cerebrate-project
/
cerebrate
mirror of https://github.com/cerebrate-project/cerebrate
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'develop' into main

pull/92/head
iglocska 2022-01-18 17:53:35 +01:00
parent dbaa2ba7b3 f75d0829d1
commit 8c404d8427
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/Controller/UsersController.php
View File

@ -7,6 +7,7 @@ use Cake\Utility\Text;
use Cake\ORM\TableRegistry; use Cake\ORM\TableRegistry;
use \Cake\Database\Expression\QueryExpression; use \Cake\Database\Expression\QueryExpression;
use Cake\Http\Exception\UnauthorizedException; use Cake\Http\Exception\UnauthorizedException;
use Cake\Http\Exception\MethodNotAllowedException;
use Cake\Core\Configure; use Cake\Core\Configure;
class UsersController extends AppController class UsersController extends AppController
@ -100,11 +101,10 @@ class UsersController extends AppController
if (empty($id)) { if (empty($id)) {
$id = $currentUser['id']; $id = $currentUser['id'];
} else { } else {
$id = intval($id);
if ((empty($currentUser['role']['perm_org_admin']) && empty($currentUser['role']['perm_admin']))) { if ((empty($currentUser['role']['perm_org_admin']) && empty($currentUser['role']['perm_admin']))) {
if ($id !== $currentUser['id']) { if ($id !== $currentUser['id']) {
throw new MethodNotAllowedException(__('You are not authorised to edit that user.')); throw new MethodNotAllowedException(__('You are not authorised to edit that user.'));
} else {
$id = $currentUser['id'];
} }
} }
} }