diff --git a/src/components/layout/SideNav/hooks/useGetSideNavItems.ts b/src/components/layout/SideNav/hooks/useGetSideNavItems.ts index c81e498f0..e8df1a42f 100644 --- a/src/components/layout/SideNav/hooks/useGetSideNavItems.ts +++ b/src/components/layout/SideNav/hooks/useGetSideNavItems.ts @@ -4,7 +4,8 @@ import type { RouteKey } from '@/router' import { routes } from '@/router' import { AuthHooks } from '@/api/auth' import { TenantHooks } from '@/api/tenant' -import { isTenantCertifier } from '@/utils/tenant.utils' +import { isTenantCertifier, isTenantPA } from '@/utils/tenant.utils' +import { STAGE } from '@/config/env' const views = [ { @@ -42,8 +43,7 @@ export function useGetSideNavItems() { const { data: tenant } = TenantHooks.useGetActiveUserParty() const isCertifier = isTenantCertifier(tenant) - - const isPA = jwt?.externalId?.origin === 'IPA' + const isPA = Boolean(jwt && isTenantPA(jwt)) return React.useMemo(() => { /** @@ -54,10 +54,13 @@ export function useGetSideNavItems() { */ const isAuthorizedToRoute = (routeKey: RouteKey) => { if (!isSupport && !isOrganizationAllowedToProduce && routeKey === 'PROVIDE') return false - if (!isCertifier && routeKey === 'TENANT_CERTIFIER') return false - - if (!isPA && routeKey === 'DELEGATIONS') return false + if (!isPA && routeKey === 'DELEGATIONS') { + // In ATT, the delegations routes are available to all organizations + if (STAGE !== 'ATT') { + return false + } + } const authLevels = routes[routeKey].authLevels return authLevels.some((authLevel) => currentRoles.includes(authLevel)) @@ -80,5 +83,5 @@ export function useGetSideNavItems() { return [...acc, view] }, []) - }, [currentRoles, isOrganizationAllowedToProduce, isSupport, isCertifier]) + }, [currentRoles, isOrganizationAllowedToProduce, isSupport, isCertifier, isPA]) } diff --git a/src/router/components/RoutesWrapper/AuthGuard.tsx b/src/router/components/RoutesWrapper/AuthGuard.tsx index 827633631..83f73baba 100644 --- a/src/router/components/RoutesWrapper/AuthGuard.tsx +++ b/src/router/components/RoutesWrapper/AuthGuard.tsx @@ -1,10 +1,11 @@ import { AuthQueries } from '@/api/auth' import { TenantHooks } from '@/api/tenant' +import { STAGE } from '@/config/env' import type { RouteKey } from '@/router' import { useAuthGuard, useCurrentRoute } from '@/router' import type { JwtUser, UserProductRole } from '@/types/party.types' import { ForbiddenError } from '@/utils/errors.utils' -import { isTenantCertifier } from '@/utils/tenant.utils' +import { isTenantCertifier, isTenantPA } from '@/utils/tenant.utils' import { useQuery } from '@tanstack/react-query' import React from 'react' @@ -61,8 +62,11 @@ export const AuthGuard: React.FC = ({ } function isUserAllowedToAccessDelegationsRoutes() { + // In ATT, the delegations routes are available to all organizations + if (STAGE === 'ATT') return true + // The IsUserAllowedToAccessDelegationsRoutes method checks if the organization is a PA. Only a PA can access the delegations routes - const isPA = jwt?.externalId?.origin === 'IPA' + const isPA = Boolean(jwt && isTenantPA(jwt)) const delegationsRoutes: Array = [ 'DELEGATIONS', 'DELEGATION_DETAILS', diff --git a/src/utils/tenant.utils.ts b/src/utils/tenant.utils.ts index 8e25ee0c1..16c958220 100644 --- a/src/utils/tenant.utils.ts +++ b/src/utils/tenant.utils.ts @@ -1,4 +1,5 @@ -import { Tenant, TenantFeature } from '@/api/api.generatedTypes' +import type { ExternalId, Tenant } from '@/api/api.generatedTypes' +import { type TenantFeature } from '@/api/api.generatedTypes' export function isTenantCertifier(tenant: Tenant) { return tenant.features.some((feature) => 'certifier' in feature && feature.certifier?.certifierId) @@ -10,3 +11,7 @@ export function hasTenantGivenProducerDelegationAvailability(tenant: Tenant) { Boolean('delegatedProducer' in feature && feature.delegatedProducer?.availabilityTimestamp) )?.delegatedProducer?.availabilityTimestamp } + +export function isTenantPA(tenant: { externalId?: ExternalId }) { + return tenant.externalId?.origin === 'IPA' +}