diff --git a/src/Controller/OrganisationsController.php b/src/Controller/OrganisationsController.php index aca7f36..4274443 100644 --- a/src/Controller/OrganisationsController.php +++ b/src/Controller/OrganisationsController.php @@ -70,7 +70,7 @@ class OrganisationsController extends AppController $additionalContainFields[] = 'MetaFields'; } $containFields = array_merge($this->containFields, $additionalContainFields); - + $this->set('validOrgs', $this->Users->getValidOrgsForUser($this->ACL->getUser())); $this->CRUD->index([ 'filters' => $this->filterFields, 'quickFilters' => $this->quickFilterFields, @@ -184,9 +184,14 @@ class OrganisationsController extends AppController if ($currentUser['role']['perm_admin']) { return true; } + if ($currentUser['role']['perm_org_admin'] && $currentUser['organisation']['id'] == $orgId) { return true; } + + if ($currentUser['role']['perm_group_admin'] && in_array($orgId, $this->Users->getValidOrgsForUser($currentUser))) { + return true; + } return false; } } diff --git a/templates/Organisations/index.php b/templates/Organisations/index.php index c3fb2ae..b081b88 100644 --- a/templates/Organisations/index.php +++ b/templates/Organisations/index.php @@ -109,10 +109,13 @@ echo $this->element('genericElements/IndexTable/index_table', [ 'modal_params_data_path' => 'id', 'icon' => 'edit', 'complex_requirement' => [ - 'function' => function ($row, $options) use ($loggedUser) { + 'function' => function ($row, $options) use ($loggedUser, $validOrgs) { if ($loggedUser['role']['perm_admin'] || ($loggedUser['role']['perm_org_admin'] && $row['id'] == $loggedUser['organisation']['id'])) { return true; } + if ($loggedUser['role']['perm_group_admin'] && in_array($row['id'], $validOrgs)) { + return true; + } return false; } ]