Fetch OrganizationRoleClaims from DB when feature flag enabled

backend/src/main/java/gov/cdc/usds/simplereport/config/authorization/DemoAuthenticationConfiguration.java

@@ -1,10 +1,12 @@
 package gov.cdc.usds.simplereport.config.authorization;
 
 import gov.cdc.usds.simplereport.config.BeanProfiles;
+import gov.cdc.usds.simplereport.config.FeatureFlagsConfig;
 import gov.cdc.usds.simplereport.config.simplereport.DemoUserConfiguration;
 import gov.cdc.usds.simplereport.config.simplereport.DemoUserConfiguration.DemoUser;
 import gov.cdc.usds.simplereport.idp.repository.OktaRepository;
 import gov.cdc.usds.simplereport.service.AuthorizationService;
+import gov.cdc.usds.simplereport.service.DbOrgRoleClaimsService;
 import gov.cdc.usds.simplereport.service.model.IdentityAttributes;
 import gov.cdc.usds.simplereport.service.model.IdentitySupplier;
 import jakarta.servlet.Filter;
@@ -86,8 +88,11 @@ public FilterRegistrationBean<Filter> identityFilter() {
   public AuthorizationService getDemoAuthorizationService(
       OktaRepository oktaRepo,
       IdentitySupplier supplier,
-      DemoUserConfiguration demoUserConfiguration) {
-    return new DemoAuthorizationService(oktaRepo, supplier, demoUserConfiguration);
+      DemoUserConfiguration demoUserConfiguration,
+      DbOrgRoleClaimsService dbOrgRoleClaimsService,
+      FeatureFlagsConfig featureFlagsConfig) {
+    return new DemoAuthorizationService(
+        oktaRepo, supplier, demoUserConfiguration, dbOrgRoleClaimsService, featureFlagsConfig);
   }
 
   @Bean
@@ -149,14 +154,20 @@ public static class DemoAuthorizationService implements AuthorizationService {
     private final IdentitySupplier _getCurrentUser;
     private final OktaRepository _oktaRepo;
     private final Set<String> _adminGroupMemberSet;
+    private final DbOrgRoleClaimsService _dbOrgRoleClaimsService;
+    private final FeatureFlagsConfig _featureFlagsConfig;
 
     public DemoAuthorizationService(
         OktaRepository oktaRepo,
         IdentitySupplier getCurrent,
-        DemoUserConfiguration demoUserConfiguration) {
+        DemoUserConfiguration demoUserConfiguration,
+        DbOrgRoleClaimsService dbOrgRoleClaimsService,
+        FeatureFlagsConfig featureFlagsConfig) {
       super();
       this._getCurrentUser = getCurrent;
       this._oktaRepo = oktaRepo;
+      this._dbOrgRoleClaimsService = dbOrgRoleClaimsService;
+      this._featureFlagsConfig = featureFlagsConfig;
 
       _adminGroupMemberSet =
           demoUserConfiguration.getSiteAdminEmails().stream()
@@ -168,7 +179,16 @@ public List<OrganizationRoleClaims> findAllOrganizationRoles() {
       String username = Optional.ofNullable(_getCurrentUser.get()).orElseThrow().getUsername();
       Optional<OrganizationRoleClaims> claims =
           _oktaRepo.getOrganizationRoleClaimsForUser(username);
-      return claims.isEmpty() ? List.of() : List.of(claims.get());
+      List<OrganizationRoleClaims> oktaOrgRoleClaims =
+          claims.isEmpty() ? List.of() : List.of(claims.get());
+      if (!isSiteAdmin()) {
+        if (_featureFlagsConfig.isOktaMigrationEnabled()) {
+          List<OrganizationRoleClaims> dbOrgRoleClaims =
+              _dbOrgRoleClaimsService.getOrganizationRoleClaims(username);
+          return dbOrgRoleClaims;
+        }
+      }
+      return oktaOrgRoleClaims;
     }
 
     @Override

backend/src/main/java/gov/cdc/usds/simplereport/db/model/ApiUser.java

@@ -87,6 +87,12 @@ public void setRoles(Set<OrganizationRole> newOrgRoles, Organization org) {
     }
   }
 
+  public Set<Organization> getOrganizations() {
+    return this.roleAssignments.stream()
+        .map(ApiUserRole::getOrganization)
+        .collect(Collectors.toSet());
+  }
+
   public ApiUser clearRolesAndFacilities() {
     this.roleAssignments.clear();
     this.facilityAssignments.clear();

backend/src/main/java/gov/cdc/usds/simplereport/db/model/ApiUserRole.java

@@ -20,6 +20,7 @@ public class ApiUserRole extends AuditedEntity {
 
   @ManyToOne
   @JoinColumn(name = "organization_id", nullable = false)
+  @Getter
   private Organization organization;
 
   @Column(nullable = false, columnDefinition = "organization_role")