demarches-normaliennes/app/controllers/manager/confirmation_urls_controller.rb

module Manager
  class ConfirmationUrlsController < Manager::ApplicationController
    before_action :ensure_administrateur_exists
    before_action :ensure_not_already_added

    def new
      @url = confirm_add_administrateur_manager_procedure_url(
        procedure.id,
        q: encrypt({ email: params[:email], inviter_id: current_super_admin.id })
      )
    end

    private

    def ensure_administrateur_exists
      redirect("Cet administrateur n'existe pas. Veuillez réessayer.") unless administrateur
    end

    def ensure_not_already_added
      redirect("Cet administrateur a déjà été ajouté à cette démarche.") if already_added?
    end

    def redirect(alert)
      flash[:alert] = alert
      redirect_to manager_procedure_path(procedure)
    end

    def already_added?
      AdministrateursProcedure.exists?(procedure: procedure, administrateur: administrateur)
    end

    def administrateur
      @administrateur ||= Administrateur.by_email(params[:email])
    end

    def procedure
      @procedure ||= Procedure.with_discarded.find(params[:procedure_id])
    end

    def encrypt(parameters)
      key = Rails.application.key_generator.generate_key(ENV["SECRET_KEY_BASE"])
      verifier = ActiveSupport::MessageVerifier.new(key)
      Base64.urlsafe_encode64(verifier.generate(parameters))
    end
  end
end
build and render secured URL to invite admin For clarity and a better understanding, use a dedicated controller to build and render the confirmation URL to share in order to add a new administrateur. 2022-09-09 11:45:14 +02:00			`module Manager`
			`class ConfirmationUrlsController < Manager::ApplicationController`
			`before_action :ensure_administrateur_exists`
			`before_action :ensure_not_already_added`

			`def new`
			`@url = confirm_add_administrateur_manager_procedure_url(`
			`procedure.id,`
			`q: encrypt({ email: params[:email], inviter_id: current_super_admin.id })`
			`)`
			`end`

			`private`

			`def ensure_administrateur_exists`
			`redirect("Cet administrateur n'existe pas. Veuillez réessayer.") unless administrateur`
			`end`

			`def ensure_not_already_added`
			`redirect("Cet administrateur a déjà été ajouté à cette démarche.") if already_added?`
			`end`

			`def redirect(alert)`
			`flash[:alert] = alert`
			`redirect_to manager_procedure_path(procedure)`
			`end`

			`def already_added?`
			`AdministrateursProcedure.exists?(procedure: procedure, administrateur: administrateur)`
			`end`

			`def administrateur`
			`@administrateur \|\|= Administrateur.by_email(params[:email])`
			`end`

			`def procedure`
			`@procedure \|\|= Procedure.with_discarded.find(params[:procedure_id])`
			`end`

			`def encrypt(parameters)`
			`key = Rails.application.key_generator.generate_key(ENV["SECRET_KEY_BASE"])`
			`verifier = ActiveSupport::MessageVerifier.new(key)`
			`Base64.urlsafe_encode64(verifier.generate(parameters))`
			`end`
			`end`
			`end`