new: [individuals] rework

- allow modifications for org admins of individuals associated to their users - unless they're site admins - add user information to the individual index to bring clarity to the individual vs users confusion - rework of the user form field object
2022-11-13 11:09:34 +01:00 · 2022-11-13 11:09:34 +01:00 · 260e1d30a1
parent 951fbeaee5
commit 260e1d30a1
4 changed files with 50 additions and 8 deletions
--- a/src/Controller/IndividualsController.php
+++ b/src/Controller/IndividualsController.php
@ -28,6 +28,12 @@ class IndividualsController extends AppController
            'quickFilterForMetaField' => ['enabled' => true, 'wildcard_search' => true],
            'contain' => $this->containFields,
            'statisticsFields' => $this->statisticsFields,
+            'afterFind' => function($data) use ($currentUser) {
+                if ($currentUser['role']['perm_admin']) {
+                    $data['user'] = $this->Individuals->Users->find()->select(['id', 'username', 'Organisations.id', 'Organisations.name'])->contain('Organisations')->where(['individual_id' => $data['id']])->all()->toArray();
+                }
+                return $data;
+            }
        ]);
        $responsePayload = $this->CRUD->getResponsePayload();
        if (!empty($responsePayload)) {
@ -66,6 +72,13 @@ class IndividualsController extends AppController

    public function edit($id)
    {
+        $currentUser = $this->ACL->getUser();
+        if (!$currentUser['role']['perm_admin']) {
+            $validIndividuals = $this->Individuals->getValidIndividualsToEdit($currentUser);
+            if (!in_array($id, $validIndividuals)) {
+                throw new MethodNotAllowedException(__('You cannot modify that individual.'));    
+            }
+        }
        $currentUser = $this->ACL->getUser();
        $validIndividualIds = [];
        if ($currentUser['role']['perm_admin']) {
@ -74,7 +87,14 @@ class IndividualsController extends AppController
                throw new NotFoundException(__('Invalid individual.'));
            }
        }
-        $this->CRUD->edit($id);
+        $this->CRUD->edit($id, [
+            'beforeSave' => function($data) use ($currentUser) {
+                if ($currentUser['role']['perm_admin'] && isset($data['uuid'])) {
+                    unset($data['uuid']);
+                }
+                return $data;
+            }
+        ]);
        $responsePayload = $this->CRUD->getResponsePayload();
        if (!empty($responsePayload)) {
            return $responsePayload;
--- a/src/Model/Table/IndividualsTable.php
+++ b/src/Model/Table/IndividualsTable.php
@ -113,10 +113,12 @@ class IndividualsTable extends AppTable

    public function getValidIndividualsToEdit(object $currentUser): array
    {
+        $adminRoles = $this->Users->Roles->find('list')->select(['id'])->where(['perm_admin' => 1])->all()->toArray();
        $validIndividualIds = $this->Users->find('list')->select(['individual_id'])->where(
            [
                'organisation_id' => $currentUser['organisation_id'],
-                'disabled' => 0
+                'disabled' => 0,
+                'role_id NOT IN' => array_keys($adminRoles)
            ]
        )->all()->toArray();
        return array_keys($validIndividualIds);
--- a/templates/Individuals/index.php
+++ b/templates/Individuals/index.php
@ -52,6 +52,12 @@ echo $this->element('genericElements/IndexTable/index_table', [
                'sort' => 'last_name',
                'data_path' => 'last_name',
            ],
+            [
+                'name' => __('Associated User(s)'),
+                'sort' => 'user',
+                'data_path' => 'user',
+                'element' => 'user'
+            ],
            [
                'name' => __('Alignments'),
                'data_path' => 'alignments',
--- a/templates/element/genericElements/IndexTable/Fields/user.php
+++ b/templates/element/genericElements/IndexTable/Fields/user.php
@ -1,11 +1,25 @@
 <?php
    if (!empty($row['user'])) {
-        $userId = $this->Hash->extract($row, 'user.id')[0];
-        $userName = $this->Hash->extract($row, 'user.username')[0];
-        echo $this->Html->link(
-            h($userName),
-            ['controller' => 'users', 'action' => 'view', $userId]
-        );
+        if (isset($row['user']['id'])) {
+            $users = [$row['user']];
+        } else {
+            $users = $row['user'];
+        }
+        $links = [];
+        foreach ($users as $user) {
+            $orgPrepend = '';
+            if (!empty($user['organisation']['name']) && !empty($user['organisation']['id'])) {
+                $orgPrepend = '[' . $this->Html->link(
+                    h($user['organisation']['name']),
+                    ['controller' => 'organisations', 'action' => 'view', $user['organisation']['id']]
+                ) . '] ';
+            }
+            $links[] = $orgPrepend . $this->Html->link(
+                h($user['username']),
+                ['controller' => 'users', 'action' => 'view', $user['id']]
+            );
+        }
+        echo implode('<br />', $links);
    }

 ?>