cerebrate-project
/
cerebrate
mirror of https://github.com/cerebrate-project/cerebrate
1
0
Fork 0
Code Issues Releases Wiki Activity

chg: [users] restrict org admins from creating other org admins 

- temporary solution for a single community, make this optional in the future
pull/92/head
iglocska 2022-02-25 10:20:25 +01:00
parent 4902a3f8a6
commit 9d04533e14
No known key found for this signature in database
GPG Key ID: BEA224F1FEF113AC
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/Controller/UsersController.php
View File

@ -50,7 +50,7 @@ class UsersController extends AppController
]; ];
$individual_ids = []; $individual_ids = [];
if (!$currentUser['role']['perm_admin']) { if (!$currentUser['role']['perm_admin']) {
$validRoles = $this->Users->Roles->find('list')->select(['id', 'name'])->order(['name' => 'asc'])->where(['perm_admin' => 0])->all()->toArray(); $validRoles = $this->Users->Roles->find('list')->select(['id', 'name'])->order(['name' => 'asc'])->where(['perm_admin' => 0, 'perm_org_admin' => 0])->all()->toArray();
$individual_ids = $this->Users->Individuals->find('aligned', ['organisation_id' => $currentUser['organisation_id']])->all()->extract('id')->toArray(); $individual_ids = $this->Users->Individuals->find('aligned', ['organisation_id' => $currentUser['organisation_id']])->all()->extract('id')->toArray();
if (empty($individual_ids)) { if (empty($individual_ids)) {
$individual_ids = [-1]; $individual_ids = [-1];
@ -147,7 +147,7 @@ class UsersController extends AppController
$currentUser = $this->ACL->getUser(); $currentUser = $this->ACL->getUser();
$validRoles = []; $validRoles = [];
if (!$currentUser['role']['perm_admin']) { if (!$currentUser['role']['perm_admin']) {
$validRoles = $this->Users->Roles->find('list')->select(['id', 'name'])->order(['name' => 'asc'])->where(['perm_admin' => 0])->all()->toArray(); $validRoles = $this->Users->Roles->find('list')->select(['id', 'name'])->order(['name' => 'asc'])->where(['perm_admin' => 0, 'perm_org_admin' => 0])->all()->toArray();
} else { } else {
$validRoles = $this->Users->Roles->find('list')->order(['name' => 'asc'])->all()->toArray(); $validRoles = $this->Users->Roles->find('list')->order(['name' => 'asc'])->all()->toArray();
} }