PAS-554 | Fix Access Denied creating application in different session

[jonashendrickx]

Ticket

• Closes PAS-554

Description

When an admin signs in, all the applications belonging to the organization are added to the claims/token. When an application is added in a different session, you will get an access denied message in your old session, because it doesn't know the application was created for your organization.

Under very particular circumstances, where all the stars would have to align (never happens), you could theoretically access an application of a different organization. Although the impact would be fairly small as that application would have to be newly created by the new organization, and deleted by the old one in quick succession.

Shape

Screenshots

Checklist

I did the following to ensure that my changes were tested thoroughly:

• __

I did the following to ensure that my changes do not introduce security vulnerabilities:

• __

[codecov]

Codecov Report

Attention: Patch coverage is 0% with 11 lines in your changes missing coverage. Please review.

Project coverage is 34.85%. Comparing base (4d4b6cb) to head (5d1c104).
Report is 2 commits behind head on main.

Files	Patch %	Lines
src/AdminConsole/Authorization/HasAppHandler.cs	0.00%	10 Missing ⚠️
...nsole/Services/CustomUserClaimsPrincipalFactory.cs	0.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #672      +/-   ##
==========================================
- Coverage   34.85%   34.85%   -0.01%     
==========================================
  Files         565      565              
  Lines       30944    30945       +1     
  Branches      924      923       -1     
==========================================
  Hits        10785    10785              
- Misses      20017    20018       +1     
  Partials      142      142              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.