Skip to content

Commit c0e890f

Browse files
adminadmin
authored andcommitted
fix: 1265 page historique renouvellement agrement (fix tests)
1 parent ef56a7f commit c0e890f

File tree

2 files changed

+8
-2
lines changed

2 files changed

+8
-2
lines changed

packages/backend/src/middlewares/checkPermissionOrganisme.ts

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,13 @@ async function checkPermissionOrganisme(
3434
WHERE u.id = $1
3535
`;
3636
const { rows } = await getPool().query(query, [userId]);
37-
if (!rows || rows.length !== 1 || rows[0].org_id.toString() !== organismeId) {
37+
if (
38+
!rows ||
39+
rows.length === 0 ||
40+
!rows
41+
.map((r: { org_id: number | string }) => r.org_id.toString())
42+
.includes(organismeId.toString())
43+
) {
3844
return next(
3945
new AppError("Utilisateur non autorisé à accéder à l'organisme", {
4046
statusCode: 403,

packages/backend/src/usagers/agrements/agrements.route.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ router.post(
2121
"/",
2222
checkJWT,
2323
requestValidatorMiddleware(AgrementUsagersRoutesSchema["PostAgrement"]),
24-
checkPermissionAgrement,
24+
checkPermissionOrganisme,
2525
AgrementController.post,
2626
);
2727

0 commit comments

Comments
 (0)