From 05942afd616710893ed8dd577a288e7ca86d95e2 Mon Sep 17 00:00:00 2001
From: Craig Williams <craig@avsdev.uk>
Date: Tue, 8 Mar 2022 16:52:51 +0000
Subject: [PATCH] Fixed permission for editing name of organisation

---
 src/Controller/OrganisationController.php | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/Controller/OrganisationController.php b/src/Controller/OrganisationController.php
index c1e087b..a37305b 100644
--- a/src/Controller/OrganisationController.php
+++ b/src/Controller/OrganisationController.php
@@ -222,6 +222,11 @@ class OrganisationController extends SimpleController
         $transformer = new RequestDataTransformer($schema);
         $data = $transformer->transform($params);
 
+        $nameSet = isset($data['name']);
+        if (!$nameSet) {
+            $data['name'] = $organisation->name;
+        }
+
         $error = false;
 
         // Validate request data
@@ -234,7 +239,9 @@ class OrganisationController extends SimpleController
         // Determine targeted fields
         $fieldNames = [];
         foreach ($data as $name => $value) {
-            $fieldNames[] = $name;
+            if ($name == 'name' && $nameSet) {
+                $fieldNames[] = $name;
+            }
         }
 
         // Access-controlled resource - check that currentUser has permission to edit submitted fields for this organisation