[TRELLO-2887] Fix albert routes rights (admins/agents are allowed)

betagouv · Jan 29, 2025 · ae407a3 · ae407a3
1 parent c64a423
commit ae407a3
Showing 1 changed file with 27 additions and 25 deletions.
diff --git a/app/controllers/AdminController.scala b/app/controllers/AdminController.scala
@@ -315,32 +315,34 @@ class AdminController(
       } yield Created(Json.toJson(blackListedIp))
     }
 
-  def classifyAndSummarize(reportId: UUID) = SecuredAction.andThen(WithRole(UserRole.SuperAdmin)).async { _ =>
-    for {
-      maybeReport          <- reportRepository.get(reportId)
-      report               <- maybeReport.liftTo[Future](AppError.ReportNotFound(reportId))
-      albertClassification <- albertService.classifyReport(report)
-      albertCodeConsoRes   <- albertService.qualifyReportBasedOnCodeConso(report)
-      maybeClassification = albertClassification.map(classificationJsonStr =>
-        AlbertClassification
-          .fromAlbertApi(
-            reportId,
-            Json.parse(classificationJsonStr),
-            albertCodeConsoRes.map(Json.parse)
-          )
-      )
-      _ <- maybeClassification match {
-        case Some(albert) => albertClassificationRepository.createOrUpdate(albert)
-        case None         => Future.unit
-      }
-    } yield NoContent
-  }
+  def classifyAndSummarize(reportId: UUID) =
+    SecuredAction.andThen(WithRole(UserRole.AdminsAndReadOnlyAndAgents)).async { _ =>
+      for {
+        maybeReport          <- reportRepository.get(reportId)
+        report               <- maybeReport.liftTo[Future](AppError.ReportNotFound(reportId))
+        albertClassification <- albertService.classifyReport(report)
+        albertCodeConsoRes   <- albertService.qualifyReportBasedOnCodeConso(report)
+        maybeClassification = albertClassification.map(classificationJsonStr =>
+          AlbertClassification
+            .fromAlbertApi(
+              reportId,
+              Json.parse(classificationJsonStr),
+              albertCodeConsoRes.map(Json.parse)
+            )
+        )
+        _ <- maybeClassification match {
+          case Some(albert) => albertClassificationRepository.createOrUpdate(albert)
+          case None         => Future.unit
+        }
+      } yield NoContent
+    }
 
-  def getAlbertClassification(reportId: UUID) = SecuredAction.andThen(WithRole(UserRole.SuperAdmin)).async { _ =>
-    albertClassificationRepository
-      .getByReportId(reportId)
-      .map(maybeClassification => Ok(Json.toJson(maybeClassification)))
-  }
+  def getAlbertClassification(reportId: UUID) =
+    SecuredAction.andThen(WithRole(UserRole.AdminsAndReadOnlyAndAgents)).async { _ =>
+      albertClassificationRepository
+        .getByReportId(reportId)
+        .map(maybeClassification => Ok(Json.toJson(maybeClassification)))
+    }
 
   def regenSampleData() = SecuredAction.andThen(WithRole(UserRole.SuperAdmin)).async { _ =>
     if (taskConfiguration.sampleData.active) {