diff --git a/locale/en_US/messages.php b/locale/en_US/messages.php
index ec404cd..bf323c2 100644
--- a/locale/en_US/messages.php
+++ b/locale/en_US/messages.php
@@ -51,7 +51,7 @@ return [
'DELETE_YES' => 'Yes, delete organisation',
'DELETION_SUCCESSFUL' => 'Successfully deleted organisation {{name}}',
- 'MEMBER_COUNT' => '# Members (excl admins)',
+ 'MEMBER_COUNT' => '# Members',
'ADMIN_COUNT' => '# Admins',
'SELF' => [
diff --git a/src/Database/Seeds/OrganisationPermissions.php b/src/Database/Seeds/OrganisationPermissions.php
index e1d8366..2daa0f6 100644
--- a/src/Database/Seeds/OrganisationPermissions.php
+++ b/src/Database/Seeds/OrganisationPermissions.php
@@ -127,12 +127,6 @@ class OrganisationPermissions extends BaseSeed
]),
- // 'view_organisation_members_field' => new Permission([
- // 'slug' => 'view_organisation_field',
- // 'name' => 'View organisation members field',
- // 'conditions' => "in(property,['members'])",
- // 'description' => 'View members field of any organisation.',
- // ]),
'view_organisation_members' => new Permission([
'slug' => 'view_organisation_field',
'name' => 'View organisation members',
@@ -200,12 +194,12 @@ class OrganisationPermissions extends BaseSeed
]),
- // 'uri_user_in_organisation' => new Permission([
- // 'slug' => 'uri_user',
- // 'name' => 'View user',
- // 'conditions' => "has_matching_organisation(self.id,user.id,true) && !is_master(user.id) && !has_role(user.id,{$roleIds['site-admin']}) && (!has_role(user.id,{$roleIds['organisations-admin']}) || equals_num(self.id,user.id))",
- // 'description' => 'View the user page of any user in your group, except the master user and Site and (global) Organisation Administrators (except yourself).',
- // ]),
+ 'uri_user_in_organisation' => new Permission([
+ 'slug' => 'uri_user',
+ 'name' => 'View user',
+ 'conditions' => "(has_role(self.id,{$roleIds['organisations-admin']}) || has_matching_organisation(self.id,user.id,1)) && !is_master(user.id) && !has_role(user.id,{$roleIds['site-admin']}) && (!has_role(user.id,{$roleIds['organisations-admin']}) || equals_num(self.id,user.id))",
+ 'description' => 'View the user page of any user in your group, except the master user and Site and (global) Organisation Administrators (except yourself).',
+ ]),
'view_user_field' => new Permission([
'slug' => 'view_user_field',
'name' => 'View user',
@@ -232,18 +226,25 @@ class OrganisationPermissions extends BaseSeed
'description' => 'Edit organisations for users in your own group who are not Site or Group Administrators, except yourself.',
]),
- 'view_user_field_organisation' => new Permission([
+ 'view_user_field_organisation_audit' => new Permission([
'slug' => 'view_user_field',
'name' => 'View user',
- 'conditions' => "has_matching_organisation(self.id,user.id) && !is_master(user.id) && !has_role(user.id,{$roleIds['site-admin']}) && (!has_role(user.id,{$roleIds['organisations-admin']}) || equals_num(self.id,user.id)) && in(property,['user_name','name','email','locale','roles','group','activities','organisations'])",
+ 'conditions' => "has_role(self.id,{$roleIds['organisations-admin']}) && !is_master(user.id) && !has_role(user.id,{$roleIds['site-admin']}) && (!has_role(user.id,{$roleIds['organisations-admin']}) || equals_num(self.id,user.id)) && in(property,['activities'])",
'description' => 'View certain properties of any user in your own organisation, except the master user and Site and (global) Organisation Administrators (except yourself).',
]),
'update_user_field_organisation' => new Permission([
'slug' => 'update_user_field',
'name' => 'Edit organisation user',
- 'conditions' => "has_matching_organisation(self.id,user.id,1) && !is_master(user.id) && !has_role(user.id,{$roleIds['site-admin']}) && (!has_role(user.id,{$roleIds['organisations-admin']}) || equals_num(self.id,user.id)) && subset(fields,['name','email','locale','flag_enabled','flag_verified','password'])",
+ 'conditions' => "(has_role(self.id,{$roleIds['organisations-admin']}) || has_matching_organisation(self.id,user.id,1)) && !is_master(user.id) && !has_role(user.id,{$roleIds['site-admin']}) && (!has_role(user.id,{$roleIds['organisations-admin']}) || equals_num(self.id,user.id)) && subset(fields,['name','email','locale','flag_enabled','flag_verified','password'])",
'description' => 'Edit users in your own organisation who are not Site or (global) Organisation Administrators, except yourself.',
]),
+
+ 'view_user_field_organisation' => new Permission([
+ 'slug' => 'view_user_field',
+ 'name' => 'View user',
+ 'conditions' => "has_matching_organisation(self.id,user.id) && !is_master(user.id) && !has_role(user.id,{$roleIds['site-admin']}) && (!has_role(user.id,{$roleIds['organisations-admin']}) || equals_num(self.id,user.id)) && in(property,['user_name','name','email','locale','roles','group','organisations'])",
+ 'description' => 'View certain properties of any user in your own organisation, except the master user and Site and (global) Organisation Administrators (except yourself).',
+ ]),
];
}
@@ -328,13 +329,15 @@ class OrganisationPermissions extends BaseSeed
$permissions['uri_organisation']->id,
$permissions['uri_organisations']->id,
+ $permissions['uri_user_in_organisation']->id,
$permissions['uri_deleted_organisations']->id,
$permissions['view_organisation_members']->id,
$permissions['promote_organisation_member']->id,
- #$permissions['view_user_field']->id,
- #$permissions['update_user_field']->id,
+ $permissions['view_user_field_organisation_audit']->id,
+ $permissions['view_user_field_organisation']->id,
+ $permissions['update_user_field_organisation']->id,
]);
}
@@ -352,6 +355,7 @@ class OrganisationPermissions extends BaseSeed
$permissions['uri_organisation_own']->id,
$permissions['uri_organisations']->id,
+ $permissions['uri_user_in_organisation']->id,
$permissions['view_user_field_organisation']->id,
$permissions['update_user_field_organisation']->id,
diff --git a/templates/pages/user.html.twig b/templates/pages/user.html.twig
index 4588801..7307b33 100644
--- a/templates/pages/user.html.twig
+++ b/templates/pages/user.html.twig
@@ -168,6 +168,7 @@
{% endblock %}
+ {% if checkAccess('view_user_field', { 'user': user, 'property': 'activities' }) %}
{% if 'activities' not in widgets.hidden %}
{% block activity_box %}
@@ -188,6 +189,7 @@
{% endblock %}
{% endif %}
+ {% endif %}
{% if 'permissions' not in widgets.hidden %}