pagopa · Carminepo2 · Dec 17, 2024
@@ -4,7 +4,8 @@ import type { RouteKey } from '@/router'
 import { routes } from '@/router'
 import { AuthHooks } from '@/api/auth'
 import { TenantHooks } from '@/api/tenant'
-import { isTenantCertifier } from '@/utils/tenant.utils'
+import { isTenantCertifier, isTenantPA } from '@/utils/tenant.utils'
+import { STAGE } from '@/config/env'
 
 const views = [
   {
@@ -42,8 +43,7 @@ export function useGetSideNavItems() {
   const { data: tenant } = TenantHooks.useGetActiveUserParty()
 
   const isCertifier = isTenantCertifier(tenant)
-
-  const isPA = jwt?.externalId?.origin === 'IPA'
+  const isPA = Boolean(jwt && isTenantPA(jwt))
 
   return React.useMemo(() => {
     /**
@@ -54,10 +54,13 @@ export function useGetSideNavItems() {
      */
     const isAuthorizedToRoute = (routeKey: RouteKey) => {
       if (!isSupport && !isOrganizationAllowedToProduce && routeKey === 'PROVIDE') return false
-
       if (!isCertifier && routeKey === 'TENANT_CERTIFIER') return false
-
-      if (!isPA && routeKey === 'DELEGATIONS') return false
+      if (!isPA && routeKey === 'DELEGATIONS') {
+        // In ATT, the delegations routes are available to all organizations
+        if (STAGE !== 'ATT') {
+          return false
+        }
+      }
 
       const authLevels = routes[routeKey].authLevels
       return authLevels.some((authLevel) => currentRoles.includes(authLevel))
@@ -80,5 +83,5 @@ export function useGetSideNavItems() {
 
       return [...acc, view]
     }, [])
-  }, [currentRoles, isOrganizationAllowedToProduce, isSupport, isCertifier])
+  }, [currentRoles, isOrganizationAllowedToProduce, isSupport, isCertifier, isPA])
 }
@@ -1,10 +1,11 @@
 import { AuthQueries } from '@/api/auth'
 import { TenantHooks } from '@/api/tenant'
+import { STAGE } from '@/config/env'
 import type { RouteKey } from '@/router'
 import { useAuthGuard, useCurrentRoute } from '@/router'
 import type { JwtUser, UserProductRole } from '@/types/party.types'
 import { ForbiddenError } from '@/utils/errors.utils'
-import { isTenantCertifier } from '@/utils/tenant.utils'
+import { isTenantCertifier, isTenantPA } from '@/utils/tenant.utils'
 import { useQuery } from '@tanstack/react-query'
 import React from 'react'
 
@@ -61,8 +62,11 @@ export const AuthGuard: React.FC<AuthGuardProps> = ({
   }
 
   function isUserAllowedToAccessDelegationsRoutes() {
+    // In ATT, the delegations routes are available to all organizations
+    if (STAGE === 'ATT') return true
+
     // The IsUserAllowedToAccessDelegationsRoutes method checks if the organization is a PA. Only a PA can access the delegations routes
-    const isPA = jwt?.externalId?.origin === 'IPA'
+    const isPA = Boolean(jwt && isTenantPA(jwt))
     const delegationsRoutes: Array<RouteKey> = [
       'DELEGATIONS',
       'DELEGATION_DETAILS',

@@ -1,4 +1,5 @@
-import { Tenant, TenantFeature } from '@/api/api.generatedTypes'
+import type { ExternalId, Tenant } from '@/api/api.generatedTypes'
+import { type TenantFeature } from '@/api/api.generatedTypes'
 
 export function isTenantCertifier(tenant: Tenant) {
   return tenant.features.some((feature) => 'certifier' in feature && feature.certifier?.certifierId)
@@ -10,3 +11,7 @@ export function hasTenantGivenProducerDelegationAvailability(tenant: Tenant) {
       Boolean('delegatedProducer' in feature && feature.delegatedProducer?.availabilityTimestamp)
   )?.delegatedProducer?.availabilityTimestamp
 }
+
+export function isTenantPA(tenant: { externalId?: ExternalId }) {
+  return tenant.externalId?.origin === 'IPA'
+}