Merge remote-tracking branch 'origin/develop' into develop

pull/85/head
Sami Mokaddem 2022-01-19 09:04:20 +01:00
commit b42941dc8e
No known key found for this signature in database
GPG Key ID: 164C473F627A06FA
4 changed files with 53 additions and 40 deletions

View File

@ -442,6 +442,12 @@ class CRUDComponent extends Component
if (empty($data)) { if (empty($data)) {
throw new NotFoundException(__('Invalid {0}.', $this->ObjectAlias)); throw new NotFoundException(__('Invalid {0}.', $this->ObjectAlias));
} }
if (isset($params['beforeSave'])) {
$data = $params['beforeSave']($data);
if ($data === false) {
throw new NotFoundException(__('Could not save {0} due to the input failing to meet expectations. Your input is bad and you should feel bad.', $this->ObjectAlias));
}
}
$this->Controller->set('id', $data['id']); $this->Controller->set('id', $data['id']);
$this->Controller->set('data', $data); $this->Controller->set('data', $data);
$this->Controller->set('bulkEnabled', false); $this->Controller->set('bulkEnabled', false);
@ -453,6 +459,7 @@ class CRUDComponent extends Component
$isBulk = count($ids) > 1; $isBulk = count($ids) > 1;
$bulkSuccesses = 0; $bulkSuccesses = 0;
foreach ($ids as $id) { foreach ($ids as $id) {
$skipExecution = false;
$data = $this->Table->find()->where([$this->Table->getAlias() . '.id' => $id]); $data = $this->Table->find()->where([$this->Table->getAlias() . '.id' => $id]);
if (!empty($params['conditions'])) { if (!empty($params['conditions'])) {
$data->where($params['conditions']); $data->where($params['conditions']);
@ -461,6 +468,9 @@ class CRUDComponent extends Component
$data->contain($params['contain']); $data->contain($params['contain']);
} }
$data = $data->first(); $data = $data->first();
if (isset($params['beforeSave'])) {
$data = $params['beforeSave']($data);
}
if (!empty($data)) { if (!empty($data)) {
$success = $this->Table->delete($data); $success = $this->Table->delete($data);
$success = true; $success = true;

