Merge pull request #147 from ioigoume/Fix_self_view_permissions_for_i…

…dentifiers Fix_self_view_permissions_for_identifiers
rciam · Nov 16, 2021 · 60b53f7 · 60b53f7
2 parents 1c0307a + 4662ed2
commit 60b53f7
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 12 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -3,6 +3,13 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 
+## [3.3.7-rciam] - 2021-11-16
+
+### Fixed
+
+- Grant CO Person view permisions for Identifiers Model to self
+- Render root VO Population link only once under Main Menu
+
 ## [3.3.6-rciam] - 2021-11-15
 
 ### Fixed

diff --git a/app/Controller/IdentifiersController.php b/app/Controller/IdentifiersController.php
@@ -270,6 +270,9 @@ function isAuthorized() {
           if(!empty($identifier['Identifier']['co_person_id'])) {
             $managed = $this->Role->isCoOrCouAdminForCoPerson($roles['copersonid'],
                                                               $identifier['Identifier']['co_person_id']);
+            if($identifier['Identifier']['co_person_id'] == $roles['copersonid']) {
+              $self = true;
+            }
           } elseif(!empty($identifier['Identifier']['org_identity_id'])) {
             $managed = $this->Role->isCoOrCouAdminForOrgidentity($roles['copersonid'],
                                                                  $identifier['Identifier']['org_identity_id']);
@@ -314,9 +317,9 @@ function isAuthorized() {
 
     // View an existing Identifier?
     $p['view'] = ($roles['cmadmin']
-                  || $self
                   || $roles['coadmin']
-                  || ($managed && $roles['couadmin']));
+                  || $self
+                  || $managed );
 
     $this->set('permissions', $p);
     return $p[$this->action];

diff --git a/app/View/Elements/menuMain.ctp b/app/View/Elements/menuMain.ctp
@@ -71,17 +71,19 @@
         // print parent cou if any
         if(!empty($permissions['menu']['admincous_root'])) {
           foreach ($permissions['menu']['admincous_root'] as $couid => $couname) {
-            print '<li class="mdl-js-ripple-effect">';
-            $args = array();
-            $args['plugin'] = null;
-            $args['controller'] = 'co_people';
-            $args['action'] = 'index';
-            $args['co'] = $menuCoId;
-            $args['Search.couid'] = $couid;
+            if(!isset($permissions['menu']['admincous'][$couid])) {
+              print '<li class="mdl-js-ripple-effect">';
+              $args = array();
+              $args['plugin'] = null;
+              $args['controller'] = 'co_people';
+              $args['action'] = 'index';
+              $args['co'] = $menuCoId;
+              $args['Search.couid'] = $couid;
 
-            print $this->Html->link(_txt('me.population.cou', array($couname)), $args, array('class' => 'spin'));
-            print '<span class="mdl-ripple"></span>';
-            print "</li>";
+              print $this->Html->link(_txt('me.population.cou', array($couname)), $args, array('class' => 'spin'));
+              print '<span class="mdl-ripple"></span>';
+              print "</li>";
+            }
           }
         }
         foreach ($permissions['menu']['admincous'] as $couid => $couname) {