add control on back_signalement_visite_deleterapport #2645

MTES-MCT · Jun 11, 2024 · 82d237c · 82d237c
1 parent 7dc41bc
commit 82d237c
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/src/Controller/Back/SignalementVisitesController.php b/src/Controller/Back/SignalementVisitesController.php
@@ -341,6 +341,7 @@ public function deleteRapportVisiteFromSignalement(
         EntityManagerInterface $entityManager,
         UploadHandlerService $uploadHandlerService,
     ): Response {
+        $this->denyAccessUnlessGranted('INTERVENTION_EDIT_VISITE', $intervention);
         if (!$this->isCsrfTokenValid('delete_rapport', $request->get('_token')) || $intervention->getSignalement()->getId() !== $signalement->getId() || $intervention->getFiles()->isEmpty()) {
             return $this->redirectToRoute('back_signalement_view', ['uuid' => $signalement->getUuid()]);
         }