Merge branch 'develop' of github.com:cerebrate-project/cerebrate into develop
commit
92b35f9306
|
@ -8,7 +8,7 @@ class OrgGroupsNavigation extends BaseNavigation
|
||||||
public function addLinks()
|
public function addLinks()
|
||||||
{
|
{
|
||||||
$controller = 'OrgGroups';
|
$controller = 'OrgGroups';
|
||||||
if (empty($this->viewVars['canEdit'])) {
|
if (empty($this->viewVars['canEditDefinition'])) {
|
||||||
$this->bcf->removeLink($controller, 'view', $controller, 'edit');
|
$this->bcf->removeLink($controller, 'view', $controller, 'edit');
|
||||||
$this->bcf->removeLink($controller, 'edit', $controller, 'edit');
|
$this->bcf->removeLink($controller, 'edit', $controller, 'edit');
|
||||||
}
|
}
|
||||||
|
@ -17,9 +17,10 @@ class OrgGroupsNavigation extends BaseNavigation
|
||||||
public function addActions()
|
public function addActions()
|
||||||
{
|
{
|
||||||
$controller = 'OrgGroups';
|
$controller = 'OrgGroups';
|
||||||
if (empty($this->viewVars['canEdit'])) {
|
if (empty($this->viewVars['canEditDefinition'])) {
|
||||||
$this->bcf->removeAction($controller, 'view', $controller, 'delete');
|
$this->bcf->removeAction($controller, 'view', $controller, 'delete');
|
||||||
$this->bcf->removeAction($controller, 'edit', $controller, 'delete');
|
$this->bcf->removeAction($controller, 'edit', $controller, 'delete');
|
||||||
|
$this->bcf->removeAction($controller, 'view', $controller, 'add');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -58,6 +58,7 @@ class OrgGroupsController extends AppController
|
||||||
return $responsePayload;
|
return $responsePayload;
|
||||||
}
|
}
|
||||||
$this->set('canEdit', $this->canEdit($id));
|
$this->set('canEdit', $this->canEdit($id));
|
||||||
|
$this->set('canEditDefinition', $this->canEditDefinition($id));
|
||||||
}
|
}
|
||||||
|
|
||||||
public function edit($id)
|
public function edit($id)
|
||||||
|
@ -136,6 +137,15 @@ class OrgGroupsController extends AppController
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private function canEditDefinition($groupId): bool
|
||||||
|
{
|
||||||
|
$currentUser = $this->ACL->getUser();
|
||||||
|
if ($currentUser['role']['perm_admin']) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
// Listing should be available to all, it's purely informational
|
// Listing should be available to all, it's purely informational
|
||||||
public function listAdmins($groupId)
|
public function listAdmins($groupId)
|
||||||
{
|
{
|
||||||
|
|
|
@ -72,7 +72,7 @@ class UsersController extends AppController
|
||||||
];
|
];
|
||||||
$individual_ids = [];
|
$individual_ids = [];
|
||||||
if (!$currentUser['role']['perm_admin']) {
|
if (!$currentUser['role']['perm_admin']) {
|
||||||
if (!$currentUser['role']['perm_group_admin']) {
|
if ($currentUser['role']['perm_group_admin']) {
|
||||||
$validRoles = $this->Users->Roles->find('list')->select(['id', 'name'])->order(['name' => 'asc'])->where(['perm_admin' => 0, 'perm_group_admin' => 0])->all()->toArray();
|
$validRoles = $this->Users->Roles->find('list')->select(['id', 'name'])->order(['name' => 'asc'])->where(['perm_admin' => 0, 'perm_group_admin' => 0])->all()->toArray();
|
||||||
$individual_ids = $this->Users->Individuals->find('aligned', ['organisation_id' => $currentUser['organisation_id']])->all()->extract('id')->toArray();
|
$individual_ids = $this->Users->Individuals->find('aligned', ['organisation_id' => $currentUser['organisation_id']])->all()->extract('id')->toArray();
|
||||||
} else {
|
} else {
|
||||||
|
@ -219,12 +219,12 @@ class UsersController extends AppController
