Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop

src/Controller/AppController.php

@@ -110,6 +110,7 @@ class AppController extends Controller
             }
             unset($user['password']);
             $this->ACL->setUser($user);
+            $this->Navigation->genBreadcrumbs($user);
             $this->request->getSession()->write('authUser', $user);
             $this->isAdmin = $user['role']['perm_admin'];
             if (!$this->ParamHandler->isRest()) {

src/Controller/Component/ACLComponent.php

@@ -277,10 +277,30 @@ class ACLComponent extends Component
         $this->user = $user;
     }
 
-    public function getUser(): User
+    public function getUser(): ?User
     {
+        if (!empty($this->user)) {
             return $this->user;
         }
+        return null;
+    }
+
+    public function canEditUser(User $currentUser, User $user): bool
+    {
+        if (empty($user) || empty($currentUser)) {
+            return false;
+        }
+        if (!$currentUser['role']['perm_admin']) {
+            if (!$currentUser['role']['perm_org_admin']) {
+                return false;
+            } else {
+                if ($currentUser['organisation_id'] !== $user['organisation_id']) {
+                    return false;
+                }
+            }
+        }
+        return true;
+    }
 
     /*
      *  By default nothing besides the login is public. If configured, override the list with the additional interfaces

src/Controller/Component/Navigation/Users.php

@@ -24,7 +24,10 @@ class UsersNavigation extends BaseNavigation
         $bcf = $this->bcf;
         $request = $this->request;
         $passedData = $this->request->getParam('pass');
-        $this->bcf->addLink('Users', 'view', 'UserSettings', 'index', function ($config) use ($bcf, $request, $passedData) {
+        $currentUser = $this->currentUser;
+        $ownUser = (!empty($passedData[0]) && $passedData[0] === $currentUser['id']);
+        if ($ownUser) {
+            $this->bcf->addLink('Users', 'view', 'UserSettings', 'index', function ($config) use ($bcf, $request, $passedData, $currentUser) {
                 if (!empty($passedData[0])) {
                     $user_id = $passedData[0];
                     $linkData = [
@@ -35,6 +38,7 @@ class UsersNavigation extends BaseNavigation
                 }
                 return [];
             });
+        }
         $this->bcf->addLink('Users', 'view', 'UserSettings', 'index', function ($config) use ($bcf, $request, $passedData) {
             if (!empty($passedData[0])) {
                 $user_id = $passedData[0];

src/Controller/Component/Navigation/base.php

@@ -5,6 +5,7 @@ class BaseNavigation
 {
     protected $bcf;
     protected $request;
+    public $currentUser;
 
     public function __construct($bcf, $request)
     {
@@ -12,6 +13,11 @@ class BaseNavigation
         $this->request = $request;
     }
 
+    public function setCurrentUser($currentUser)
+    {
+        $this->currentUser = $currentUser;
+    }
+
     public function addRoutes() {}
     public function addParents() {}
     public function addLinks() {}

src/Model/Entity/Organisation.php

@@ -10,5 +10,10 @@ class Organisation extends AppModel
     protected $_accessible = [
         '*' => true,
         'id' => false,
+        'created' => false
+    ];
+
+    protected $_accessibleOnNew = [
+        'created' => true
     ];
 }