Merge branch 'main' into develop
iglocska
commit
3b21a746b9
|
|
@ -1,7 +1,9 @@
|
|||
## Requirements
|
||||
|
||||
An Ubuntu server (18.04/20.04 should both work fine) - though other linux installations should work too.
|
||||
|
||||
- apache2 (or nginx), mysql/mariadb, sqlite need to be installed and running
|
||||
- php version 8+ is required
|
||||
- php extensions for intl, mysql, sqlite3, mbstring, xml need to be installed and running
|
||||
- php extention for curl (not required but makes composer run a little faster)
|
||||
- composer
|
||||
|
|
|
|||
|
|
@ -420,10 +420,16 @@ class CRUDComponent extends Component
|
|||
}
|
||||
|
||||
$data = $this->Table->get($id, $params);
|
||||
if (empty($data)) {
|
||||
throw new NotFoundException(__('Invalid {0}.', $this->ObjectAlias));
|
||||
}
|
||||
$data = $this->attachMetaData($id, $data);
|
||||
if (isset($params['afterFind'])) {
|
||||
$data = $params['afterFind']($data);
|
||||
}
|
||||
if (empty($data)) {
|
||||
throw new NotFoundException(__('Invalid {0}.', $this->ObjectAlias));
|
||||
}
|
||||
if ($this->Controller->ParamHandler->isRest()) {
|
||||
$this->Controller->restResponsePayload = $this->RestResponse->viewData($data, 'json');
|
||||
}
|
||||
|
|
|
|||
|
|
@ -11,13 +11,17 @@ use Cake\Http\Exception\NotFoundException;
|
|||
use Cake\Http\Exception\MethodNotAllowedException;
|
||||
use Cake\Http\Exception\ForbiddenException;
|
||||
use Cake\Event\EventInterface;
|
||||
use Cake\Core\Configure;
|
||||
|
||||
class IndividualsController extends AppController
|
||||
{
|
||||
public function beforeFilter(EventInterface $event)
|
||||
{
|
||||
parent::beforeFilter($event);
|
||||
$this->Authentication->allowUnauthenticated(['index']);
|
||||
$open = Configure::read('Cerebrate.open');
|
||||
if (!empty($open) && in_array('individuals', $open)) {
|
||||
$this->Authentication->allowUnauthenticated(['index']);
|
||||
}
|
||||
}
|
||||
|
||||
public function index()
|
||||
|
|
|
|||
|
|
@ -10,13 +10,17 @@ use Cake\Http\Exception\NotFoundException;
|
|||
use Cake\Http\Exception\MethodNotAllowedException;
|
||||
use Cake\Http\Exception\ForbiddenException;
|
||||
use Cake\Event\EventInterface;
|
||||
use Cake\Core\Configure;
|
||||
|
||||
class OrganisationsController extends AppController
|
||||
{
|
||||
public function beforeFilter(EventInterface $event)
|
||||
{
|
||||
parent::beforeFilter($event);
|
||||
$this->Authentication->allowUnauthenticated(['index']);
|
||||
$open = Configure::read('Cerebrate.open');
|
||||
if (!empty($open) && in_array('organisations', $open)) {
|
||||
$this->Authentication->allowUnauthenticated(['index']);
|
||||
}
|
||||
}
|
||||
|
||||
public function index()
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ use Cake\Utility\Hash;
|
|||
use Cake\Utility\Text;
|
||||
use \Cake\Database\Expression\QueryExpression;
|
||||
use Cake\Error\Debugger;
|
||||
use Cake\Http\Exception\NotFoundException;
|
||||
|
||||
class SharingGroupsController extends AppController
|
||||
{
|
||||
|
|
@ -54,8 +55,25 @@ class SharingGroupsController extends AppController
|
|||
|
||||
public function view($id)
|
||||
{
|
||||
$currentUser = $this->ACL->getUser();
|
||||
$this->CRUD->view($id, [
|
||||
'contain' => ['SharingGroupOrgs', 'Organisations', 'Users' => ['fields' => ['id', 'username']]]
|
||||
'contain' => ['SharingGroupOrgs', 'Organisations', 'Users' => ['fields' => ['id', 'username']]],
|
||||
'afterFind' => function($data) use ($currentUser) {
|
||||
if (empty($currentUser['role']['perm_admin'])) {
|
||||
$orgFround = false;
|
||||
if (!empty($data['sharing_group_orgs'])) {
|
||||
foreach ($data['sharing_group_orgs'] as $org) {
|
||||
if ($org['id'] === $currentUser['organisation_id']) {
|
||||
$orgFound = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
if ($data['organisation_id'] !== $currentUser['organisation_id'] && !$orgFround) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
return $data;
|
||||
}
|
||||
]);
|
||||
$responsePayload = $this->CRUD->getResponsePayload();
|
||||
if (!empty($responsePayload)) {
