From 617222ae2afb4d4f18141f07f32d08021b3bcd1d Mon Sep 17 00:00:00 2001
From: Alex Tselegidis <alextselegidis@gmail.com>
Date: Wed, 23 Feb 2022 12:00:39 +0100
Subject: [PATCH] Provider and secretary users can only add unavailabilities
 for their authorized users (#1214)

---
 application/controllers/Backend.php                    | 10 ++++++++++
 .../js/backend_calendar_unavailability_events_modal.js |  4 +---
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/application/controllers/Backend.php b/application/controllers/Backend.php
index 7144fe5c..b2aeaf0f 100755
--- a/application/controllers/Backend.php
+++ b/application/controllers/Backend.php
@@ -85,12 +85,22 @@ class Backend extends EA_Controller {
         {
             $secretary = $this->secretaries_model->get_row($this->session->userdata('user_id'));
             $view['secretary_providers'] = $secretary['providers'];
+            $view['available_providers'] = array_values(array_filter($view['available_providers'], function ($available_provider) use ($secretary) {
+                return in_array($available_provider['id'], $secretary['providers']);
+            }));
         }
         else
         {
             $view['secretary_providers'] = [];
         }
 
+        if ($this->session->userdata('role_slug') === DB_SLUG_PROVIDER)
+        {
+            $view['available_providers'] = array_values(array_filter($view['available_providers'], function ($available_provider) use ($user_id) {
+                return $available_provider['id'] === $user_id;
+            }));
+        }
+
         $results = $this->appointments_model->get_batch(['hash' => $appointment_hash]);
 
         if ($appointment_hash !== '' && count($results) > 0)
diff --git a/assets/js/backend_calendar_unavailability_events_modal.js b/assets/js/backend_calendar_unavailability_events_modal.js
index 7e1d84d0..e9bac476 100755
--- a/assets/js/backend_calendar_unavailability_events_modal.js
+++ b/assets/js/backend_calendar_unavailability_events_modal.js
@@ -110,9 +110,7 @@ window.BackendCalendarUnavailabilityEventsModal = window.BackendCalendarUnavaila
 
             if ($('.calendar-view').length === 0) {
                 $dialog.find('#unavailable-provider')
-                    .val($('#select-filter-item').val())
-                    .closest('.form-group')
-                    .hide();
+                    .val($('#select-filter-item').val());
             }
 
             $dialog.find('#unavailable-start').val(GeneralFunctions.formatDate(start, GlobalVariables.dateFormat, true));