I'm trying to protect administrators from accidentally deleting each other in CakePHP 2.4 by checking the group_id. I tried using the following delete method, but it deletes the user anyway and doesn't redirect. How do I return the group_id of the user and then redirect and display an appropriate flash saying "Administrators cannot be deleted"?
public function delete($id = null) {
if (!$this->request->is('post')) {
throw new MethodNotAllowedException();
}
$this->User->id = $id;
if (!$this->User->exists()) {
throw new NotFoundException(__('Invalid user'));
}
if ($user['User']['group_id'] == 1) { //Check user group
$this->Session->setFlash(__('Administrators can not be deleted'), 'flash/error');
$this->redirect(array('action' => 'index'));
}
if (!$this->User->delete()) {
$this->Session->setFlash(__('User could not be deleted'), 'flash/error');
$this->redirect(array('action' => 'index'));
}
if ($this->User->delete()) {
$this->Session->setFlash(__('User deleted'), 'flash/success');
$this->redirect(array('action' => 'index'));
}}