Merge branch 'develop'

cerebrate-project · May 14, 2024 · b4aaf0f · b4aaf0f
2 parents 1f57809 + 305274f
commit b4aaf0f
Show file tree

Hide file tree

Showing 12 changed files with 566 additions and 223 deletions.
diff --git a/src/Controller/AppController.php b/src/Controller/AppController.php
@@ -43,6 +43,10 @@ class AppController extends Controller
     public $breadcrumb = [];
     public $request_ip = null;
 
+    public $MetaFields = null;
+    public $MetaTemplates = null;
+    public $Users = null;
+
     /**
      * Initialization hook method.
      *

diff --git a/src/Controller/Component/CRUDComponent.php b/src/Controller/Component/CRUDComponent.php
diff --git a/src/Controller/EncryptionKeysController.php b/src/Controller/EncryptionKeysController.php
@@ -21,6 +21,7 @@ class EncryptionKeysController extends AppController
 
     public function index()
     {
+        $currentUser = $this->ACL->getUser();
         $this->EncryptionKeys->initializeGpg();
         $Model = $this->EncryptionKeys;
         $this->CRUD->index([
@@ -33,7 +34,7 @@ public function index()
             ],
             'contain' => $this->containFields,
             'statisticsFields' => $this->statisticsFields,
-            'afterFind' => function($data) use ($Model) {
+            'afterFind' => function($data) use ($Model, $currentUser) {
                 if ($data['type'] === 'pgp') {
                     $keyInfo = $Model->verifySingleGPG($data);
                     $data['status'] = __('OK');
@@ -45,6 +46,7 @@ public function index()
                         $data['fingerprint'] = $keyInfo[4];
                     }
                 }
+                $data['_canBeEdited'] = $Model->canEdit($currentUser, $data);
                 return $data;
             }
         ]);
@@ -96,24 +98,12 @@ private function buildBeforeSave(array $params, $currentUser, array &$orgConditi
             }
             $params['beforeSave'] = function($entity) use($currentUser) {
                 if ($entity['owner_model'] === 'organisation') {
-                    if ($entity['owner_id'] !== $currentUser['organisation_id']) {
+                    if (!$this->EncryptionKeys->canEditForOrganisation($currentUser, $entity)) {
                         throw new MethodNotAllowedException(__('Selected organisation cannot be linked by the current user.'));
                     }
-                } else {
-                    if ($currentUser['role']['perm_org_admin']) {
-                        $this->loadModel('Alignments');
-                        $validIndividuals = $this->Alignments->find('list', [
-                            'keyField' => 'individual_id',
-                            'valueField' => 'id',
-                            'conditions' => ['organisation_id' => $currentUser['organisation_id']]
-                        ])->toArray();
-                        if (!isset($validIndividuals[$entity['owner_id']])) {
-                            throw new MethodNotAllowedException(__('Selected individual cannot be linked by the current user.'));
-                        }
-                    } else {
-                        if ($entity['owner_id'] !== $currentUser['id']) {
-                            throw new MethodNotAllowedException(__('Selected individual cannot be linked by the current user.'));
-                        }
+                } else if ($entity['owner_model'] === 'individual') {
+                    if (!$this->EncryptionKeys->canEditForIndividual($currentUser, $entity)) {
+                        throw new MethodNotAllowedException(__('Selected individual cannot be linked by the current user.'));
                     }
                 }
                 return $entity;

diff --git a/src/Controller/IndividualsController.php b/src/Controller/IndividualsController.php
@@ -14,7 +14,15 @@
 class IndividualsController extends AppController
 {
     public $quickFilterFields = ['uuid', ['email' => true], ['first_name' => true], ['last_name' => true], 'position'];
-    public $filterFields = ['uuid', 'email', 'first_name', 'last_name', 'position', 'Organisations.id', 'Alignments.type'];
+    public $filterFields = [
+        'uuid',
+        'email',
+        'first_name',
+        'last_name',
+        'position',
+        'Alignments.type',
+        ['name' => 'Organisations.id', 'multiple' => true, 'options' => 'getAllOrganisations', 'select2' => true],
+    ];
     public $containFields = ['Alignments' => 'Organisations'];
     public $statisticsFields = ['position'];
 

