Merge branch 'develop'

2024-06-07 14:48:14 +02:00 · 2024-06-07 14:48:14 +02:00 · f1a3de74b0
parent dee43d8d51 8098e5b4f4
commit f1a3de74b0
7 changed files with 45 additions and 15 deletions
--- a/src/Controller/AuthKeysController.php
+++ b/src/Controller/AuthKeysController.php
@ -90,6 +90,9 @@ class AuthKeysController extends AppController
                if (!in_array($data['user_id'], array_keys($users))) {
                    throw new MethodNotAllowedException(__('You are not authorised to do that.'));
                }
+                if (empty($data['expiration'])) {
+                    $data['expiration'] = 0;
+                }
                return $data;
            }
        ]);
--- a/src/Model/Table/AuthKeysTable.php
+++ b/src/Model/Table/AuthKeysTable.php
@ -29,7 +29,7 @@ class AuthKeysTable extends AppTable
    public function beforeMarshal(EventInterface $event, ArrayObject $data, ArrayObject $options)
    {
        $data['created'] = time();
-        if (!isset($data['expiration'])) {
+        if (!isset($data['expiration']) || empty($data['expiration'])) {
            $data['expiration'] = 0;
        } else {
            $data['expiration'] = strtotime($data['expiration']);
--- a/src/Model/Table/IndividualsTable.php
+++ b/src/Model/Table/IndividualsTable.php
@ -125,17 +125,29 @@ class IndividualsTable extends AppTable

    public function getValidIndividualsToEdit(object $currentUser): array
    {
-        $validRoles = $this->Users->Roles->find('list')->select(['id'])->where(['perm_admin' => 0, 'perm_org_admin' => 0])->all()->toArray();
-        $validIndividualIds = $this->Users->find()->select(['individual_id'])->where(
-            [
-                'organisation_id' => $currentUser['organisation_id'],
-                'disabled' => 0,
-                'OR' => [
+        $isSiteAdmin = $currentUser['role']['perm_admin'];
+        $isGroupAdmin = $currentUser['role']['perm_group_admin'];
+        $validRoles = $this->Users->Roles->find('list')->select(['id']);
+        if (!$isSiteAdmin) {
+            $validRoles->where(['perm_admin' => 0]);
+        }
+        $validRoles = $validRoles->all()->toArray();
+        $conditions = [
+            'disabled' => 0
+        ];
+        if (!$isSiteAdmin) {
+            $conditions['OR'] = [
                ['role_id IN' => array_keys($validRoles)],
-                    ['id' => $currentUser['id']],
-                ]
-            ]
-        )->all()->extract('individual_id')->toArray();
+                ['id' => $currentUser['id']]
+            ];
+            if ($isGroupAdmin) {
+                $OrgGroups = \Cake\ORM\TableRegistry::getTableLocator()->get('OrgGroups');
+                $conditions['organisation_id IN'] = $OrgGroups->getGroupOrgIdsForUser($currentUser);
+            } else {
+                $conditions['organisation_id'] = $currentUser['organisation_id'];
+            }
+        }
+        $validIndividualIds = $this->Users->find()->select(['individual_id'])->where($conditions)->all()->extract('individual_id')->toArray();
        return $validIndividualIds;
    }

--- a/templates/AuthKeys/add.php
+++ b/templates/AuthKeys/add.php
@ -16,6 +16,7 @@ echo $this->element('genericElements/Form/genericForm', [
                'field' => 'expiration',
                'label' => __('Expiration'),
                'type' => 'datetime',
+                'required' => false
            ]
        ],
        'submit' => [
--- a/templates/Individuals/view.php
+++ b/templates/Individuals/view.php
@ -40,6 +40,12 @@ echo $this->element(
                'scope' => 'individuals'
            ]
        ],
-        'children' => []
+        'children' => [
+            [
+                'url' => '/EncryptionKeys/index?owner_id={{0}}&owner_model=individual',
+                'url_params' => ['id'],
+                'title' => __('Encryption keys')
+            ]
+        ]
    ]
 );
--- a/templates/Instance/home.php
+++ b/templates/Instance/home.php
@ -1,6 +1,7 @@
 <?php

 use Cake\ORM\TableRegistry;
+use Cake\Routing\Router;

 $bookmarks = !empty($loggedUser->user_settings_by_name['ui.bookmarks']['value']) ? json_decode($loggedUser->user_settings_by_name['ui.bookmarks']['value'], true) : [];
 $this->userSettingsTable = TableRegistry::getTableLocator()->get('UserSettings');
@ -49,9 +50,10 @@ $this->userSettingsTable = TableRegistry::getTableLocator()->get('UserSettings')
            $modelForDisplay = $exploded[count($exploded) - 1];
            $panelTitle = $this->Html->link(
                h($modelForDisplay),
-                $this->Url->build([
+                Router::url([
                    'controller' => $modelForDisplay,
                    'action' => 'index',
+                    '?' => ['sort' => 'modified', 'direction' => 'desc']
                ]),
                ['class' => 'text-white text-decoration-none fw-light stretched-link']
            );
--- a/templates/Organisations/view.php
+++ b/templates/Organisations/view.php
@ -63,6 +63,12 @@ echo $this->element(
        'data' => $entity,
        'fields' => $fields,
        'combinedFieldsView' => false,
-        'children' => []
+        'children' => [
+            [
+                'url' => '/EncryptionKeys/index?owner_id={{0}}&owner_model=organisation',
+                'url_params' => ['id'],
+                'title' => __('Encryption keys')
+            ]
+        ]
    ]
 );