Merge branch 'main' into develop
iglocska
commit
3b21a746b9
|
|
@ -1,7 +1,9 @@
|
||||||
## Requirements
|
## Requirements
|
||||||
|
|
||||||
An Ubuntu server (18.04/20.04 should both work fine) - though other linux installations should work too.
|
An Ubuntu server (18.04/20.04 should both work fine) - though other linux installations should work too.
|
||||||
|
|
||||||
- apache2 (or nginx), mysql/mariadb, sqlite need to be installed and running
|
- apache2 (or nginx), mysql/mariadb, sqlite need to be installed and running
|
||||||
|
- php version 8+ is required
|
||||||
- php extensions for intl, mysql, sqlite3, mbstring, xml need to be installed and running
|
- php extensions for intl, mysql, sqlite3, mbstring, xml need to be installed and running
|
||||||
- php extention for curl (not required but makes composer run a little faster)
|
- php extention for curl (not required but makes composer run a little faster)
|
||||||
- composer
|
- composer
|
||||||
|
|
|
||||||
|
|
@ -420,10 +420,16 @@ class CRUDComponent extends Component
|
||||||
}
|
}
|
||||||
|
|
||||||
$data = $this->Table->get($id, $params);
|
$data = $this->Table->get($id, $params);
|
||||||
|
if (empty($data)) {
|
||||||
|
throw new NotFoundException(__('Invalid {0}.', $this->ObjectAlias));
|
||||||
|
}
|
||||||
$data = $this->attachMetaData($id, $data);
|
$data = $this->attachMetaData($id, $data);
|
||||||
if (isset($params['afterFind'])) {
|
if (isset($params['afterFind'])) {
|
||||||
$data = $params['afterFind']($data);
|
$data = $params['afterFind']($data);
|
||||||
}
|
}
|
||||||
|
if (empty($data)) {
|
||||||
|
throw new NotFoundException(__('Invalid {0}.', $this->ObjectAlias));
|
||||||
|
}
|
||||||
if ($this->Controller->ParamHandler->isRest()) {
|
if ($this->Controller->ParamHandler->isRest()) {
|
||||||
$this->Controller->restResponsePayload = $this->RestResponse->viewData($data, 'json');
|
$this->Controller->restResponsePayload = $this->RestResponse->viewData($data, 'json');
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -11,13 +11,17 @@ use Cake\Http\Exception\NotFoundException;
|
||||||
use Cake\Http\Exception\MethodNotAllowedException;
|
use Cake\Http\Exception\MethodNotAllowedException;
|
||||||
use Cake\Http\Exception\ForbiddenException;
|
use Cake\Http\Exception\ForbiddenException;
|
||||||
use Cake\Event\EventInterface;
|
use Cake\Event\EventInterface;
|
||||||
|
use Cake\Core\Configure;
|
||||||
|
|
||||||
class IndividualsController extends AppController
|
class IndividualsController extends AppController
|
||||||
{
|
{
|
||||||
public function beforeFilter(EventInterface $event)
|
public function beforeFilter(EventInterface $event)
|
||||||
{
|
{
|
||||||
parent::beforeFilter($event);
|
parent::beforeFilter($event);
|
||||||
$this->Authentication->allowUnauthenticated(['index']);
|
$open = Configure::read('Cerebrate.open');
|
||||||
|
if (!empty($open) && in_array('individuals', $open)) {
|
||||||
|
$this->Authentication->allowUnauthenticated(['index']);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function index()
|
public function index()
|
||||||
|
|
|
||||||
|
|
@ -10,13 +10,17 @@ use Cake\Http\Exception\NotFoundException;
|
||||||
use Cake\Http\Exception\MethodNotAllowedException;
|
use Cake\Http\Exception\MethodNotAllowedException;
|
||||||
use Cake\Http\Exception\ForbiddenException;
|
use Cake\Http\Exception\ForbiddenException;
|
||||||
use Cake\Event\EventInterface;
|
use Cake\Event\EventInterface;
|
||||||
|
use Cake\Core\Configure;
|
||||||
|
|
||||||
class OrganisationsController extends AppController
|
class OrganisationsController extends AppController
|
||||||
{
|
{
|
||||||
public function beforeFilter(EventInterface $event)
|
public function beforeFilter(EventInterface $event)
|
||||||
{
|
{
|
||||||
parent::beforeFilter($event);
|
parent::beforeFilter($event);
|
||||||
$this->Authentication->allowUnauthenticated(['index']);
|
$open = Configure::read('Cerebrate.open');
