diff --git a/src/Controller/UsersController.php b/src/Controller/UsersController.php index dc9c34d..3bd715d 100644 --- a/src/Controller/UsersController.php +++ b/src/Controller/UsersController.php @@ -308,6 +308,9 @@ class UsersController extends AppController } $params = [ 'beforeSave' => function($data) use ($currentUser, $validRoles) { + if (empty(Configure::read('user.allow-user-deletion'))) { + throw new MethodNotAllowedException(__('User deletion is disabled on this instance.')); + } if (!$currentUser['role']['perm_admin']) { if ($data['organisation_id'] !== $currentUser['organisation_id']) { throw new MethodNotAllowedException(__('You do not have permission to delete the given user.')); diff --git a/src/Model/Table/SettingProviders/CerebrateSettingsProvider.php b/src/Model/Table/SettingProviders/CerebrateSettingsProvider.php index fb2faa0..3f9bb65 100644 --- a/src/Model/Table/SettingProviders/CerebrateSettingsProvider.php +++ b/src/Model/Table/SettingProviders/CerebrateSettingsProvider.php @@ -342,7 +342,13 @@ class CerebrateSettingsProvider extends BaseSettingsProvider 'type' => 'boolean', 'description' => __('This setting will enforce that usernames conform to basic requirements of e-mail addresses.'), 'default' => false - ] + ], + 'user.allow-user-deletion' => [ + 'name' => __('Allow user deletion'), + 'type' => 'boolean', + 'description' => __('This setting will allow the deletion of users by authorized users.'), + 'default' => false + ], ] ] ] diff --git a/templates/Users/index.php b/templates/Users/index.php index eac53d8..1dff40d 100644 --- a/templates/Users/index.php +++ b/templates/Users/index.php @@ -145,6 +145,9 @@ echo $this->element('genericElements/IndexTable/index_table', [ ] ], 'function' => function ($row, $options) use ($loggedUser, $validRoles) { + if (empty(Configure::read('user.allow-user-deletion'))) { + return false; + } if ($row['id'] == $loggedUser['id']) { return false; }