gestion droit d'access

src/Controller/UserController.php

@@ -57,15 +57,6 @@ class UserController extends AbstractController
             //Log action
             $this->actionService->createAction("View all users", $user, null, "All");
 
-        } elseif ($this->isGranted('ROLE_ADMIN')) {
-            $orgIds = $this->userService->getAdminOrganizationsIds($user);
-            if (empty($orgIds)) {
-                $usersByOrganization = [];
-            } else {
-                $uo = $this->entityManager->getRepository(UsersOrganizations::class)->findUsersWithOrganization($orgIds);
-                $usersByOrganization = $this->userService->groupByOrganization($uo);
-                $this->actionService->createAction("View all users for organizations", $user, null, implode(", ", $orgIds));
-            }
         } else {
             $usersByOrganization = [];
         }
@@ -433,11 +424,15 @@ class UserController extends AbstractController
     #[Route(path: '/indexTest', name: 'indexTest', methods: ['GET'])]
     public function indexTest(): Response
     {
+        $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier());
+        if ($this->userService->hasAccessTo($actingUser, true) && $this->isGranted("ROLE_ADMIN")) {
             $totalUsers = $this->entityManager->getRepository(User::class)->count(['isDeleted' => false, 'isActive' => true]);
             return $this->render('user/indexTest.html.twig', [
                 'users' => $totalUsers
             ]);
         }
+        throw $this->createAccessDeniedException(self::ACCESS_DENIED);
+    }
 
     /*
      * AJAX endpoint for new users listing