handle user without groups case

betagouv · Feb 10, 2025 · c597369 · c597369
1 parent 5b07ceb
commit c597369
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 4 deletions.
diff --git a/app/controllers/ApplicationController.scala b/app/controllers/ApplicationController.scala
@@ -149,7 +149,8 @@ case class ApplicationController @Inject() (
       rights: Authorization.UserRights,
       currentUserGroups: List[UserGroup]
   ): Future[(List[UserGroup], List[User], List[User])] = {
-    val hasFranceServicesAccess = currentUserGroups.exists(_.isInFranceServicesNetwork)
+    val hasFranceServicesAccess =
+      Authorization.hasAccessToFranceServicesNetwork(currentUserGroups)(rights)
     val groupsOfAreaFuture =
       userGroupService.byArea(areaId, excludeFranceServicesNetwork = !hasFranceServicesAccess)
     groupsOfAreaFuture.map { groupsOfArea =>
@@ -377,7 +378,8 @@ case class ApplicationController @Inject() (
                       infoName.trim -> infoValue.trim
                   }
 
-                val isInFranceServicesNetwork = creatorGroup.exists(_.isInFranceServicesNetwork)
+                val isInFranceServicesNetwork = Authorization
+                  .hasAccessToFranceServicesNetwork(creatorGroup.toList)(request.rights)
                 val application = Application(
                   applicationId,
                   Time.nowParis(),

diff --git a/app/models/Authorization.scala b/app/models/Authorization.scala
@@ -208,6 +208,9 @@ object Authorization {
   def canSeeStats: Check =
     atLeastOneIsAuthorized(isAdmin, isAreaManager, isManager, isObserver)
 
+  def hasAccessToFranceServicesNetwork(userGroups: List[UserGroup]): Check =
+    _ => userGroups.isEmpty || userGroups.exists(_.isInFranceServicesNetwork)
+
   //
   // Authorizations concerning User/UserGroup
   //

diff --git a/app/views/application.scala b/app/views/application.scala
@@ -549,7 +549,10 @@ object application {
         readonly := true,
         value := selectedArea.id.toString
       ),
-      if (currentUser.admin || userGroups.exists(group => group.isInFranceServicesNetwork)) {
+      if (
+        currentUser.admin || Authorization
+          .hasAccessToFranceServicesNetwork(userGroups)(currentUserRights)
+      ) {
         div(
           "Territoire concerné : ",
           views.helpers

diff --git a/app/views/createApplication.scala.html b/app/views/createApplication.scala.html
@@ -32,7 +32,7 @@ <h4 class="mdl-cell mdl-cell--8-col mdl-cell--12-col-phone">Nouvelle demande</h4
                 Les champs marqués d’un <span class="mdl-color-text--red-500">*</span> sont obligatoires
             </div>
 
-            @if(userGroups.exists(group => group.isInFranceServicesNetwork)) {
+            @if(Authorization.hasAccessToFranceServicesNetwork(userGroups)(currentUserRights)) {
             @if(mainInfos.config.featureCanSendApplicationsAnywhere) {
               <h5 class="title--addline">Territoire concerné</h5>
               <div>