User Role able to Navigate beyond their designated location & domain

[joanmneney]

User role, e.g. Country Admin for Zimbabwe in the Zimbabwe Sub Domain, is able to add content for Bangladesh.

This issue affects the following sections:

• Manage Locations
• Manage Services
• Manage Referral Pathway
• Manage Locations > Click to change the country

App working perfectly for:

• Manage Users
• Manage Locations > Add Locations

https://www.loom.com/share/fa29a349bcac4df8a7e6624ca8e5fc4b

[mlncn]

Followup from #1342

[mlncn]

• Restricted services listed at /manage-service to the current domain.
• Restricted referral pathways at /referral-pathway-listing to the current domain but Referral Pathways (referral_path_way) are not themselves set to domains at all, only to country.

Meanwhile /manage-location is somehow a custom listing not a Drupal View. But if we filter it to the current country based on domain, we shouldn't even have a "Click to Change Country" link or?

As we work to clean this up, one question is to what extent country admins should not be able to basically go to a subdomain not of their country at all when not logged in, and how much what we really want is the correct country pre-selected on every listing or form (but it's possible to navigate to a different domain / change the default), and how much we have to absolutely prevent Zimbabwe Country Admin from posting Bangladesh content and vice versa.

[mlncn]

People should not be able to post or edit content in a country they are not associated with.

[mlncn]

There should not be a "Click to change country" link, instead "Click to change location"