diff --git a/src/Controller/Component/Navigation/OrgGroups.php b/src/Controller/Component/Navigation/OrgGroups.php index b23d339..549e8fb 100644 --- a/src/Controller/Component/Navigation/OrgGroups.php +++ b/src/Controller/Component/Navigation/OrgGroups.php @@ -8,7 +8,7 @@ class OrgGroupsNavigation extends BaseNavigation public function addLinks() { $controller = 'OrgGroups'; - if (empty($this->viewVars['canEdit'])) { + if (empty($this->viewVars['canEditDefinition'])) { $this->bcf->removeLink($controller, 'view', $controller, 'edit'); $this->bcf->removeLink($controller, 'edit', $controller, 'edit'); } @@ -17,9 +17,10 @@ class OrgGroupsNavigation extends BaseNavigation public function addActions() { $controller = 'OrgGroups'; - if (empty($this->viewVars['canEdit'])) { + if (empty($this->viewVars['canEditDefinition'])) { $this->bcf->removeAction($controller, 'view', $controller, 'delete'); $this->bcf->removeAction($controller, 'edit', $controller, 'delete'); + $this->bcf->removeAction($controller, 'view', $controller, 'add'); } } } diff --git a/src/Controller/OrgGroupsController.php b/src/Controller/OrgGroupsController.php index 105a69e..c775da5 100644 --- a/src/Controller/OrgGroupsController.php +++ b/src/Controller/OrgGroupsController.php @@ -58,6 +58,7 @@ class OrgGroupsController extends AppController return $responsePayload; } $this->set('canEdit', $this->canEdit($id)); + $this->set('canEditDefinition', $this->canEditDefinition($id)); } public function edit($id) @@ -136,6 +137,15 @@ class OrgGroupsController extends AppController return false; } + private function canEditDefinition($groupId): bool + { + $currentUser = $this->ACL->getUser(); + if ($currentUser['role']['perm_admin']) { + return true; + } + return false; + } + // Listing should be available to all, it's purely informational public function listAdmins($groupId) {