|
||||||
{
|
{
|
||||||
$currentUser = $this->ACL->getUser();
|
$currentUser = $this->ACL->getUser();
|
||||||
$validRoles = [];
|
$validRoles = [];
|
||||||
$individuals_params = [
|
|
||||||
'sort' => ['email' => 'asc']
|
|
||||||
];
|
|
||||||
$individual_ids = [];
|
|
||||||
if (!$currentUser['role']['perm_admin']) {
|
if (!$currentUser['role']['perm_admin']) {
|
||||||
$validRoles = $this->Users->Roles->find('list')->select(['id', 'name'])->order(['name' => 'asc'])->where(['perm_admin' => 0, 'perm_org_admin' => 0])->all()->toArray();
|
if ($currentUser['role']['perm_group_admin']) {
|
||||||
|
$validRoles = $this->Users->Roles->find('list')->select(['id', 'name'])->order(['name' => 'asc'])->where(['perm_admin' => 0, 'perm_group_admin' => 0])->all()->toArray();
|
||||||
|
} else {
|
||||||
|
$validRoles = $this->Users->Roles->find('list')->select(['id', 'name'])->order(['name' => 'asc'])->where(['perm_admin' => 0, 'perm_group_admin' => 0, 'perm_org_admin' => 0])->all()->toArray();
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
$validRoles = $this->Users->Roles->find('list')->order(['name' => 'asc'])->all()->toArray();
|
$validRoles = $this->Users->Roles->find('list')->order(['name' => 'asc'])->all()->toArray();
|
||||||
}
|
}
|
||||||
|
@ -448,13 +448,17 @@ class UsersController extends AppController
|
||||||
{
|
{
|
||||||
$editingAnotherUser = false;
|
$editingAnotherUser = false;
|
||||||
$currentUser = $this->ACL->getUser();
|
$currentUser = $this->ACL->getUser();
|
||||||
if (empty($currentUser['role']['perm_admin']) || $user_id == $currentUser->id) {
|
if ((empty($currentUser['role']['perm_admin']) && empty($currentUser['role']['perm_group_admin'])) || $user_id == $currentUser->id) {
|
||||||
$user = $currentUser;
|
$user = $currentUser;
|
||||||
} else {
|
} else {
|
||||||
$user = $this->Users->get($user_id, [
|
$user = $this->Users->get($user_id, [
|
||||||
'contain' => ['Roles', 'Individuals' => 'Organisations', 'Organisations', 'UserSettings']
|
'contain' => ['Roles', 'Individuals' => 'Organisations', 'Organisations', 'UserSettings']
|
||||||
]);
|
]);
|
||||||
$editingAnotherUser = true;
|
$editingAnotherUser = true;
|
||||||
|
if (!empty($currentUser['role']['perm_group_admin']) && !$this->ACL->canEditUser($currentUser, $user)) {
|
||||||
|
$user = $currentUser;
|
||||||
|
$editingAnotherUser = false;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
$this->set('editingAnotherUser', $editingAnotherUser);
|
$this->set('editingAnotherUser', $editingAnotherUser);
|
||||||
$this->set('user', $user);
|
$this->set('user', $user);
|
||||||
|
|
|
@ -37,7 +37,7 @@ if ($field['scope'] === 'individuals') {
|
||||||
foreach ($extracted['alignments'] as $alignment) {
|
foreach ($extracted['alignments'] as $alignment) {
|
||||||
$alignmentEntryHtml = '[' . $this->Bootstrap->node('span', ['class' => ['fw-bold']], h($alignment['type'])) . ']';
|
$alignmentEntryHtml = '[' . $this->Bootstrap->node('span', ['class' => ['fw-bold']], h($alignment['type'])) . ']';
|
||||||
$alignmentEntryHtml .= $this->Bootstrap->node('span', ['class' => ['ms-1']], sprintf(
|
$alignmentEntryHtml .= $this->Bootstrap->node('span', ['class' => ['ms-1']], sprintf(
|
||||||
'<a href="%s/organisations/view/%s">%s</a>',
|
'<a href="%s/individuals/view/%s">%s</a>',
|
||||||
$baseurl,
|
$baseurl,
|
||||||
h($alignment['individual']['id']),
|
h($alignment['individual']['id']),
|
||||||
h($alignment['individual']['email'])
|
h($alignment['individual']['email'])
|
||||||
|
|
Loading…
Reference in New Issue