il y a 6 mois · 226e2f1fb1
--- a/src/ApiResources/Access/AdminAccess.php
+++ b/src/ApiResources/Access/AdminAccess.php
@@ -20,12 +20,13 @@ use Symfony\Component\Validator\Constraints as Assert;
 
				     operations: [
			
 
				         new Get(
			
 
				             uriTemplate: '/admin-access/{id}',
			
 
				-            defaults: ['id' => 0]
			
 
				+            defaults: ['id' => 0],
			
 
				+            security: 'object.getOrganizationId() == user.getOrganization().getId()'
			
 
				         ),
			
 
				         new Patch(
			
 
				             uriTemplate: '/admin-access/{id}',
			
 
				             defaults: ['id' => 0],
			
 
				-            security: '(is_granted("ROLE_ADMIN_CORE") and object.getOrganizationId() == user.getOrganization().getId() )'
			
 
				+            security: '(is_granted("ROLE_ORGANIZATION") and object.getOrganizationId() == user.getOrganization().getId() )'
			
 
				         ),
			
 
				     ],
			
 
				     provider: AdminAccessProvider::class,