View File

@ -14,7 +14,7 @@ use Cake\Error\Debugger;
class EncryptionKeysController extends AppController class EncryptionKeysController extends AppController
{ {
public $filterFields = ['owner_model', 'organisation_id', 'individual_id', 'encryption_key']; public $filterFields = ['owner_model', 'owner_id', 'encryption_key'];
public $quickFilterFields = ['encryption_key']; public $quickFilterFields = ['encryption_key'];
public $containFields = ['Individuals', 'Organisations']; public $containFields = ['Individuals', 'Organisations'];
@ -57,47 +57,52 @@ class EncryptionKeysController extends AppController
private function buildBeforeSave(array $params, $currentUser, array &$orgConditions, array &$individualConditions, array &$dropdownData): array private function buildBeforeSave(array $params, $currentUser, array &$orgConditions, array &$individualConditions, array &$dropdownData): array
{ {
$orgConditions = [ if (empty($currentUser['role']['perm_admin'])) {
'id' => $currentUser['organisation_id'] $orgConditions = [
]; 'id' => $currentUser['organisation_id']
if (empty($currentUser['role']['perm_org_admin'])) {
$individualConditions = [
'id' => $currentUser['individual_id']
]; ];
} if (empty($currentUser['role']['perm_org_admin'])) {
$params['beforeSave'] = function($entity) use($currentUser) { $individualConditions = [
if ($entity['owner_model'] === 'organisation') { 'id' => $currentUser['individual_id']
$entity['owner_id'] = $currentUser['organisation_id']; ];
} else { } else {
if ($currentUser['role']['perm_org_admin']) { $this->loadModel('Alignments');
$this->loadModel('Alignments'); $individualConditions = ['id IN' => $this->Alignments->find('list', [
$validIndividuals = $this->Alignments->find('list', [ 'keyField' => 'id',
'keyField' => 'individual_id', 'valueField' => 'individual_id',
'valueField' => 'id', 'conditions' => ['organisation_id' => $currentUser['organisation_id']]
'conditions' => ['organisation_id' => $currentUser['organisation_id']] ])->toArray()];
])->toArray(); }
if (!isset($validIndividuals[$entity['owner_id']])) { $params['beforeSave'] = function($entity) use($currentUser) {
throw new MethodNotAllowedException(__('Selected individual cannot be linked by the current user.')); if ($entity['owner_model'] === 'organisation') {
if ($entity['owner_id'] !== $currentUser['organisation_id']) {
throw new MethodNotAllowedException(__('Selected organisation cannot be linked by the current user.'));
} }
} else { } else {
if ($entity['owner_id'] !== $currentUser['id']) { if ($currentUser['role']['perm_org_admin']) {
throw new MethodNotAllowedException(__('Selected individual cannot be linked by the current user.')); $this->loadModel('Alignments');
$validIndividuals = $this->Alignments->find('list', [
'keyField' => 'individual_id',
'valueField' => 'id',
'conditions' => ['organisation_id' => $currentUser['organisation_id']]
])->toArray();
if (!isset($validIndividuals[$entity['owner_id']])) {
throw new MethodNotAllowedException(__('Selected individual cannot be linked by the current user.'));
}
} else {
if ($entity['owner_id'] !== $currentUser['id']) {
throw new MethodNotAllowedException(__('Selected individual cannot be linked by the current user.'));
}
} }
} }
} return $entity;
return $entity; };
}; }
$this->loadModel('Organisations'); $this->loadModel('Organisations');
$this->loadModel('Individuals'); $this->loadModel('Individuals');
$dropdownData = [ $dropdownData = [
'organisation' => $this->Organisations->find('list', [ 'organisation' => $this->Organisations->find('list')->order(['name' => 'asc'])->where($orgConditions)->all()->toArray(),
'sort' => ['name' => 'asc'], 'individual' => $this->Individuals->find('list')->order(['email' => 'asc'])->where($individualConditions)->all()->toArray()
'conditions' => $orgConditions
]),
'individual' => $this->Individuals->find('list', [
'sort' => ['email' => 'asc'],
'conditions' => $individualConditions
])
]; ];
return $params; return $params;
} }
@ -111,9 +116,7 @@ class EncryptionKeysController extends AppController
$params = [ $params = [
'redirect' => $this->referer() 'redirect' => $this->referer()
]; ];
if (empty($currentUser['role']['perm_admin'])) { $params = $this->buildBeforeSave($params, $currentUser, $orgConditions, $individualConditions, $dropdownData);
$params = $this->buildBeforeSave($params, $currentUser, $orgConditions, $individualConditions, $dropdownData);
}
$this->CRUD->add($params); $this->CRUD->add($params);
$responsePayload = $this->CRUD->getResponsePayload(); $responsePayload = $this->CRUD->getResponsePayload();
if (!empty($responsePayload)) { if (!empty($responsePayload)) {

View File

@ -7,6 +7,7 @@ use Cake\Utility\Text;
use Cake\ORM\TableRegistry; use Cake\ORM\TableRegistry;
use \Cake\Database\Expression\QueryExpression; use \Cake\Database\Expression\QueryExpression;
use Cake\Http\Exception\UnauthorizedException; use Cake\Http\Exception\UnauthorizedException;
use Cake\Http\Exception\MethodNotAllowedException;
use Cake\Core\Configure; use Cake\Core\Configure;
class UsersController extends AppController class UsersController extends AppController
@ -100,11 +101,10 @@ class UsersController extends AppController
if (empty($id)) { if (empty($id)) {
$id = $currentUser['id']; $id = $currentUser['id'];
} else { } else {
$id = intval($id);
if ((empty($currentUser['role']['perm_org_admin']) && empty($currentUser['role']['perm_admin']))) { if ((empty($currentUser['role']['perm_org_admin']) && empty($currentUser['role']['perm_admin']))) {
if ($id !== $currentUser['id']) { if ($id !== $currentUser['id']) {
throw new MethodNotAllowedException(__('You are not authorised to edit that user.')); throw new MethodNotAllowedException(__('You are not authorised to edit that user.'));
} else {
$id = $currentUser['id'];
} }
} }
} }

View File

@ -56,8 +56,8 @@ echo $this->element(
'title' => __('Authentication keys') 'title' => __('Authentication keys')
], ],
[ [
'url' => '/EncryptionKeys/index?Users.id={{0}}', 'url' => '/EncryptionKeys/index?owner_id={{0}}',
'url_params' => ['id'], 'url_params' => ['individual_id'],
'title' => __('Encryption keys') 'title' => __('Encryption keys')
], ],
[ [