diff --git a/src/Controller/UsersController.php b/src/Controller/UsersController.php
@@ -11,7 +11,15 @@
 
 class UsersController extends AppController
 {
-    public $filterFields = ['Individuals.uuid', 'username', 'Individuals.email', 'Individuals.first_name', 'Individuals.last_name', 'Organisations.name', 'Organisations.nationality'];
+    public $filterFields = [
+        'Individuals.uuid',
+        'username',
+        'Individuals.email',
+        'Individuals.first_name',
+        'Individuals.last_name',
+        ['name' => 'Organisations.id', 'multiple' => true, 'options' => 'getAllOrganisations', 'select2' => true],
+        'Organisations.nationality'
+    ];
     public $quickFilterFields = ['Individuals.uuid', ['username' => true], ['Individuals.first_name' => true], ['Individuals.last_name' => true], 'Individuals.email'];
     public $containFields = ['Individuals', 'Roles', 'UserSettings', 'Organisations', 'OrgGroups'];
 

diff --git a/src/Model/Behavior/MetaFieldsBehavior.php b/src/Model/Behavior/MetaFieldsBehavior.php
@@ -45,6 +45,7 @@ class MetaFieldsBehavior extends Behavior
 
     private $aliasScope = null;
     private $typeHandlers = [];
+    private $_metaTemplateFieldTable;
 
     public function initialize(array $config): void
     {

diff --git a/src/Model/Table/EncryptionKeysTable.php b/src/Model/Table/EncryptionKeysTable.php
@@ -3,6 +3,7 @@
 namespace App\Model\Table;
 
 use App\Model\Table\AppTable;
+use Cake\ORM\TableRegistry;
 use Cake\ORM\Table;
 use Cake\Validation\Validator;
 use Cake\Event\EventInterface;
@@ -147,4 +148,57 @@ public function initializeGpg()
             return null;
         }
     }
+
+    public function canEdit($user, $entity): bool
+    {
+        if ($entity['owner_model'] === 'organisation') {
+            return $this->canEditForOrganisation($user, $entity);
+        } else if ($entity['owner_model'] === 'individual') {
+            return $this->canEditForIndividual($user, $entity);
+        }
+        return false;
+    }
+
+    public function canEditForOrganisation($user, $entity): bool
+    {
+        if ($entity['owner_model'] !== 'organisation') {
+            return false;
+        }
+        if (!empty($user['role']['perm_admin'])) {
+            return true;
+        }
+        if (
+            $user['role']['perm_org_admin'] && 
+            $entity['owner_id'] === $user['organisation_id']
+        ) {
+            return true;
+        }
+        return false;
+    }
+
+    public function canEditForIndividual($user, $entity): bool
+    {
+        if ($entity['owner_model'] !== 'individual') {
+            return false;
+        }
+        if (!empty($user['role']['perm_admin'])) {
+            return true;
+        }
+        if ($user['role']['perm_org_admin']) {
+            $this->Alignments = TableRegistry::get('Alignments');
+            $validIndividuals = $this->Alignments->find('list', [
+                'keyField' => 'individual_id',
+                'valueField' => 'id',
+                'conditions' => ['organisation_id' => $user['organisation_id']]
+            ])->toArray();
+            if (isset($validIndividuals[$entity['owner_id']])) {
+                return true;
+            }
+        } else {
+            if ($entity['owner_id'] === $user['individual_id']) {
+                return true;
+            }
+        }
+        return false;
+    }
 }
diff --git a/src/Model/Table/IndividualsTable.php b/src/Model/Table/IndividualsTable.php
@@ -3,6 +3,7 @@
 namespace App\Model\Table;
 
