From b987444da2629e85e8237bc8d2b17a8e21581bb4 Mon Sep 17 00:00:00 2001
From: Sami Mokaddem <mokaddem.sami@gmail.com>
Date: Mon, 30 Oct 2023 09:47:57 +0100
Subject: [PATCH] fix: [users:settings] Take into consideration
 perm-org-group-admin when editing users settings

---
 src/Controller/UsersController.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/Controller/UsersController.php b/src/Controller/UsersController.php
index a5a0565..6ca72db 100644
--- a/src/Controller/UsersController.php
+++ b/src/Controller/UsersController.php
@@ -448,13 +448,17 @@ class UsersController extends AppController
     {
         $editingAnotherUser = false;
         $currentUser = $this->ACL->getUser();
-        if (empty($currentUser['role']['perm_admin']) || $user_id == $currentUser->id) {
+        if ((empty($currentUser['role']['perm_admin']) && empty($currentUser['role']['perm_group_admin'])) || $user_id == $currentUser->id) {
             $user = $currentUser;
         } else {
             $user = $this->Users->get($user_id, [
                 'contain' => ['Roles', 'Individuals' => 'Organisations', 'Organisations', 'UserSettings']
             ]);
             $editingAnotherUser = true;
+            if (!empty($currentUser['role']['perm_group_admin']) && !$this->ACL->canEditUser($currentUser, $user)) {
+                $user = $currentUser;
+                $editingAnotherUser = false;
+            }
         }
         $this->set('editingAnotherUser', $editingAnotherUser);
         $this->set('user', $user);