fix: [individuals:delete] Gracefully catches deletion of individuals associated to a user

refacto/CRUDComponent
Sami Mokaddem 2023-03-13 08:05:32 +01:00
parent 3ca6b68429
commit acb66ac4a0
No known key found for this signature in database
GPG Key ID: 164C473F627A06FA
3 changed files with 19 additions and 1 deletions

View File

@ -851,6 +851,9 @@ class CRUDComponent extends Component
$query->contain($params['contain']); $query->contain($params['contain']);
} }
$data = $query->first(); $data = $query->first();
if (isset($params['afterFind'])) {
$data = $params['afterFind']($data, $params);
}
if (empty($data)) { if (empty($data)) {
throw new NotFoundException(__('Invalid {0}.', $this->ObjectAlias)); throw new NotFoundException(__('Invalid {0}.', $this->ObjectAlias));
} }
@ -873,6 +876,9 @@ class CRUDComponent extends Component
$query->contain($params['contain']); $query->contain($params['contain']);
} }
$data = $query->first(); $data = $query->first();
if (isset($params['afterFind'])) {
$data = $params['afterFind']($data, $params);
}
if (isset($params['beforeSave'])) { if (isset($params['beforeSave'])) {
try { try {
$data = $params['beforeSave']($data); $data = $params['beforeSave']($data);

View File

@ -94,7 +94,16 @@ class IndividualsController extends AppController
public function delete($id) public function delete($id)
{ {
$this->CRUD->delete($id); $params = [
'contain' => ['Users'],
'afterFind' => function($data, $params) {
if (!empty($data['user'])) {
throw new ForbiddenException(__('Individual associated to a user cannot be deleted.'));
}
return $data;
}
];
$this->CRUD->delete($id, $params);
$responsePayload = $this->CRUD->getResponsePayload(); $responsePayload = $this->CRUD->getResponsePayload();
if (!empty($responsePayload)) { if (!empty($responsePayload)) {
return $responsePayload; return $responsePayload;

View File

@ -103,6 +103,9 @@ echo $this->element('genericElements/IndexTable/index_table', [
'icon' => 'trash', 'icon' => 'trash',
'complex_requirement' => [ 'complex_requirement' => [
'function' => function ($row, $options) use ($loggedUser) { 'function' => function ($row, $options) use ($loggedUser) {
if (!empty($row['user'])) { // cannot delete individuals with associated user(s)
return false;
}
return (bool)$loggedUser['role']['perm_admin']; return (bool)$loggedUser['role']['perm_admin'];
} }
] ]