From a4276863880f5ccd49a7b36a8b2fc89b3852f378 Mon Sep 17 00:00:00 2001 From: Sami Mokaddem Date: Fri, 24 Feb 2023 15:02:08 +0100 Subject: [PATCH] chg: [user:permissionRestriction] Move check from beforeSave to ApplicationRule --- src/Model/Table/UsersTable.php | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/src/Model/Table/UsersTable.php b/src/Model/Table/UsersTable.php index aa52040..86160d5 100644 --- a/src/Model/Table/UsersTable.php +++ b/src/Model/Table/UsersTable.php @@ -73,13 +73,6 @@ class UsersTable extends AppTable if (!$entity->isNew()) { $success = $this->handleUserUpdateRouter($entity); } - $permissionRestrictionCheck = $this->checkPermissionRestrictions($entity); - if ($permissionRestrictionCheck !== true) { - $entity->setErrors($permissionRestrictionCheck); - $event->stopPropagation(); - $event->setResult(false); - return false; - } return $success; } @@ -187,10 +180,24 @@ class UsersTable extends AppTable public function buildRules(RulesChecker $rules): RulesChecker { $rules->add($rules->isUnique(['username'])); - $allowDuplicateIndividuals = false; if (empty(Configure::read('user.multiple-users-per-individual')) || !empty(Configure::read('keycloak.enabled'))) { $rules->add($rules->isUnique(['individual_id'])); } + + $rules->add(function($entity, $options) { + $permissionRestrictionCheck = $this->checkPermissionRestrictions($entity); + if ($permissionRestrictionCheck !== true) { + foreach ($permissionRestrictionCheck as $permission_name => $errors) { + foreach ($entity->meta_fields as $i => $metaField) { + if ($metaField['field'] === $permission_name) { + $entity->meta_fields[$i]->setErrors(['value' => $errors]); + } + } + } + return false; + } + return true; + }, 'permissionLimitations'); return $rules; }