|
||||||
|
if (!empty($open) && in_array('organisations', $open)) {
|
||||||
|
$this->Authentication->allowUnauthenticated(['index']);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function index()
|
public function index()
|
||||||
|
|
|
||||||
|
|
@ -7,6 +7,7 @@ use Cake\Utility\Hash;
|
||||||
use Cake\Utility\Text;
|
use Cake\Utility\Text;
|
||||||
use \Cake\Database\Expression\QueryExpression;
|
use \Cake\Database\Expression\QueryExpression;
|
||||||
use Cake\Error\Debugger;
|
use Cake\Error\Debugger;
|
||||||
|
use Cake\Http\Exception\NotFoundException;
|
||||||
|
|
||||||
class SharingGroupsController extends AppController
|
class SharingGroupsController extends AppController
|
||||||
{
|
{
|
||||||
|
|
@ -54,8 +55,25 @@ class SharingGroupsController extends AppController
|
||||||
|
|
||||||
public function view($id)
|
public function view($id)
|
||||||
{
|
{
|
||||||
|
$currentUser = $this->ACL->getUser();
|
||||||
$this->CRUD->view($id, [
|
$this->CRUD->view($id, [
|
||||||
'contain' => ['SharingGroupOrgs', 'Organisations', 'Users' => ['fields' => ['id', 'username']]]
|
'contain' => ['SharingGroupOrgs', 'Organisations', 'Users' => ['fields' => ['id', 'username']]],
|
||||||
|
'afterFind' => function($data) use ($currentUser) {
|
||||||
|
if (empty($currentUser['role']['perm_admin'])) {
|
||||||
|
$orgFround = false;
|
||||||
|
if (!empty($data['sharing_group_orgs'])) {
|
||||||
|
foreach ($data['sharing_group_orgs'] as $org) {
|
||||||
|
if ($org['id'] === $currentUser['organisation_id']) {
|
||||||
|
$orgFound = true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if ($data['organisation_id'] !== $currentUser['organisation_id'] && !$orgFround) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $data;
|
||||||
|
}
|
||||||
]);
|
]);
|
||||||
$responsePayload = $this->CRUD->getResponsePayload();
|
$responsePayload = $this->CRUD->getResponsePayload();
|
||||||
if (!empty($responsePayload)) {
|
if (!empty($responsePayload)) {
|
||||||
|
|
@ -87,7 +105,11 @@ class SharingGroupsController extends AppController
|
||||||
|
|
||||||
public function delete($id)
|
public function delete($id)
|
||||||
{
|
{
|
||||||
$this->CRUD->delete($id);
|
$currentUser = $this->ACL->getUser();
|
||||||
|
if (empty($currentUser['role']['perm_admin'])) {
|
||||||
|
$params['conditions'] = ['organisation_id' => $currentUser['organisation_id']];
|
||||||
|
}
|
||||||
|
$this->CRUD->delete($id, $params);
|
||||||
$responsePayload = $this->CRUD->getResponsePayload();
|
$responsePayload = $this->CRUD->getResponsePayload();
|
||||||
if (!empty($responsePayload)) {
|
if (!empty($responsePayload)) {
|
||||||
return $responsePayload;
|
return $responsePayload;
|
||||||
|
|
@ -97,9 +119,18 @@ class SharingGroupsController extends AppController
|
||||||
|
|
||||||
public function addOrg($id)
|
public function addOrg($id)
|
||||||
{
|
{
|
||||||
|
$currentUser = $this->ACL->getUser();
|
||||||
$sharingGroup = $this->SharingGroups->get($id, [
|
$sharingGroup = $this->SharingGroups->get($id, [
|
||||||
'contain' => 'SharingGroupOrgs'
|
'contain' => 'SharingGroupOrgs'
|
||||||
]);
|
]);
|
||||||
|
if (empty($currentUser['role']['perm_admin'])) {
|
||||||
|
if ($sharingGroup['organisation_id'] !== $currentUser['organisation_id']) {
|
||||||
|
$sharingGroup = null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (empty($sharingGroup)) {
|
||||||
|
throw new NotFoundException(__('Invalid SharingGroup.'));
|
||||||
|
}
|
||||||
$conditions = [];
|
$conditions = [];
|
||||||
$containedOrgIds = array_values(\Cake\Utility\Hash::extract($sharingGroup, 'sharing_group_orgs.{n}.id'));
|
$containedOrgIds = array_values(\Cake\Utility\Hash::extract($sharingGroup, 'sharing_group_orgs.{n}.id'));
|
||||||
if (!empty($containedOrgIds)) {
|
if (!empty($containedOrgIds)) {
|
||||||
|
|
@ -156,9 +187,18 @@ class SharingGroupsController extends AppController
|
||||||
|
|
||||||
