demarches-normaliennes/app/controllers/recoveries_controller.rb

86 lines
2.4 KiB
Ruby
Raw Normal View History

# frozen_string_literal: true
class RecoveriesController < ApplicationController
before_action :ensure_agent_connect_is_used, except: [:nature, :post_nature, :support]
before_action :ensure_collectivite_territoriale, except: [:nature, :post_nature, :support]
def nature
end
def post_nature
if nature_params == 'collectivite'
redirect_to identification_recovery_path
else
redirect_to support_recovery_path(error: :other_nature)
end
end
def identification
@structure_name = structure_name
end
def post_identification
# cipher previous_user email
# to avoid leaks in the url
ciphered_email = cipher(previous_email)
redirect_to selection_recovery_path(ciphered_email:)
end
def selection
@previous_email = uncipher(params[:ciphered_email])
previous_user = User.find_by(email: @previous_email)
@recoverables = RecoveryService
.recoverable_procedures(previous_user:, siret:)
redirect_to support_recovery_path(error: :no_dossier) if @recoverables.empty?
end
def post_selection
previous_user = User.find_by(email: previous_email)
RecoveryService.recover_procedure!(previous_user:,
next_user: current_user,
siret:,
procedure_ids:)
redirect_to terminee_recovery_path
end
def terminee
end
def support
end
private
def nature_params = params[:nature]
def siret = current_instructeur.last_agent_connect_information.siret
def previous_email = params[:previous_email]
def procedure_ids = params[:procedure_ids].map(&:to_i)
def cipher(email) = message_verifier.generate(email, purpose: :agent_files_recovery, expires_in: 1.hour)
def uncipher(email) = message_verifier.verified(email, purpose: :agent_files_recovery) rescue nil
def structure_name
# we know that the structure exists because
# of the ensure_collectivite_territoriale guard
APIRechercheEntreprisesService.new.call(siret:).value![:nom_complet]
end
def ensure_agent_connect_is_used
if current_instructeur&.last_agent_connect_information.nil?
redirect_to support_recovery_path(error: :must_use_agent_connect)
end
end
def ensure_collectivite_territoriale
if !APIRechercheEntreprisesService.collectivite_territoriale?(siret:)
redirect_to support_recovery_path(error: 'not_collectivite_territoriale')
end
end
end