From 5c5abd677d2acbd82197a920f04ecb186727aae3 Mon Sep 17 00:00:00 2001 From: Sami Mokaddem Date: Tue, 9 Apr 2024 12:20:15 +0200 Subject: [PATCH 1/6] fix: [setting:cerebrate] Enforce debug setting to be true or false --- .../Table/SettingProviders/CerebrateSettingsProvider.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/Model/Table/SettingProviders/CerebrateSettingsProvider.php b/src/Model/Table/SettingProviders/CerebrateSettingsProvider.php index dacfea9..19f9a8b 100644 --- a/src/Model/Table/SettingProviders/CerebrateSettingsProvider.php +++ b/src/Model/Table/SettingProviders/CerebrateSettingsProvider.php @@ -316,9 +316,8 @@ class CerebrateSettingsProvider extends BaseSettingsProvider 'description' => __('The debug level of the instance'), 'default' => 0, 'options' => [ - 0 => __('Debug Off'), - 1 => __('Debug On'), - 2 => __('Debug On + SQL Dump'), + false => __('Debug Off'), + true => __('Debug On'), ], 'test' => function ($value, $setting, $validator) { $validator->range('value', [0, 2]); From 1e7a1a5f3eb3098412f43cce5e6d9a9a3018c2f5 Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 22 May 2024 16:10:14 +0200 Subject: [PATCH 2/6] chg: [dashboard redirects] to individual models now sort by modified by default - the dashboard shows new entries, it only makes sense to sort the list based on changes - also a small fix to not sanitise the index URLs as this will lead to multiple query parameters not working --- templates/Instance/home.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/templates/Instance/home.php b/templates/Instance/home.php index f3c6604..814e294 100644 --- a/templates/Instance/home.php +++ b/templates/Instance/home.php @@ -1,6 +1,7 @@ user_settings_by_name['ui.bookmarks']['value']) ? json_decode($loggedUser->user_settings_by_name['ui.bookmarks']['value'], true) : []; $this->userSettingsTable = TableRegistry::getTableLocator()->get('UserSettings'); @@ -49,9 +50,10 @@ $this->userSettingsTable = TableRegistry::getTableLocator()->get('UserSettings') $modelForDisplay = $exploded[count($exploded) - 1]; $panelTitle = $this->Html->link( h($modelForDisplay), - $this->Url->build([ + Router::url([ 'controller' => $modelForDisplay, 'action' => 'index', + '?' => ['sort' => 'modified', 'direction' => 'desc'] ]), ['class' => 'text-white text-decoration-none fw-light stretched-link'] ); From 7d5102db2ad783acbd77830f1ac3fcbec2031d12 Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 22 May 2024 16:11:45 +0200 Subject: [PATCH 3/6] chg: [encryption keys] listed for orgs / individuals on their respective views, fixes #167 --- templates/Individuals/view.php | 8 +++++++- templates/Organisations/view.php | 8 +++++++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/templates/Individuals/view.php b/templates/Individuals/view.php index 423c7e6..ed7ce00 100644 --- a/templates/Individuals/view.php +++ b/templates/Individuals/view.php @@ -40,6 +40,12 @@ echo $this->element( 'scope' => 'individuals' ] ], - 'children' => [] + 'children' => [ + [ + 'url' => '/EncryptionKeys/index?owner_id={{0}}&owner_model=individual', + 'url_params' => ['id'], + 'title' => __('Encryption keys') + ] + ] ] ); diff --git a/templates/Organisations/view.php b/templates/Organisations/view.php index a27339b..218003d 100644 --- a/templates/Organisations/view.php +++ b/templates/Organisations/view.php @@ -63,6 +63,12 @@ echo $this->element( 'data' => $entity, 'fields' => $fields, 'combinedFieldsView' => false, - 'children' => [] + 'children' => [ + [ + 'url' => '/EncryptionKeys/index?owner_id={{0}}&owner_model=organisation', + 'url_params' => ['id'], + 'title' => __('Encryption keys') + ] + ] ] ); From 761e5e9388bd8fbda385466771cd988bf669653d Mon Sep 17 00:00:00 2001 From: Sami Mokaddem Date: Thu, 23 May 2024 15:46:43 +0200 Subject: [PATCH 4/6] fix: [authkey:add] Make sure to default to expiration=0 if not provided --- src/Model/Table/AuthKeysTable.