Merge branch 'develop'

pull/163/head
iglocska 2023-09-13 07:07:34 +02:00
commit 1f78180986
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
8 changed files with 89 additions and 9 deletions

View File

@ -175,8 +175,8 @@ class ACLComponent extends Component
'listOrgs' => ['*'],
'assignAdmin' => ['perm_admin'],
'removeAdmin' => ['perm_admin'],
'attachOrg' => ['perm_group_admin'],
'detachOrg' => ['perm_group_admin']
'attachOrg' => ['perm_admin', 'perm_group_admin'],
'detachOrg' => ['perm_admin', 'perm_group_admin']
],
'Organisations' => [
'add' => ['perm_admin'],
@ -360,8 +360,8 @@ class ACLComponent extends Component
return false; // org_admins cannot edit admins
}
if ($currentUser['role']['perm_group_admin']) {
$this->OrgGroup = TableRegistry::get('OrgGroup');
if ($this->OrgGroup->checkIfUserBelongsToGroupAdminsGroup($currentUser, $user)) {
$this->OrgGroups = TableRegistry::get('OrgGroups');
if ($this->OrgGroups->checkIfUserBelongsToGroupAdminsGroup($currentUser, $user)) {
return true;
}
}

View File

@ -0,0 +1,25 @@
<?php
namespace BreadcrumbNavigation;
require_once(APP . 'Controller' . DS . 'Component' . DS . 'Navigation' . DS . 'base.php');
class OrgGroupsNavigation extends BaseNavigation
{
public function addLinks()
{
$controller = 'OrgGroups';
if (empty($this->viewVars['canEdit'])) {
$this->bcf->removeLink($controller, 'view', $controller, 'edit');
$this->bcf->removeLink($controller, 'edit', $controller, 'edit');
}
}
public function addActions()
{
$controller = 'OrgGroups';
if (empty($this->viewVars['canEdit'])) {
$this->bcf->removeAction($controller, 'view', $controller, 'delete');
$this->bcf->removeAction($controller, 'edit', $controller, 'delete');
}
}
}

View File

@ -5,4 +5,21 @@ require_once(APP . 'Controller' . DS . 'Component' . DS . 'Navigation' . DS . 'b
class OrganisationsNavigation extends BaseNavigation
{
public function addLinks()
{
$controller = 'Organisations';
if (empty($this->viewVars['canEdit'])) {
$this->bcf->removeLink($controller, 'view', $controller, 'edit');
$this->bcf->removeLink($controller, 'edit', $controller, 'edit');
}
}
public function addActions()
{
$controller = 'Organisations';
if (empty($this->viewVars['canEdit'])) {
$this->bcf->removeAction($controller, 'view', $controller, 'delete');
$this->bcf->removeAction($controller, 'edit', $controller, 'delete');
}
}
}

View File

@ -156,6 +156,7 @@ class NavigationComponent extends Component
$CRUDControllers = [
'Individuals',
'Organisations',
'OrgGroups',
'EncryptionKeys',
'SharingGroups',
'Broods',

View File

@ -39,7 +39,7 @@ class IndividualsController extends AppController
if (!empty($responsePayload)) {
return $responsePayload;
}
$editableIds = null;
$editableIds = [];
if ($orgAdmin) {
$editableIds = $this->Individuals->getValidIndividualsToEdit($currentUser);
}

View File

@ -7,6 +7,7 @@ use Cake\ORM\Table;
use Cake\Validation\Validator;
use Cake\Error\Debugger;
use App\Model\Entity\User;
use Cake\Utility\Hash;
class OrgGroupsTable extends AppTable
{
@ -37,6 +38,9 @@ class OrgGroupsTable extends AppTable
public function checkIfGroupAdmin(int $groupId, User $user): bool
{
if (!empty($user['role']['perm_admin'])) {
return true;
}
$orgGroup = $this->get($groupId, ['contain' => 'Users']);
if (empty($orgGroup)) {
return false;
@ -51,7 +55,38 @@ class OrgGroupsTable extends AppTable
public function checkIfUserBelongsToGroupAdminsGroup(User $currentUser, User $userToCheck): bool
{
$managedGroups = $this->find('list')->where(['Users.id' => $currentUser['id']])->select(['id', 'uuid'])->disableHydration()->toArray();
return isset($managedGroups[$userToCheck['org_id']]);
$managedGroups = $this->find('all')
->matching(
'Users',
function ($q) use ($currentUser) {
return $q->where(
[
'Users.id' => $currentUser['id']
]
);
}
)
->contain(['Organisations'])
->toArray();
$org_ids = Hash::extract($managedGroups, '{n}.organisations.{n}.id');
return in_array($userToCheck['organisation_id'], $org_ids);
}
public function getGroupOrgIdsForUser(User $user): array
{
$managedGroups = $this->find('all')
->matching(
'Users',
function ($q) use ($user) {
return $q->where(
[
'Users.id' => $user['id']
]
);
}
)
->contain(['Organisations'])
->toArray();
return array_unique(Hash::extract($managedGroups, '{n}.organisations.{n}.id'));
}
}

View File

@ -11,7 +11,8 @@ echo $this->element('genericElements/IndexTable/index_table', [
'type' => 'simple',
'text' => __('Add group'),
'class' => 'btn btn-primary',
'popover_url' => '/orgGroups/add'
'popover_url' => '/orgGroups/add',
'requirement' => !empty($loggedUser['role']['perm_admin']),
]
]
],

View File

@ -11,7 +11,8 @@ echo $this->element('genericElements/IndexTable/index_table', [
'type' => 'simple',
'text' => __('Add organisation'),
'class' => 'btn btn-primary',
'popover_url' => '/organisations/add'
'popover_url' => '/organisations/add',
'requirement' => !empty($loggedUser['role']['perm_admin']),
]
]
],