Security correction

src/Controller/OrganizationController.php

@@ -166,7 +166,7 @@ class OrganizationController extends AbstractController
         }
         $uos = $this->entityManager
             ->getRepository(UsersOrganizations::class)
-            ->findBy(['organization' => $organization, 'isActive' => true]);
+            ->findBy(['organization' => $organization]);
 
         $users = $this->userService->formatOrgUsers($uos);
 

templates/user/show.html.twig

@@ -11,11 +11,13 @@
                 <div>
                     {% if is_granted("ROLE_SUPER_ADMIN") %}
                         <a href="{{ path('user_delete', {'id': user.id}) }}" class="btn btn-danger">Supprimer</a>
-                    {% endif %}
-                    {% if user.active %}
-                    <a href="{{ path('user_deactivate', {'id': user.id}) }}" class="btn btn-danger">Désactiver</a>
-                    {% else %}
-                        <a href="{{ path('user_activate', {'id': user.id}) }}" class="btn btn-success">Activer</a>
+
+                        {% if user.active %}
+                            <a href="{{ path('user_deactivate', {'id': user.id}) }}"
+                               class="btn btn-danger">Désactiver</a>
+                        {% else %}
+                            <a href="{{ path('user_activate', {'id': user.id}) }}" class="btn btn-success">Activer</a>
+                        {% endif %}
                     {% endif %}
                 </div>