From cfceaf0fb78aa021ac9aa2c1e7c1e40256636ecc Mon Sep 17 00:00:00 2001
From: iglocska <andras.iklody@gmail.com>
Date: Thu, 28 Nov 2024 20:42:27 +0100
Subject: [PATCH] fix: [authkeys] don't barf if no valid roles exist

---
 src/Controller/AuthKeysController.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/Controller/AuthKeysController.php b/src/Controller/AuthKeysController.php
index 083bd5c..e57710e 100644
--- a/src/Controller/AuthKeysController.php
+++ b/src/Controller/AuthKeysController.php
@@ -72,6 +72,9 @@ class AuthKeysController extends AppController
                 $userConditions['id'] = $currentUser['id'];
             } else {
                 $role_ids = $this->Users->Roles->find()->where(['perm_admin' => 0, 'perm_community_admin' => 0, 'perm_org_admin' => 0])->all()->extract('id')->toList();
+                if (empty($role_ids)) {
+                    throw new MethodNotAllowedException(__('You are not authorised to do that, as there are no roles that you could assign to a user. Contact your administrator to rectify this.'));
+                }
                 $userConditions['organisation_id'] = $currentUser['organisation_id'];
                 $userConditions['OR'] = [
                     ['role_id IN' => $role_ids],