
public function add()
|
|
|
|
{
|
2020-06-19 00:37:56 +02:00
|
|
|
$this->CRUD->add();
|
2021-01-11 12:48:58 +01:00
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
return $responsePayload;
|
2020-05-29 13:41:58 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function view($id)
|
|
|
|
{
|
2020-06-19 00:37:56 +02:00
|
|
|
$this->CRUD->view($id, ['contain' => ['Alignments' => 'Organisations']]);
|
2021-01-11 12:48:58 +01:00
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
return $responsePayload;
|
2020-05-29 13:41:58 +02:00
|
|
|
}
|
2023-02-24 11:17:55 +01:00
|
|
|
$this->set('canEdit', $this->canEdit($id));
|
2023-09-06 09:48:16 +02:00
|
|
|
$this->set('canDelete', $this->canDelete($id));
|
2020-05-29 13:41:58 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
public function edit($id)
|
|
|
|
{
|
2023-02-24 11:17:55 +01:00
|
|
|
if (!$this->canEdit($id)) {
|
|
|
|
throw new MethodNotAllowedException(__('You cannot modify that individual.'));
|
2022-11-13 11:09:34 +01:00
|
|
|
}
|
2022-10-31 14:42:58 +01:00
|
|
|
$currentUser = $this->ACL->getUser();
|
2022-11-13 11:09:34 +01:00
|
|
|
$this->CRUD->edit($id, [
|
|
|
|
'beforeSave' => function($data) use ($currentUser) {
|
|
|
|
if ($currentUser['role']['perm_admin'] && isset($data['uuid'])) {
|
|
|
|
unset($data['uuid']);
|
|
|
|
}
|
|
|
|
return $data;
|
|
|
|
}
|
|
|
|
]);
|
2021-01-11 12:48:58 +01:00
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
return $responsePayload;
|
2020-05-29 13:41:58 +02:00
|
|
|
}
|
2023-09-06 09:48:16 +02:00
|
|
|
$this->set('canEdit', $this->canEdit($id));
|
|
|
|
$this->set('canDelete', $this->canDelete($id));
|
2020-05-29 13:41:58 +02:00
|
|
|
$this->render('add');
|
|
|
|
}
|
|
|
|
|
|
|
|
public function delete($id)
|
|
|
|
{
|
2023-03-13 08:05:32 +01:00
|
|
|
$params = [
|
|
|
|
'contain' => ['Users'],
|
|
|
|
'afterFind' => function($data, $params) {
|
|
|
|
if (!empty($data['user'])) {
|
|
|
|
throw new ForbiddenException(__('Individual associated to a user cannot be deleted.'));
|
|
|
|
}
|
|
|
|
return $data;
|
|
|
|
}
|
|
|
|
];
|
|
|
|
$this->CRUD->delete($id, $params);
|
2021-01-11 12:48:58 +01:00
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
return $responsePayload;
|
2020-05-29 13:41:58 +02:00
|
|
|
}
|
|
|
|
}
|
2021-08-26 12:06:12 +02:00
|
|
|
|
|
|
|
public function tag($id)
|
|
|
|
{
|
2023-02-24 11:17:55 +01:00
|
|
|
if (!$this->canEdit($id)) {
|
|
|
|
throw new MethodNotAllowedException(__('You cannot tag that individual.'));
|
|
|
|
}
|
2021-08-26 12:06:12 +02:00
|
|
|
$this->CRUD->tag($id);
|
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
return $responsePayload;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function untag($id)
|
|
|
|
{
|
2023-02-24 11:17:55 +01:00
|
|
|
if (!$this->canEdit($id)) {
|
|
|
|
throw new MethodNotAllowedException(__('You cannot untag that individual.'));
|
|
|
|
}
|
2021-08-26 12:06:12 +02:00
|
|
|
$this->CRUD->untag($id);
|
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
return $responsePayload;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function viewTags($id)
|
|
|
|
{
|
|
|
|
$this->CRUD->viewTags($id);
|
|
|
|
$responsePayload = $this->CRUD->getResponsePayload();
|
|
|
|
if (!empty($responsePayload)) {
|
|
|
|
return $responsePayload;
|
|
|
|
}
|
|
|
|
}
|
2023-02-24 11:17:55 +01:00
|
|
|
|
2023-02-27 12:14:13 +01:00
|
|
|
private function canEdit($indId): bool
|
2023-02-24 11:17:55 +01:00
|
|
|
{
|
|
|
|
$currentUser = $this->ACL->getUser();
|
|
|
|
if ($currentUser['role']['perm_admin']) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
$validIndividuals = $this->Individuals->getValidIndividualsToEdit($currentUser);
|
|
|
|
if (in_array($indId, $validIndividuals)) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
2023-09-06 09:48:16 +02:00
|
|
|
|
|
|
|
private function canDelete($indId): bool
|
|
|
|
{
|
|
|
|
$associatedUsersCount = $this->Individuals->Users->find()->select(['id'])->where(['individual_id' => $indId])->count();
|
|
|
|
if ($associatedUsersCount > 0) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
$currentUser = $this->ACL->getUser();
|
|
|
|
if ($currentUser['role']['perm_admin']) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
2020-05-29 13:41:58 +02:00
|
|
|
}
|