From d2cb072ce6465e13875968c0187504e4a6cbafff Mon Sep 17 00:00:00 2001
From: Sami Mokaddem <mokaddem.sami@gmail.com>
Date: Tue, 12 Sep 2023 14:11:15 +0200
Subject: [PATCH] chg: [ui] Improved reflection of ACL logic in the UI for
 OrgGroups, Organisations and individuals.

---
 .../Component/Navigation/OrgGroups.php        | 25 +++++++++++++++++++
 .../Component/Navigation/Organisations.php    | 17 +++++++++++++
 .../Component/NavigationComponent.php         |  1 +
 src/Controller/IndividualsController.php      |  2 +-
 templates/OrgGroups/index.php                 |  3 ++-
 templates/Organisations/index.php             |  3 ++-
 6 files changed, 48 insertions(+), 3 deletions(-)
 create mode 100644 src/Controller/Component/Navigation/OrgGroups.php

diff --git a/src/Controller/Component/Navigation/OrgGroups.php b/src/Controller/Component/Navigation/OrgGroups.php
new file mode 100644
index 0000000..b23d339
--- /dev/null
+++ b/src/Controller/Component/Navigation/OrgGroups.php
@@ -0,0 +1,25 @@
+<?php
+namespace BreadcrumbNavigation;
+
+require_once(APP . 'Controller' . DS . 'Component' . DS . 'Navigation' . DS . 'base.php'); 
+
+class OrgGroupsNavigation extends BaseNavigation
+{
+    public function addLinks()
+    {
+        $controller = 'OrgGroups';
+        if (empty($this->viewVars['canEdit'])) {
+            $this->bcf->removeLink($controller, 'view', $controller, 'edit');
+            $this->bcf->removeLink($controller, 'edit', $controller, 'edit');
+        }
+    }
+
+    public function addActions()
+    {
+        $controller = 'OrgGroups';
+        if (empty($this->viewVars['canEdit'])) {
+            $this->bcf->removeAction($controller, 'view', $controller, 'delete');
+            $this->bcf->removeAction($controller, 'edit', $controller, 'delete');
+        }
+    }
+}
diff --git a/src/Controller/Component/Navigation/Organisations.php b/src/Controller/Component/Navigation/Organisations.php
index 3df07c1..d141f7a 100644
--- a/src/Controller/Component/Navigation/Organisations.php
+++ b/src/Controller/Component/Navigation/Organisations.php
@@ -5,4 +5,21 @@ require_once(APP . 'Controller' . DS . 'Component' . DS . 'Navigation' . DS . 'b
 
 class OrganisationsNavigation extends BaseNavigation
 {
+    public function addLinks()
+    {
+        $controller = 'Organisations';
+        if (empty($this->viewVars['canEdit'])) {
+            $this->bcf->removeLink($controller, 'view', $controller, 'edit');
+            $this->bcf->removeLink($controller, 'edit', $controller, 'edit');
+        }
+    }
+
+    public function addActions()
+    {
+        $controller = 'Organisations';
+        if (empty($this->viewVars['canEdit'])) {
+            $this->bcf->removeAction($controller, 'view', $controller, 'delete');
+            $this->bcf->removeAction($controller, 'edit', $controller, 'delete');
+        }
+    }
 }
diff --git a/src/Controller/Component/NavigationComponent.php b/src/Controller/Component/NavigationComponent.php
index 6dea2cf..d3e03f1 100644
--- a/src/Controller/Component/NavigationComponent.php
+++ b/src/Controller/Component/NavigationComponent.php
@@ -156,6 +156,7 @@ class NavigationComponent extends Component
         $CRUDControllers = [
             'Individuals',
             'Organisations',
+            'OrgGroups',
             'EncryptionKeys',
             'SharingGroups',
             'Broods',
diff --git a/src/Controller/IndividualsController.php b/src/Controller/IndividualsController.php
index 8702891..47a9957 100644
--- a/src/Controller/IndividualsController.php
+++ b/src/Controller/IndividualsController.php
@@ -39,7 +39,7 @@ class IndividualsController extends AppController
         if (!empty($responsePayload)) {
             return $responsePayload;
         }
-        $editableIds = null;
+        $editableIds = [];
         if ($orgAdmin) {
             $editableIds = $this->Individuals->getValidIndividualsToEdit($currentUser);
         }
diff --git a/templates/OrgGroups/index.php b/templates/OrgGroups/index.php
index 577e238..33569ad 100644
--- a/templates/OrgGroups/index.php
+++ b/templates/OrgGroups/index.php
@@ -11,7 +11,8 @@ echo $this->element('genericElements/IndexTable/index_table', [
                             'type' => 'simple',
                             'text' => __('Add group'),
                             'class' => 'btn btn-primary',
-                            'popover_url' => '/orgGroups/add'
+                            'popover_url' => '/orgGroups/add',
+                            'requirement' => !empty($loggedUser['role']['perm_admin']),
                         ]
                     ]
                 ],
diff --git a/templates/Organisations/index.php b/templates/Organisations/index.php
index e9cafb1..2cf96de 100644
--- a/templates/Organisations/index.php
+++ b/templates/Organisations/index.php
@@ -11,7 +11,8 @@ echo $this->element('genericElements/IndexTable/index_table', [
                             'type' => 'simple',
                             'text' => __('Add organisation'),
                             'class' => 'btn btn-primary',
-                            'popover_url' => '/organisations/add'
+                            'popover_url' => '/organisations/add',
+                            'requirement' => !empty($loggedUser['role']['perm_admin']),
                         ]
                     ]
                 ],