import club.wpia.gigi.dbObjects.User;
import club.wpia.gigi.localisation.Language;
import club.wpia.gigi.output.template.Form;
+import club.wpia.gigi.output.template.Form.CSRFException;
import club.wpia.gigi.output.template.IterableDataset;
import club.wpia.gigi.output.template.Template;
-import club.wpia.gigi.output.template.Form.CSRFException;
import club.wpia.gigi.pages.LoginPage;
import club.wpia.gigi.pages.ManagedMultiFormPage;
+import club.wpia.gigi.pages.Page;
import club.wpia.gigi.pages.account.domain.DomainManagementForm;
import club.wpia.gigi.util.AuthorizationContext;
@Override
public boolean isPermitted(AuthorizationContext ac) {
- return ac != null && (ac.isInGroup(CreateOrgPage.ORG_ASSURER) || ac.getActor().getOrganisations(true).size() != 0);
+ return ac != null && ((ac.isInGroup(CreateOrgPage.ORG_AGENT) && ac.getActor().hasValidOrgAgentChallenge()) || (ac.getActor().getOrganisations(true).size() != 0) && ac.getActor().hasValidOrgAdminChallenge()) && ac.isStronglyAuthenticated();
}
@Override
if (req.getParameter("do_affiliate") != null || req.getParameter("del") != null) {
return Form.getForm(req, AffiliationForm.class);
} else {
- if ( !getUser(req).isInGroup(CreateOrgPage.ORG_ASSURER)) {
+ if ( !getUser(req).isInGroup(CreateOrgPage.ORG_AGENT)) {
return null;
}
final Organisation[] orgList = Organisation.getOrganisations(0, 30);
HashMap<String, Object> map = new HashMap<>();
final List<Organisation> myOrgs = u.getOrganisations(true);
- final boolean orgAss = u.isInGroup(CreateOrgPage.ORG_ASSURER);
+ final boolean orgAss = u.isInGroup(CreateOrgPage.ORG_AGENT);
if (orgAss) {
map.put("orgas", makeOrgDataset(orgList));
} else {
return;
}
final List<Organisation> myOrgs = u.getOrganisations();
- final boolean orgAss = u.isInGroup(CreateOrgPage.ORG_ASSURER);
+ final boolean orgAss = u.isInGroup(CreateOrgPage.ORG_AGENT);
if ( !orgAss && !myOrgs.contains(o)) {
resp.sendError(404);
return;
}
- HashMap<String, Object> vars = new HashMap<>();
- if (orgAss) {
+ Map<String, Object> vars = Page.getDefaultVars(req);
+ if (orgAss && !myOrgs.contains(o)) {
vars.put("editForm", new CreateOrgForm(req, o));
vars.put("affForm", new AffiliationForm(req, o));
vars.put("mgmDom", new DomainManagementForm(req, o, true));