|
||||
|
|
@ -87,7 +105,11 @@ class SharingGroupsController extends AppController
|
|||
|
||||
public function delete($id)
|
||||
{
|
||||
$this->CRUD->delete($id);
|
||||
$currentUser = $this->ACL->getUser();
|
||||
if (empty($currentUser['role']['perm_admin'])) {
|
||||
$params['conditions'] = ['organisation_id' => $currentUser['organisation_id']];
|
||||
}
|
||||
$this->CRUD->delete($id, $params);
|
||||
$responsePayload = $this->CRUD->getResponsePayload();
|
||||
if (!empty($responsePayload)) {
|
||||
return $responsePayload;
|
||||
|
|
@ -97,9 +119,18 @@ class SharingGroupsController extends AppController
|
|||
|
||||
public function addOrg($id)
|
||||
{
|
||||
$currentUser = $this->ACL->getUser();
|
||||
$sharingGroup = $this->SharingGroups->get($id, [
|
||||
'contain' => 'SharingGroupOrgs'
|
||||
]);
|
||||
if (empty($currentUser['role']['perm_admin'])) {
|
||||
if ($sharingGroup['organisation_id'] !== $currentUser['organisation_id']) {
|
||||
$sharingGroup = null;
|
||||
}
|
||||
}
|
||||
if (empty($sharingGroup)) {
|
||||
throw new NotFoundException(__('Invalid SharingGroup.'));
|
||||
}
|
||||
$conditions = [];
|
||||
$containedOrgIds = array_values(\Cake\Utility\Hash::extract($sharingGroup, 'sharing_group_orgs.{n}.id'));
|
||||
if (!empty($containedOrgIds)) {
|
||||
|
|
@ -156,9 +187,18 @@ class SharingGroupsController extends AppController
|
|||
|
||||
public function removeOrg($id, $org_id)
|
||||
{
|
||||
$currentUser = $this->ACL->getUser();
|
||||
$sharingGroup = $this->SharingGroups->get($id, [
|
||||
'contain' => 'SharingGroupOrgs'
|
||||
]);
|
||||
if (empty($currentUser['role']['perm_admin'])) {
|
||||
if ($sharingGroup['organisation_id'] !== $currentUser['organisation_id']) {
|
||||
$sharingGroup = null;
|
||||
}
|
||||
}
|
||||
if (empty($sharingGroup)) {
|
||||
throw new NotFoundException(__('Invalid SharingGroup.'));
|
||||
}
|
||||
if ($this->request->is('post')) {
|
||||
$org = $this->SharingGroups->SharingGroupOrgs->get($org_id);
|
||||
$result = (bool)$this->SharingGroups->SharingGroupOrgs->unlink($sharingGroup, [$org]);
|
||||
|
|
|
|||
|
|
@ -36,9 +36,16 @@ class UserSettingsController extends AppController
|
|||
return $responsePayload;
|
||||
}
|
||||
if (!empty($this->request->getQuery('Users_id'))) {
|
||||
$settingsForUser = $this->UserSettings->Users->find()->where([
|
||||
$conditions = [
|
||||
'id' => $this->request->getQuery('Users_id')
|
||||
])->first();
|
||||
];
|
||||
if (empty($currentUser['role']['perm_admin'])) {
|
||||
$conditions['organisation_id'] = $currentUser['organisation_id'];
|
||||
}
|
||||
$settingsForUser = $this->UserSettings->Users->find()->where($conditions)->first();
|
||||
if (empty($settingsForUser)) {
|
||||
throw new NotFoundException(__('Invalid {0}.', __('user')));
|
||||
}
|
||||
$this->set('settingsForUser', $settingsForUser);
|
||||
}
|
||||
}
|
||||
|
|
@ -233,7 +240,7 @@ class UserSettingsController extends AppController
|
|||
}
|
||||
|
||||
/**
|
||||
* isLoggedUserAllowedToEdit
|
||||
* isLoggedUserAllowedToEdit
|
||||
*
|
||||
* @param int|\App\Model\Entity\UserSetting $setting
|
||||
* @return boolean
|
||||
|
|
|
|||
|
|
@ -106,7 +106,7 @@
|
|||
'%s%s%s%s%s%s',
|
||||
empty($data['description']) ? '' : sprintf(
|
||||
'<div class="pb-2 fw-light">%s</div>',
|
||||
$data['description']
|
||||
h($data['description'])
|
||||
),
|
||||
$ajaxFlashMessage,
|
||||
$formCreate,
|
||||
|
|
@ -131,7 +131,7 @@
|
|||
'%s%s%s%s%s%s',
|
||||
empty($data['description']) ? '' : sprintf(
|
||||
'<div class="pb-2">%s</div>',
|
||||
$data['description']
|
||||
h($data['description'])
|
||||
),
|
||||
$ajaxFlashMessage,
|
||||
$formCreate,
|
||||
|
|
@ -157,7 +157,7 @@
|
|||
$ajaxFlashMessage,
|
||||
empty($data['description']) ? '' : sprintf(
|
||||
'<div class="pb-3 fw-light">%s</div>',
|
||||
$data['description']
|
||||
h($data['description'])
|
||||
),
|
||||
sprintf('<div class="panel">%s</div>', $fieldsString),
|
||||
empty($metaTemplateString) ? '' : $this->element(
|
||||
|
|
|
|||
Loading…
Reference in New Issue