Added capability for organisation administrators to accept/reject join requests, remove members, edit their details and reset their passwords

src/ServicesProvider/ServicesProvider.php

@@ -18,6 +18,7 @@ use Psr\Http\Message\ResponseInterface as Response;
 use Psr\Http\Message\ServerRequestInterface as Request;
 use UserFrosting\Sprinkle\Core\Log\MixedFormatter;
 use UserFrosting\Sprinkle\Organisations\Database\Models\Interfaces\OrganisationInterface;
+use UserFrosting\Sprinkle\Organisations\Database\Models\User;
 use UserFrosting\Sprinkle\Organisations\Twig\OrganisationsExtension;
 use UserFrosting\Sprinkle\Organisations\Repository\OrganisationApprovalRepository;
 use UserFrosting\Sprinkle\Organisations\Repository\OrganisationMembershipApprovalRepository;
@@ -96,6 +97,26 @@ class ServicesProvider
                     ->count() > 0;
             });
 
+            /*
+             * Check if $admin_id can modify $user_id via any of their joint organisations
+             *
+             * @param  int  $admin_id      the id of the admin user (normally currentUser->id).
+             * @param  int  $user_id       the id of the target user.
+             * @return bool true if $admin_id is an administrator of an organisation with $user_id in.
+             */
+            $new_authorizer->addCallback('can_admin_via_orgs', function ($admin_id, $user_id) {
+                $admin = User::findInt($admin_id);
+                $user = User::findInt($user_id);
+
+                foreach($admin->adminForOrganisations()->get() as $org) {
+                    if ($org->members(true)->where('user_id', $user_id)->count() > 0) {
+                        return true;
+                    }
+                }
+
+                return false;
+            });
+
             return $new_authorizer;
         });