 use App\Model\Table\AppTable;
+use Cake\Utility\Hash;
 use Cake\ORM\Table;
 use Cake\Validation\Validator;
 use Cake\ORM\Query;
@@ -137,4 +138,11 @@ public function getValidIndividualsToEdit(object $currentUser): array
         )->all()->extract('individual_id')->toArray();
         return $validIndividualIds;
     }
+
+    public function getAllOrganisations($currentUser): array
+    {
+        $this->Organisations = \Cake\ORM\TableRegistry::getTableLocator()->get('Organisations');
+        $orgs = $this->Organisations->find()->select(['id', 'name'])->all()->toList();
+        return Hash::combine($orgs, '{n}.id', '{n}.name');
+    }
 }
diff --git a/src/Model/Table/UsersTable.php b/src/Model/Table/UsersTable.php
@@ -292,4 +292,9 @@ public function handleUserUpdateRouter(\App\Model\Entity\User $user): bool
         }
         return true;
     }
+
+    public function getAllOrganisations($currentUser) {
+        $this->Individuals = TableRegistry::get('Individuals');
+        return $this->Individuals->getAllOrganisations($currentUser);
+    }
 }
diff --git a/templates/EncryptionKeys/index.php b/templates/EncryptionKeys/index.php
@@ -80,12 +80,22 @@
             [
                 'open_modal' => '/encryptionKeys/edit/[onclick_params_data_path]',
                 'modal_params_data_path' => 'id',
-                'icon' => 'edit'
+                'icon' => 'edit',
+                'complex_requirement' => [
+                    'function' => function ($row, $options) {
+                        return $row['_canBeEdited'];
+                    }
+                ]
             ],
             [
                 'open_modal' => '/encryptionKeys/delete/[onclick_params_data_path]',
                 'modal_params_data_path' => 'id',
-                'icon' => 'trash'
+                'icon' => 'trash',
+                'complex_requirement' => [
+                    'function' => function ($row, $options) {
+                        return $row['_canBeEdited'];
+                    }
+                ]
             ],
         ]
     ]

diff --git a/templates/Users/index.php b/templates/Users/index.php
@@ -54,7 +54,27 @@
                             return true;
                         },
                     ],
-                    'skip_full_reload' => true
+                    'skip_full_reload' => true,
+                    'confirm' => [
+                        'enable' => [
+                            'titleHtml' => __('Confirm disabling the user?'),
+                            'type' => 'confirm-warning',
+                            'bodyHtml' => __('You\'re about to change the state of the user {{0}}.'),
+                            'confirmText' => __('Disable user'),
+                            'arguments' => [
+                                'bodyHtml' => ['individual.email'],
+                            ]
+                        ],
+                        'disable' => [
+                            'titleHtml' => __('Confirm enabling the user?'),
+                            'type' => 'confirm-success',
+                            'bodyHtml' => __('You\'re about to change the state of the user {{0}}.'),
+                            'confirmText' => __('Enable user'),
+                            'arguments' => [
+                                'bodyHtml' => ['individual.email'],
+                            ]
+                        ]
+                    ]
                 ]
             ],
             [
@@ -168,5 +188,4 @@
         ]
     ]
 ]);
-echo '</div>';
 ?>
diff --git a/templates/genericTemplates/filters.php b/templates/genericTemplates/filters.php
@@ -102,7 +102,7 @@
 if ($taggingEnabled) {
     $helpText = $this->Bootstrap->node('sup', [
         'class' => ['ms-1 fa fa-info'],
-        'title' => __('Supports negation matches (with the `!` character) and LIKE matches (with the `%` character).&#10;Example: `!exportable`, `%able`'),
+        'title' => __('Supports negation matches (with the `!` character) and LIKE matches (with the `%` character). Example: `!exportable`, `%able`'),
         'data-bs-toggle' => 'tooltip',
     ]);
     $filteringTags = $this->Bootstrap->node('h5', [