Merge branch 'develop' into add-integration-tests

2022-01-18 18:11:53 +01:00 · 2022-01-18 18:11:53 +01:00 · ee5c723c71
parent 850eb0fb2d f75d0829d1
commit ee5c723c71
3 changed files with 12 additions and 5 deletions
--- a/src/Controller/EncryptionKeysController.php
+++ b/src/Controller/EncryptionKeysController.php
@ -14,7 +14,7 @@ use Cake\Error\Debugger;

 class EncryptionKeysController extends AppController
 {
-    public $filterFields = ['owner_model', 'organisation_id', 'individual_id', 'encryption_key'];
+    public $filterFields = ['owner_model', 'owner_id', 'encryption_key'];
    public $quickFilterFields = ['encryption_key'];
    public $containFields = ['Individuals', 'Organisations'];

@ -65,6 +65,13 @@ class EncryptionKeysController extends AppController
                $individualConditions = [
                    'id' => $currentUser['individual_id']
                ];
+            } else {
+                $this->loadModel('Alignments');
+                $individualConditions = ['id IN' => $this->Alignments->find('list', [
+                    'keyField' => 'id',
+                    'valueField' => 'individual_id',
+                    'conditions' => ['organisation_id' => $currentUser['organisation_id']]
+                ])->toArray()];
            }
            $params['beforeSave'] = function($entity) use($currentUser) {
                if ($entity['owner_model'] === 'organisation') {
--- a/src/Controller/UsersController.php
+++ b/src/Controller/UsersController.php
@ -7,6 +7,7 @@ use Cake\Utility\Text;
 use Cake\ORM\TableRegistry;
 use \Cake\Database\Expression\QueryExpression;
 use Cake\Http\Exception\UnauthorizedException;
+use Cake\Http\Exception\MethodNotAllowedException;
 use Cake\Core\Configure;

 class UsersController extends AppController
@ -100,11 +101,10 @@ class UsersController extends AppController
        if (empty($id)) {
            $id = $currentUser['id'];
        } else {
+            $id = intval($id);
            if ((empty($currentUser['role']['perm_org_admin']) && empty($currentUser['role']['perm_admin']))) {
                if ($id !== $currentUser['id']) {
                    throw new MethodNotAllowedException(__('You are not authorised to edit that user.'));
-                } else {
-                    $id = $currentUser['id'];
                }
            }
        }
--- a/templates/Users/view.php
+++ b/templates/Users/view.php
@ -56,8 +56,8 @@ echo $this->element(
                'title' => __('Authentication keys')
            ],
            [
-                'url' => '/EncryptionKeys/index?Users.id={{0}}',
-                'url_params' => ['id'],
+                'url' => '/EncryptionKeys/index?owner_id={{0}}',
+                'url_params' => ['individual_id'],
                'title' => __('Encryption keys')
            ],
            [