chg: [users:index] Added setting to allow the deletion of users

Fix #119
develop-unstable
Sami Mokaddem 2023-02-16 15:07:06 +01:00
parent b0e06cd0f6
commit 0850c92e89
No known key found for this signature in database
GPG Key ID: 164C473F627A06FA
3 changed files with 13 additions and 1 deletions

View File

@ -308,6 +308,9 @@ class UsersController extends AppController
}
$params = [
'beforeSave' => function($data) use ($currentUser, $validRoles) {
if (empty(Configure::read('user.allow-user-deletion'))) {
throw new MethodNotAllowedException(__('User deletion is disabled on this instance.'));
}
if (!$currentUser['role']['perm_admin']) {
if ($data['organisation_id'] !== $currentUser['organisation_id']) {
throw new MethodNotAllowedException(__('You do not have permission to delete the given user.'));

View File

@ -342,7 +342,13 @@ class CerebrateSettingsProvider extends BaseSettingsProvider
'type' => 'boolean',
'description' => __('This setting will enforce that usernames conform to basic requirements of e-mail addresses.'),
'default' => false
]
],
'user.allow-user-deletion' => [
'name' => __('Allow user deletion'),
'type' => 'boolean',
'description' => __('This setting will allow the deletion of users by authorized users.'),
'default' => false
],
]
]
]

View File

@ -145,6 +145,9 @@ echo $this->element('genericElements/IndexTable/index_table', [
]
],
'function' => function ($row, $options) use ($loggedUser, $validRoles) {
if (empty(Configure::read('user.allow-user-deletion'))) {
return false;
}
if ($row['id'] == $loggedUser['id']) {
return false;
}