2024-04-29 00:17:15 +02:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2019-07-02 18:15:03 +02:00
|
|
|
module Users
|
|
|
|
class ProfilController < UserController
|
2021-10-25 16:57:21 +02:00
|
|
|
before_action :ensure_update_email_is_authorized, only: :update_email
|
2022-11-30 10:13:17 +01:00
|
|
|
before_action :find_transfers, only: [:show]
|
2021-10-25 16:57:21 +02:00
|
|
|
|
2018-08-23 18:53:35 +02:00
|
|
|
def show
|
2022-11-07 17:18:42 +01:00
|
|
|
@france_connect_informations = FranceConnectInformation.where(user: current_user)
|
2018-08-23 18:53:35 +02:00
|
|
|
end
|
|
|
|
|
2019-07-08 10:40:50 +02:00
|
|
|
def update_email
|
2021-10-26 13:36:14 +02:00
|
|
|
requested_user = User.find_by(email: requested_email)
|
2024-07-12 14:54:32 +02:00
|
|
|
if requested_user.present?
|
|
|
|
current_user.ask_for_merge(requested_user)
|
2021-10-26 16:18:12 +02:00
|
|
|
|
2019-07-08 10:40:50 +02:00
|
|
|
flash.notice = t('devise.registrations.update_needs_confirmation')
|
2024-07-12 14:54:32 +02:00
|
|
|
elsif update_with_lock(update_email_params)
|
2021-10-26 16:18:12 +02:00
|
|
|
current_user.update(requested_merge_into: nil)
|
|
|
|
|
2019-07-08 10:40:50 +02:00
|
|
|
flash.notice = t('devise.registrations.update_needs_confirmation')
|
|
|
|
else
|
2019-12-09 16:50:30 +01:00
|
|
|
flash.alert = current_user.errors.full_messages
|
2019-07-08 10:40:50 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
redirect_to profil_path
|
2024-07-12 14:54:32 +02:00
|
|
|
rescue ActiveRecord::RecordInvalid => e
|
|
|
|
flash.alert = e.record.errors.full_messages
|
|
|
|
redirect_to profil_path
|
|
|
|
end
|
|
|
|
|
|
|
|
def update_with_lock(params)
|
|
|
|
current_user.with_lock do
|
|
|
|
current_user.update!(params)
|
|
|
|
end
|
2019-07-08 10:40:50 +02:00
|
|
|
end
|
|
|
|
|
2021-09-20 13:14:03 +02:00
|
|
|
def transfer_all_dossiers
|
2022-08-02 13:01:06 +02:00
|
|
|
transfer = DossierTransfer.initiate(next_owner_email, current_user.dossiers)
|
|
|
|
|
|
|
|
if transfer.valid?
|
|
|
|
flash.notice = t('.new_transfer', count: current_user.dossiers.count, email: next_owner_email)
|
|
|
|
else
|
|
|
|
flash.alert = transfer.errors.full_messages
|
|
|
|
end
|
|
|
|
|
2021-09-20 13:14:03 +02:00
|
|
|
redirect_to profil_path
|
|
|
|
end
|
|
|
|
|
2021-10-26 13:22:51 +02:00
|
|
|
def accept_merge
|
|
|
|
users_requesting_merge.each { |user| current_user.merge(user) }
|
|
|
|
users_requesting_merge.update_all(requested_merge_into_id: nil)
|
|
|
|
|
|
|
|
flash.notice = "Vous avez absorbé le compte #{waiting_merge_emails.join(', ')}"
|
|
|
|
redirect_to profil_path
|
|
|
|
end
|
|
|
|
|
|
|
|
def refuse_merge
|
|
|
|
users = users_requesting_merge
|
|
|
|
users.update_all(requested_merge_into_id: nil)
|
|
|
|
|
|
|
|
flash.notice = 'La fusion a été refusé'
|
|
|
|
redirect_to profil_path
|
|
|
|
end
|
2022-11-07 17:18:42 +01:00
|
|
|
|
|
|
|
def destroy_fci
|
|
|
|
fci = FranceConnectInformation
|
|
|
|
.where(user: current_user)
|
|
|
|
.find(params[:fci_id])
|
|
|
|
|
|
|
|
fci.destroy!
|
|
|
|
flash.notice = "Le compte FranceConnect de « #{fci.full_name} » ne peut plus accéder à vos dossiers"
|
|
|
|
|
|
|
|
redirect_to profil_path
|
|
|
|
end
|
2021-10-26 13:22:51 +02:00
|
|
|
|
2024-03-18 19:31:57 +01:00
|
|
|
def preferred_domain
|
|
|
|
current_user.update_preferred_domain(request.host_with_port)
|
|
|
|
|
|
|
|
head :no_content
|
|
|
|
end
|
2021-10-26 13:22:51 +02:00
|
|
|
|
2019-07-08 10:40:50 +02:00
|
|
|
private
|
|
|
|
|
2021-11-16 14:54:09 +01:00
|
|
|
def find_transfers
|
|
|
|
@waiting_merge_emails = waiting_merge_emails
|
|
|
|
@waiting_transfers = current_user.dossiers.joins(:transfer).group('dossier_transfers.email').count.to_a
|
|
|
|
end
|
|
|
|
|
2021-10-26 13:22:51 +02:00
|
|
|
def waiting_merge_emails
|
|
|
|
users_requesting_merge.pluck(:email)
|
|
|
|
end
|
|
|
|
|
|
|
|
def users_requesting_merge
|
2021-11-04 15:51:54 +01:00
|
|
|
@requesting_merge ||= current_user.requested_merge_from
|
2021-10-26 13:22:51 +02:00
|
|
|
end
|
|
|
|
|
2021-10-25 16:57:21 +02:00
|
|
|
def ensure_update_email_is_authorized
|
|
|
|
if current_user.instructeur? && !target_email_allowed?
|
2024-03-20 11:39:42 +01:00
|
|
|
flash.alert = t('users.profil.ensure_update_email_is_authorized.email_not_allowed', contact_email: Current.contact_email, requested_email: requested_email)
|
2021-10-25 16:57:21 +02:00
|
|
|
redirect_to profil_path
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-07-08 10:40:50 +02:00
|
|
|
def update_email_params
|
|
|
|
params.require(:user).permit(:email)
|
|
|
|
end
|
2019-07-09 17:08:27 +02:00
|
|
|
|
|
|
|
def requested_email
|
|
|
|
update_email_params[:email]
|
|
|
|
end
|
2019-12-09 17:11:12 +01:00
|
|
|
|
2021-10-18 12:03:13 +02:00
|
|
|
def target_email_allowed?
|
|
|
|
LEGIT_ADMIN_DOMAINS.any? { |d| requested_email.end_with?(d) }
|
2019-12-09 17:11:12 +01:00
|
|
|
end
|
2021-09-20 13:14:03 +02:00
|
|
|
|
|
|
|
def next_owner_email
|
|
|
|
params[:next_owner]
|
|
|
|
end
|
2018-08-23 18:53:35 +02:00
|
|
|
end
|
|
|
|
end
|