X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Fclub%2Fwpia%2Fgigi%2Fpages%2Forga%2FViewOrgPage.java;h=a5119068a8bdd904a4c206f133b3de916d596307;hp=ec4fb365a634c56c06ae9afd7f4bcdd265036ba4;hb=13a45cb32dc366dfba718199e968f9b5c1d2001e;hpb=bccd4cc0dba0f89aa045b113bac46eb8cc1dab4e

diff --git a/src/club/wpia/gigi/pages/orga/ViewOrgPage.java b/src/club/wpia/gigi/pages/orga/ViewOrgPage.java
index ec4fb365..a5119068 100644
--- a/src/club/wpia/gigi/pages/orga/ViewOrgPage.java
+++ b/src/club/wpia/gigi/pages/orga/ViewOrgPage.java
@@ -13,11 +13,12 @@ import club.wpia.gigi.dbObjects.Organisation;
 import club.wpia.gigi.dbObjects.User;
 import club.wpia.gigi.localisation.Language;
 import club.wpia.gigi.output.template.Form;
+import club.wpia.gigi.output.template.Form.CSRFException;
 import club.wpia.gigi.output.template.IterableDataset;
 import club.wpia.gigi.output.template.Template;
-import club.wpia.gigi.output.template.Form.CSRFException;
 import club.wpia.gigi.pages.LoginPage;
 import club.wpia.gigi.pages.ManagedMultiFormPage;
+import club.wpia.gigi.pages.Page;
 import club.wpia.gigi.pages.account.domain.DomainManagementForm;
 import club.wpia.gigi.util.AuthorizationContext;
 
@@ -35,7 +36,7 @@ public class ViewOrgPage extends ManagedMultiFormPage {
 
     @Override
     public boolean isPermitted(AuthorizationContext ac) {
-        return ac != null && (ac.isInGroup(CreateOrgPage.ORG_ASSURER) || ac.getActor().getOrganisations(true).size() != 0);
+        return ac != null && ((ac.isInGroup(CreateOrgPage.ORG_AGENT) && ac.isStronglyAuthenticated()) || ac.getActor().getOrganisations(true).size() != 0);
     }
 
     @Override
@@ -43,7 +44,7 @@ public class ViewOrgPage extends ManagedMultiFormPage {
         if (req.getParameter("do_affiliate") != null || req.getParameter("del") != null) {
             return Form.getForm(req, AffiliationForm.class);
         } else {
-            if ( !getUser(req).isInGroup(CreateOrgPage.ORG_ASSURER)) {
+            if ( !getUser(req).isInGroup(CreateOrgPage.ORG_AGENT)) {
                 return null;
             }
 
@@ -67,7 +68,7 @@ public class ViewOrgPage extends ManagedMultiFormPage {
             final Organisation[] orgList = Organisation.getOrganisations(0, 30);
             HashMap<String, Object> map = new HashMap<>();
             final List<Organisation> myOrgs = u.getOrganisations(true);
-            final boolean orgAss = u.isInGroup(CreateOrgPage.ORG_ASSURER);
+            final boolean orgAss = u.isInGroup(CreateOrgPage.ORG_AGENT);
             if (orgAss) {
                 map.put("orgas", makeOrgDataset(orgList));
             } else {
@@ -86,13 +87,13 @@ public class ViewOrgPage extends ManagedMultiFormPage {
             return;
         }
         final List<Organisation> myOrgs = u.getOrganisations();
-        final boolean orgAss = u.isInGroup(CreateOrgPage.ORG_ASSURER);
+        final boolean orgAss = u.isInGroup(CreateOrgPage.ORG_AGENT);
         if ( !orgAss && !myOrgs.contains(o)) {
             resp.sendError(404);
             return;
         }
-        HashMap<String, Object> vars = new HashMap<>();
-        if (orgAss) {
+        Map<String, Object> vars = Page.getDefaultVars(req);
+        if (orgAss && !myOrgs.contains(o)) {
             vars.put("editForm", new CreateOrgForm(req, o));
             vars.put("affForm", new AffiliationForm(req, o));
             vars.put("mgmDom", new DomainManagementForm(req, o, true));