Merge branch 'develop' into main

cerebrate-project · May 17, 2022 · b90e563 · b90e563
2 parents 5a965c5 + 4575406
commit b90e563
Show file tree

Hide file tree

Showing 3 changed files with 204 additions and 45 deletions.
diff --git a/src/Command/KeycloakSyncCommand.php b/src/Command/KeycloakSyncCommand.php
@@ -0,0 +1,29 @@
+<?php
+namespace App\Command;
+
+use Cake\Command\Command;
+use Cake\Console\Arguments;
+use Cake\Console\ConsoleIo;
+use Cake\Core\Configure;
+
+class KeycloakSyncCommand extends Command
+{
+    protected $defaultTable = 'Users';
+
+    public function execute(Arguments $args, ConsoleIo $io)
+    {
+        if (!empty(Configure::read('keycloak'))) {
+            $results = $this->fetchTable()->syncWithKeycloak();
+            $tableData = [
+                ['Changes to', 'Count']
+            ];
+            foreach ($results as $k => $v) {
+                $tableData[] = [$k, '<text-right>' . $v . '</text-right>'];
+            }
+            $io->out(__('Sync done. See the results below.'));
+            $io->helper('Table')->output($tableData);
+        } else {
+            $io->error(__('Keycloak is not enabled.'));
+        }
+    }
+}
diff --git a/src/Controller/UsersController.php b/src/Controller/UsersController.php
@@ -143,8 +143,17 @@ public function edit($id = false)
     {
         $currentUser = $this->ACL->getUser();
         $validRoles = [];
+        $individuals_params = [
+            'sort' => ['email' => 'asc']
+        ];
+        $individual_ids = [];
         if (!$currentUser['role']['perm_admin']) {
             $validRoles = $this->Users->Roles->find('list')->select(['id', 'name'])->order(['name' => 'asc'])->where(['perm_admin' => 0, 'perm_org_admin' => 0])->all()->toArray();
+            $individual_ids = $this->Users->Individuals->find('aligned', ['organisation_id' => $currentUser['organisation_id']])->all()->extract('id')->toArray();
+            if (empty($individual_ids)) {
+                $individual_ids = [-1];
+            }
+            $individuals_params['conditions'] = ['id IN' => $individual_ids];
         } else {
             $validRoles = $this->Users->Roles->find('list')->order(['name' => 'asc'])->all()->toArray();
         }
@@ -168,7 +177,10 @@ public function edit($id = false)
             ]
         ];
         if ($this->request->is(['get'])) {
-            $params['fields'] = array_merge($params['fields'], ['individual_id', 'role_id', 'disabled', 'username']);
+            $params['fields'] = array_merge($params['fields'], ['individual_id', 'role_id', 'disabled']);
+            if (!empty($this->ACL->getUser()['role']['perm_admin'])) {
+                $params['fields'][] = 'organisation_id';
+            }
         }
         if ($this->request->is(['post', 'put']) && !empty($this->ACL->getUser()['role']['perm_admin'])) {
             $params['fields'][] = 'individual_id';
@@ -210,6 +222,18 @@ public function edit($id = false)
                 'sort' => ['name' => 'asc']
             ])
         ];
+        $org_conditions = [];
+        if (empty($currentUser['role']['perm_admin'])) {
+            $org_conditions = ['id' => $currentUser['organisation_id']];
+        }
+        $dropdownData = [
+            'role' => $validRoles,
+            'individual' => $this->Users->Individuals->find('list', $individuals_params)->toArray(),
+            'organisation' => $this->Users->Organisations->find('list', [
+                'sort' => ['name' => 'asc'],
+                'conditions' => $org_conditions
+            ])
+        ];
         $this->set(compact('dropdownData'));
         $this->set('metaGroup', $this->isAdmin ? 'Administration' : 'Cerebrate');
         $this->render('add');