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Model/Table/AuthKeysTable.php b/src/Model/Table/AuthKeysTable.php index f20299e..b7968b0 100644 --- a/src/Model/Table/AuthKeysTable.php +++ b/src/Model/Table/AuthKeysTable.php @@ -29,7 +29,7 @@ class AuthKeysTable extends AppTable public function beforeMarshal(EventInterface $event, ArrayObject $data, ArrayObject $options) { $data['created'] = time(); - if (!isset($data['expiration'])) { + if (!isset($data['expiration']) || empty($data['expiration'])) { $data['expiration'] = 0; } else { $data['expiration'] = strtotime($data['expiration']); From eabd56210a86f962a85283c4188e386a94e562c6 Mon Sep 17 00:00:00 2001 From: iglocska Date: Fri, 7 Jun 2024 14:04:24 +0200 Subject: [PATCH 5/6] fix: [authkeys] allow for authkeys with no expiration set, fixes #169 --- src/Controller/AuthKeysController.php | 3 +++ templates/AuthKeys/add.php | 1 + 2 files changed, 4 insertions(+) diff --git a/src/Controller/AuthKeysController.php b/src/Controller/AuthKeysController.php index 37aa356..7bca8d5 100644 --- a/src/Controller/AuthKeysController.php +++ b/src/Controller/AuthKeysController.php @@ -90,6 +90,9 @@ class AuthKeysController extends AppController if (!in_array($data['user_id'], array_keys($users))) { throw new MethodNotAllowedException(__('You are not authorised to do that.')); } + if (empty($data['expiration'])) { + $data['expiration'] = 0; + } return $data; } ]); diff --git a/templates/AuthKeys/add.php b/templates/AuthKeys/add.php index 4c829ec..5235c32 100644 --- a/templates/AuthKeys/add.php +++ b/templates/AuthKeys/add.php @@ -16,6 +16,7 @@ echo $this->element('genericElements/Form/genericForm', [ 'field' => 'expiration', 'label' => __('Expiration'), 'type' => 'datetime', + 'required' => false ] ], 'submit' => [ From 8098e5b4f48492c7a1e9520916661751f5334627 Mon Sep 17 00:00:00 2001 From: iglocska Date: Fri, 7 Jun 2024 14:40:38 +0200 Subject: [PATCH 6/6] fix: [alignments] rules relaxed, fixes #164 - site admins can add alignments to anyone - org admins can add alignments for their own org members - group admins can add alignments for any of their managed orgs' members --- src/Model/Table/IndividualsTable.php | 34 +++++++++++++++++++--------- 1 file changed, 23 insertions(+), 11 deletions(-) diff --git a/src/Model/Table/IndividualsTable.php b/src/Model/Table/IndividualsTable.php index 6e85a3b..8940618 100644 --- a/src/Model/Table/IndividualsTable.php +++ b/src/Model/Table/IndividualsTable.php @@ -125,17 +125,29 @@ class IndividualsTable extends AppTable public function getValidIndividualsToEdit(object $currentUser): array { - $validRoles = $this->Users->Roles->find('list')->select(['id'])->where(['perm_admin' => 0, 'perm_org_admin' => 0])->all()->toArray(); - $validIndividualIds = $this->Users->find()->select(['individual_id'])->where( - [ - 'organisation_id' => $currentUser['organisation_id'], - 'disabled' => 0, - 'OR' => [ - ['role_id IN' => array_keys($validRoles)], - ['id' => $currentUser['id']], - ] - ] - )->all()->extract('individual_id')->toArray(); + $isSiteAdmin = $currentUser['role']['perm_admin']; + $isGroupAdmin = $currentUser['role']['perm_group_admin']; + $validRoles = $this->Users->Roles->find('list')->select(['id']); + if (!$isSiteAdmin) { + $validRoles->where(['perm_admin' => 0]); + } + $validRoles = $validRoles->all()->toArray(); + $conditions = [ + 'disabled' => 0 + ]; + if (!$isSiteAdmin) { + $conditions['OR'] = [ + ['role_id IN' => array_keys($validRoles)], + ['id' => $currentUser['id']] + ]; + if ($isGroupAdmin) { + $OrgGroups = \Cake\ORM\TableRegistry::getTableLocator()->get('OrgGroups'); + $conditions['organisation_id IN'] = $OrgGroups->getGroupOrgIdsForUser($currentUser); + } else { + $conditions['organisation_id'] = $currentUser['organisation_id']; + } + } + $validIndividualIds = $this->Users->find()->select(['individual_id'])->where($conditions)->all()->extract('individual_id')->toArray(); return $validIndividualIds; }