public function removeOrg($id, $org_id)
|
public function removeOrg($id, $org_id)
|
||||||
{
|
{
|
||||||
|
$currentUser = $this->ACL->getUser();
|
||||||
$sharingGroup = $this->SharingGroups->get($id, [
|
$sharingGroup = $this->SharingGroups->get($id, [
|
||||||
'contain' => 'SharingGroupOrgs'
|
'contain' => 'SharingGroupOrgs'
|
||||||
]);
|
]);
|
||||||
|
if (empty($currentUser['role']['perm_admin'])) {
|
||||||
|
if ($sharingGroup['organisation_id'] !== $currentUser['organisation_id']) {
|
||||||
|
$sharingGroup = null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (empty($sharingGroup)) {
|
||||||
|
throw new NotFoundException(__('Invalid SharingGroup.'));
|
||||||
|
}
|
||||||
if ($this->request->is('post')) {
|
if ($this->request->is('post')) {
|
||||||
$org = $this->SharingGroups->SharingGroupOrgs->get($org_id);
|
$org = $this->SharingGroups->SharingGroupOrgs->get($org_id);
|
||||||
$result = (bool)$this->SharingGroups->SharingGroupOrgs->unlink($sharingGroup, [$org]);
|
$result = (bool)$this->SharingGroups->SharingGroupOrgs->unlink($sharingGroup, [$org]);
|
||||||
|
|
|
||||||
|
|
@ -36,9 +36,16 @@ class UserSettingsController extends AppController
|
||||||
return $responsePayload;
|
return $responsePayload;
|
||||||
}
|
}
|
||||||
if (!empty($this->request->getQuery('Users_id'))) {
|
if (!empty($this->request->getQuery('Users_id'))) {
|
||||||
$settingsForUser = $this->UserSettings->Users->find()->where([
|
$conditions = [
|
||||||
'id' => $this->request->getQuery('Users_id')
|
'id' => $this->request->getQuery('Users_id')
|
||||||
])->first();
|
];
|
||||||
|
if (empty($currentUser['role']['perm_admin'])) {
|
||||||
|
$conditions['organisation_id'] = $currentUser['organisation_id'];
|
||||||
|
}
|
||||||
|
$settingsForUser = $this->UserSettings->Users->find()->where($conditions)->first();
|
||||||
|
if (empty($settingsForUser)) {
|
||||||
|
throw new NotFoundException(__('Invalid {0}.', __('user')));
|
||||||
|
}
|
||||||
$this->set('settingsForUser', $settingsForUser);
|
$this->set('settingsForUser', $settingsForUser);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -233,7 +240,7 @@ class UserSettingsController extends AppController
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* isLoggedUserAllowedToEdit
|
* isLoggedUserAllowedToEdit
|
||||||
*
|
*
|
||||||
* @param int|\App\Model\Entity\UserSetting $setting
|
* @param int|\App\Model\Entity\UserSetting $setting
|
||||||
* @return boolean
|
* @return boolean
|
||||||
|
|
|
||||||
|
|
@ -106,7 +106,7 @@
|
||||||
'%s%s%s%s%s%s',
|
'%s%s%s%s%s%s',
|
||||||
empty($data['description']) ? '' : sprintf(
|
empty($data['description']) ? '' : sprintf(
|
||||||
'<div class="pb-2 fw-light">%s</div>',
|
'<div class="pb-2 fw-light">%s</div>',
|
||||||
$data['description']
|
h($data['description'])
|
||||||
),
|
),
|
||||||
$ajaxFlashMessage,
|
$ajaxFlashMessage,
|
||||||
$formCreate,
|
$formCreate,
|
||||||
|
|
@ -131,7 +131,7 @@
|
||||||
'%s%s%s%s%s%s',
|
'%s%s%s%s%s%s',
|
||||||
empty($data['description']) ? '' : sprintf(
|
empty($data['description']) ? '' : sprintf(
|
||||||
'<div class="pb-2">%s</div>',
|
'<div class="pb-2">%s</div>',
|
||||||
$data['description']
|
h($data['description'])
|
||||||
),
|
),
|
||||||
$ajaxFlashMessage,
|
$ajaxFlashMessage,
|
||||||
$formCreate,
|
$formCreate,
|
||||||
|
|
@ -157,7 +157,7 @@
|
||||||
$ajaxFlashMessage,
|
$ajaxFlashMessage,
|
||||||
empty($data['description']) ? '' : sprintf(
|
empty($data['description']) ? '' : sprintf(
|
||||||
'<div class="pb-3 fw-light">%s</div>',
|
'<div class="pb-3 fw-light">%s</div>',
|
||||||
$data['description']
|
h($data['description'])
|
||||||
),
|
),
|
||||||
sprintf('<div class="panel">%s</div>', $fieldsString),
|
sprintf('<div class="panel">%s</div>', $fieldsString),
|
||||||
empty($metaTemplateString) ? '' : $this->element(
|
empty($metaTemplateString) ? '' : $this->element(
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue