Skip to content

Commit

Permalink
Merge branch 'develop' into main
Browse files Browse the repository at this point in the history
  • Loading branch information
@iglocska
iglocska committed Nov 24, 2021
2 parents 92ddd04 + 4bcdf95 commit 8c8aba3
Show file tree
Hide file tree
Showing 23 changed files with 270 additions and 58 deletions.
3 changes: 3 additions & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
composer.lock
config/app_local.php
config/Migrations/schema-dump-default.lock
logs
tmp
vendor
webroot/theme/node_modules
.vscode
docker/run/
2 changes: 1 addition & 1 deletion composer.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
"admad/cakephp-social-auth": "^1.1",
"cakephp/authentication": "^2.0",
"cakephp/authorization": "^2.0",
"cakephp/cakephp": "^4.0",
"cakephp/cakephp": "^4.3",
"cakephp/migrations": "^3.0",
"cakephp/plugin-installer": "^1.2",
"erusev/parsedown": "^1.7",
Expand Down
43 changes: 43 additions & 0 deletions config/Migrations/20211123152707_user_org.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
<?php
declare(strict_types=1);

use Phinx\Migration\AbstractMigration;

final class UserOrg extends AbstractMigration
{
/**
* Change Method.
*
* Write your reversible migrations using this method.
*
* More information on writing migrations is available here:
* https://book.cakephp.org/phinx/0/en/migrations.html#the-change-method
*
* Remember to call "create()" or "update()" and NOT "save()" when working
* with the Table class.
*/
public function change(): void
{
$exists = $this->hasTable('users');
if (!$exists) {
$alignments = $this->table('users')
->addColumn('organisation_id', 'integer', [
'default' => null,
'null' => true,
'signed' => false,
'length' => 10
])
->addIndex('org_id')
->update();
}
$q1 = $this->getQueryBuilder();
$org_id = $q1->select(['min(id)'])->from('organisations')->execute()->fetchAll()[0][0];
if (!empty($org_id)) {
$q2 = $this->getQueryBuilder();
$q2->update('users')
->set('organisation_id', $org_id)
->where(['organisation_id IS NULL'])
->execute();
}
}
}
15 changes: 8 additions & 7 deletions src/Controller/AppController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,7 +102,7 @@ public function beforeFilter(EventInterface $event)
$this->ACL->setPublicInterfaces();
if (!empty($this->request->getAttribute('identity'))) {
$user = $this->Users->get($this->request->getAttribute('identity')->getIdentifier(), [
'contain' => ['Roles', 'Individuals' => 'Organisations', 'UserSettings']
'contain' => ['Roles', 'Individuals' => 'Organisations', 'UserSettings', 'Organisations']
]);
if (!empty($user['disabled'])) {
$this->Authentication->logout();
Expand All @@ -113,8 +113,10 @@ public function beforeFilter(EventInterface $event)
$this->ACL->setUser($user);
$this->request->getSession()->write('authUser', $user);
$this->isAdmin = $user['role']['perm_admin'];
$this->set('menu', $this->ACL->getMenu());
$this->set('loggedUser', $this->ACL->getUser());
if (!$this->ParamHandler->isRest()) {
$this->set('menu', $this->ACL->getMenu());
$this->set('loggedUser', $this->ACL->getUser());
}
} else if ($this->ParamHandler->isRest()) {
throw new MethodNotAllowedException(__('Invalid user credentials.'));
}
Expand Down Expand Up @@ -153,12 +155,11 @@ private function authApiUser(): void
if (!empty($authKey)) {
$this->loadModel('Users');
$user = $this->Users->get($authKey['user_id']);
$user = $logModel->userInfo();
$logModel->insert([
'action' => 'login',
'request_action' => 'login',
'model' => 'Users',
'model_id' => $user['id'],
'model_title' => $user['name'],
'model_title' => $user['username'],
'change' => []
]);
if (!empty($user)) {
Expand All @@ -167,7 +168,7 @@ private function authApiUser(): void
} else {
$user = $logModel->userInfo();
$logModel->insert([
'action' => 'login',
'request_action' => 'login',
'model' => 'Users',
'model_id' => $user['id'],
'model_title' => $user['name'],
Expand Down
4 changes: 2 additions & 2 deletions src/Controller/AuditLogsController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,8 @@

class AuditLogsController extends AppController
{
public $filterFields = ['model_id', 'model', 'action', 'user_id', 'title'];
public $quickFilterFields = ['model', 'action', 'title'];
public $filterFields = ['model_id', 'model', 'request_action', 'user_id', 'title'];
public $quickFilterFields = ['model', 'request_action', 'title'];
public $containFields = ['Users'];

public function index()
Expand Down
24 changes: 21 additions & 3 deletions src/Controller/AuthKeysController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,15 +16,25 @@ class AuthKeysController extends AppController
{
public $filterFields = ['Users.username', 'authkey', 'comment', 'Users.id'];
public $quickFilterFields = ['authkey', ['comment' => true]];
public $containFields = ['Users'];
public $containFields = ['Users' => ['fields' => ['id', 'username']]];

public function index()
{
$currentUser = $this->ACL->getUser();
$conditions = [];
if (empty($currentUser['role']['perm_admin'])) {
$conditions['Users.organisation_id'] = $currentUser['organisation_id'];
if (empty($currentUser['role']['perm_org_admin'])) {
$conditions['Users.id'] = $currentUser['id'];
}
}
$this->CRUD->index([
'filters' => $this->filterFields,
'quickFilters' => $this->quickFilterFields,
'contain' => $this->containFields,
'exclude_fields' => ['authkey']
'exclude_fields' => ['authkey'],
'conditions' => $conditions,
'hidden' => []
]);
$responsePayload = $this->CRUD->getResponsePayload();
if (!empty($responsePayload)) {
Expand All @@ -35,7 +45,15 @@ public function index()

public function delete($id)
{
$this->CRUD->delete($id);
$currentUser = $this->ACL->getUser();
$conditions = [];
if (empty($currentUser['role']['perm_admin'])) {
$conditions['Users.organisation_id'] = $currentUser['organisation_id'];
if (empty($currentUser['role']['perm_org_admin'])) {
$conditions['Users.id'] = $currentUser['id'];
}
}
$this->CRUD->delete($id, ['conditions' => $conditions, 'contain' => 'Users']);
$responsePayload = $this->CRUD->getResponsePayload();
if (!empty($responsePayload)) {
return $responsePayload;
Expand Down
24 changes: 15 additions & 9 deletions src/Controller/Component/ACLComponent.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -145,24 +145,24 @@ public function initialize(array $config): void
'view' => ['*']
],
'SharingGroups' => [
'add' => ['perm_admin'],
'addOrg' => ['perm_admin'],
'delete' => ['perm_admin'],
'edit' => ['perm_admin'],
'add' => ['perm_org_admin'],
'addOrg' => ['perm_org_admin'],
'delete' => ['perm_org_admin'],
'edit' => ['perm_org_admin'],
'index' => ['*'],
'listOrgs' => ['*'],
'removeOrg' => ['perm_admin'],
'removeOrg' => ['perm_org_admin'],
'view' => ['*']
],
'Users' => [
'add' => ['perm_admin'],
'delete' => ['perm_admin'],
'add' => ['perm_org_admin'],
'delete' => ['perm_org_admin'],
'edit' => ['*'],
'index' => ['perm_admin'],
'index' => ['perm_org_admin'],
'login' => ['*'],
'logout' => ['*'],
'register' => ['*'],
'toggle' => ['perm_admin'],
'toggle' => ['perm_org_admin'],
'view' => ['*']
]
);
Expand Down Expand Up @@ -290,6 +290,12 @@ private function checkAccessInternal($controller, $action, $soft): bool
if ($allConditionsMet) {
return true;
}
} else {
foreach ($this->aclList[$controller][$action] as $permission) {
if ($this->user['role'][$permission]) {
return true;
}
}
}
}
return false;
Expand Down
43 changes: 37 additions & 6 deletions src/Controller/Component/CRUDComponent.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,9 @@ public function index(array $options): void
}
$query = $this->setFilters($params, $query, $options);
$query = $this->setQuickFilters($params, $query, empty($options['quickFilters']) ? [] : $options['quickFilters']);
if (!empty($options['conditions'])) {
$query->where($options['conditions']);
}
if (!empty($options['contain'])) {
$query->contain($options['contain']);
}
Expand Down Expand Up @@ -284,7 +287,14 @@ public function edit(int $id, array $params = []): void
$params['contain'][] = 'Tags';
$this->setAllTags();
}
$data = $this->Table->get($id, isset($params['get']) ? $params['get'] : $params);
$data = $this->Table->find()->where(['id' => $id]);
if (!empty($params['conditions'])) {
$data->where($params['conditions']);
}
$data = $data->first();
if (empty($data)) {
throw new NotFoundException(__('Invalid {0}.', $this->ObjectAlias));
}
$data = $this->getMetaFields($id, $data);
if (!empty($params['fields'])) {
$this->Controller->set('fields', $params['fields']);
Expand Down Expand Up @@ -414,11 +424,21 @@ public function view(int $id, array $params = []): void
$this->Controller->set('entity', $data);
}

public function delete($id=false): void
public function delete($id=false, $params=[]): void
{
if ($this->request->is('get')) {
if(!empty($id)) {
$data = $this->Table->get($id);
$data = $this->Table->find()->where([$this->Table->getAlias() . '.id' => $id]);
if (!empty($params['conditions'])) {
$data->where($params['conditions']);
}
if (!empty($params['contain'])) {
$data->contain($params['contain']);
}
$data = $data->first();
if (empty($data)) {
throw new NotFoundException(__('Invalid {0}.', $this->ObjectAlias));
}
$this->Controller->set('id', $data['id']);
$this->Controller->set('data', $data);
$this->Controller->set('bulkEnabled', false);
Expand All @@ -430,9 +450,20 @@ public function delete($id=false): void
$isBulk = count($ids) > 1;
$bulkSuccesses = 0;
foreach ($ids as $id) {
$data = $this->Table->get($id);
$success = $this->Table->delete($data);
$success = true;
$data = $this->Table->find()->where([$this->Table->getAlias() . '.id' => $id]);
if (!empty($params['conditions'])) {
$data->where($params['conditions']);
}
if (!empty($params['contain'])) {
$data->contain($params['contain']);
}
$data = $data->first();
if (!empty($data)) {
$success = $this->Table->delete($data);
$success = true;
} else {
$success = false;
}
if ($success) {
$bulkSuccesses++;
}
Expand Down
36 changes: 34 additions & 2 deletions src/Controller/EncryptionKeysController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,31 @@ public function delete($id)

public function add()
{
$this->CRUD->add(['redirect' => $this->referer()]);
$orgConditions = [];
$currentUser = $this->ACL->getUser();
$params = ['redirect' => $this->referer()];
if (empty($currentUser['role']['perm_admin'])) {
$params['beforeSave'] = function($entity) {
if ($entity['owner_model'] === 'organisation') {
$entity['owner_id'] = $currentUser['organisation_id'];
} else {
if ($currentUser['role']['perm_org_admin']) {
$validIndividuals = $this->Organisations->Alignments->find('list', [
'fields' => ['distinct(individual_id)'],
'conditions' => ['organisation_id' => $currentUser['organisation_id']]
]);
if (!in_array($entity['owner_id'], $validIndividuals)) {
throw new MethodNotAllowedException(__('Selected individual cannot be linked by the current user.'));
}
} else {
if ($entity['owner_id'] !== $currentUser['id']) {
throw new MethodNotAllowedException(__('Selected individual cannot be linked by the current user.'));
}
}
}
};
}
$this->CRUD->add($params);
$responsePayload = $this->CRUD->getResponsePayload();
if (!empty($responsePayload)) {
return $responsePayload;
Expand All @@ -58,7 +82,8 @@ public function add()
$this->loadModel('Individuals');
$dropdownData = [
'organisation' => $this->Organisations->find('list', [
'sort' => ['name' => 'asc']
'sort' => ['name' => 'asc'],
'conditions' => $orgConditions
]),
'individual' => $this->Individuals->find('list', [
'sort' => ['email' => 'asc']
Expand All @@ -70,12 +95,19 @@ public function add()

public function edit($id = false)
{
$conditions = [];
$currentUser = $this->ACL->getUser();
$params = [
'fields' => [
'type', 'encryption_key', 'revoked'
],
'redirect' => $this->referer()
];
if (empty($currentUser['role']['perm_admin'])) {
if (empty($currentUser['role']['perm_org_admin'])) {

}
}
$this->CRUD->edit($id, $params);
$responsePayload = $this->CRUD->getResponsePayload();
if (!empty($responsePayload)) {
Expand Down
19 changes: 15 additions & 4 deletions src/Controller/SharingGroupsController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,16 @@ class SharingGroupsController extends AppController

public function index()
{
$currentUser = $this->ACL->getUser();
$conditions = [];
if (empty($currentUser['role']['perm_admin'])) {
$conditions['SharingGroups.organisation_id'] = $currentUser['organisation_id'];
}
$this->CRUD->index([
'contain' => $this->containFields,
'filters' => $this->filterFields,
'quickFilters' => $this->quickFilterFields
'quickFilters' => $this->quickFilterFields,
'conditions' => $conditions
]);
$responsePayload = $this->CRUD->getResponsePayload();
if (!empty($responsePayload)) {
Expand Down Expand Up @@ -60,7 +66,12 @@ public function view($id)

public function edit($id = false)
{
$this->CRUD->edit($id);
$params = [];
$currentUser = $this->ACL->getUser();
if (empty($currentUser['role']['perm_admin'])) {
$params['conditions'] = ['organisation_id' => $currentUser['organisation_id']];
}
$this->CRUD->edit($id, $params);
$responsePayload = $this->CRUD->getResponsePayload();
if (!empty($responsePayload)) {
return $responsePayload;
Expand Down Expand Up @@ -206,11 +217,11 @@ private function getAvailableOrgForSg($user)
$organisations = [];
if (!empty($user['role']['perm_admin'])) {
$organisations = $this->SharingGroups->Organisations->find('list')->order(['name' => 'ASC'])->toArray();
} else if (!empty($user['individual']['organisations'])) {
} else {
$organisations = $this->SharingGroups->Organisations->find('list', [
'sort' => ['name' => 'asc'],
'conditions' => [
'id IN' => array_values(\Cake\Utility\Hash::extract($user, 'individual.organisations.{n}.id'))
'id' => $user['organisation_id']
]
]);
}
Expand Down
Loading

0 comments on commit 8c8aba3

Please sign in to comment.