@Override
public boolean isPermitted(AuthorizationContext ac) {
- return ac != null && (ac.isInGroup(CreateOrgPage.ORG_AGENT) || ac.getActor().getOrganisations(true).size() != 0);
+ return ac != null && ((ac.isInGroup(CreateOrgPage.ORG_AGENT) && ac.getActor().hasValidOrgAgentChallenge()) || ac.getActor().getOrganisations(true).size() != 0) && ac.isStronglyAuthenticated();
}
@Override
return;
}
Map<String, Object> vars = Page.getDefaultVars(req);
- if (orgAss) {
+ if (orgAss && !myOrgs.contains(o)) {
vars.put("editForm", new CreateOrgForm(req, o));
vars.put("affForm", new AffiliationForm(req, o));
vars.put("mgmDom", new DomainManagementForm(req, o, true));