2019-03-25 10:53:45 +01:00
module Users
2017-06-29 14:18:12 +02:00
class DossiersController < UserController
2019-01-14 16:16:23 +01:00
include Devise :: StoreLocationExtension
2018-07-17 11:40:19 +02:00
include DossierHelper
2019-01-07 12:17:11 +01:00
layout 'procedure_context' , only : [ :identite , :update_identite , :siret , :update_siret ]
2018-11-01 13:00:35 +01:00
ACTIONS_ALLOWED_TO_ANY_USER = [ :index , :recherche , :new ]
2019-05-29 12:05:28 +02:00
ACTIONS_ALLOWED_TO_OWNER_OR_INVITE = [ :show , :demande , :messagerie , :brouillon , :update_brouillon , :modifier , :update , :create_commentaire ]
2018-09-20 17:39:15 +02:00
before_action :ensure_ownership! , except : ACTIONS_ALLOWED_TO_ANY_USER + ACTIONS_ALLOWED_TO_OWNER_OR_INVITE
before_action :ensure_ownership_or_invitation! , only : ACTIONS_ALLOWED_TO_OWNER_OR_INVITE
2019-05-29 12:05:28 +02:00
before_action :ensure_dossier_can_be_updated , only : [ :update_identite , :update_brouillon , :modifier , :update ]
2018-09-06 10:49:26 +02:00
before_action :forbid_invite_submission! , only : [ :update_brouillon ]
2018-09-06 13:29:56 +02:00
before_action :forbid_closed_submission! , only : [ :update_brouillon ]
2018-10-25 18:05:47 +02:00
before_action :show_demarche_en_test_banner
2018-11-01 13:00:35 +01:00
before_action :store_user_location! , only : :new
2017-06-29 14:18:12 +02:00
2018-07-04 11:49:24 +02:00
def index
@user_dossiers = current_user . dossiers . includes ( :procedure ) . order_by_updated_at . page ( page )
@dossiers_invites = current_user . dossiers_invites . includes ( :procedure ) . order_by_updated_at . page ( page )
@current_tab = current_tab ( @user_dossiers . count , @dossiers_invites . count )
@dossiers = case @current_tab
when 'mes-dossiers'
@user_dossiers
when 'dossiers-invites'
@dossiers_invites
end
end
2018-08-07 11:58:10 +02:00
def show
if dossier . brouillon?
2018-09-06 09:09:23 +02:00
redirect_to brouillon_dossier_path ( dossier )
2018-08-07 11:58:10 +02:00
end
2018-08-07 16:32:11 +02:00
@dossier = dossier
2018-08-07 11:58:10 +02:00
end
2018-08-29 16:57:01 +02:00
def demande
2018-08-14 15:06:44 +02:00
@dossier = dossier
end
2018-09-05 13:56:12 +02:00
def messagerie
@dossier = dossier
@commentaire = Commentaire . new
end
2017-06-29 14:18:59 +02:00
def attestation
2019-08-27 17:43:33 +02:00
if dossier . attestation . pdf_active_storage . attached?
redirect_to url_for ( dossier . attestation . pdf_active_storage )
else
send_data ( dossier . attestation . pdf . read , filename : 'attestation.pdf' , type : 'application/pdf' )
end
2017-06-29 14:18:59 +02:00
end
2018-02-08 17:13:15 +01:00
def identite
@dossier = dossier
@user = current_user
end
2018-02-08 17:13:15 +01:00
def update_identite
@dossier = dossier
2018-10-02 13:51:56 +02:00
if @dossier . individual . update ( individual_params )
@dossier . update! ( autorisation_donnees : true )
2018-02-08 17:13:15 +01:00
flash . notice = " Identité enregistrée "
2018-11-27 15:56:14 +01:00
redirect_to brouillon_dossier_path ( @dossier )
2018-02-08 17:13:15 +01:00
else
2018-10-02 13:51:56 +02:00
flash . now . alert = @dossier . individual . errors . full_messages
2018-02-08 17:13:15 +01:00
render :identite
end
end
2018-10-04 09:43:19 +02:00
def siret
@dossier = dossier
end
2018-10-15 18:41:53 +02:00
def update_siret
@dossier = dossier
# We use the user as the holder model object for the siret value
# (so that we can restore it on the form in case of error).
#
# This is the only remaining use of User#siret: it could be refactored away.
# However some existing users have a siret but no associated etablissement,
# so we would need to analyze the legacy data and decide what to do with it.
current_user . siret = siret_params [ :siret ]
siret_model = Siret . new ( siret : siret_params [ :siret ] )
if ! siret_model . valid?
return render_siret_error ( siret_model . errors . full_messages )
end
sanitized_siret = siret_model . siret
2019-05-02 11:24:22 +02:00
begin
etablissement_attributes = ApiEntrepriseService . get_etablissement_params_for_siret ( sanitized_siret , @dossier . procedure . id )
rescue RestClient :: RequestFailed
return render_siret_error ( t ( 'errors.messages.siret_network_error' ) )
end
2018-10-15 18:41:53 +02:00
if etablissement_attributes . blank?
return render_siret_error ( t ( 'errors.messages.siret_unknown' ) )
end
etablissement = @dossier . build_etablissement ( etablissement_attributes )
etablissement . save!
current_user . update! ( siret : sanitized_siret )
@dossier . update! ( autorisation_donnees : true )
redirect_to etablissement_dossier_path
end
2018-10-15 12:25:25 +02:00
def etablissement
@dossier = dossier
# Redirect if the user attempts to access the page URL directly
if ! @dossier . etablissement
flash . alert = 'Aucun établissement n’ est associé à ce dossier'
return redirect_to siret_dossier_path ( @dossier )
end
end
2018-09-06 09:09:23 +02:00
def brouillon
2018-02-21 18:32:07 +01:00
@dossier = dossier_with_champs
# TODO: remove when the champs are unifed
if ! @dossier . autorisation_donnees
if dossier . procedure . for_individual
redirect_to identite_dossier_path ( @dossier )
else
2018-10-04 09:43:19 +02:00
redirect_to siret_dossier_path ( @dossier )
2018-02-21 18:32:07 +01:00
end
end
end
2018-09-05 19:05:43 +02:00
# FIXME:
# - delegate draft save logic to champ ?
2018-09-06 10:49:26 +02:00
def update_brouillon
2018-02-21 18:32:07 +01:00
@dossier = dossier_with_champs
2018-09-06 13:35:59 +02:00
errors = update_dossier_and_compute_errors
2018-02-21 18:32:07 +01:00
if errors . present?
flash . now . alert = errors
2018-09-06 09:09:23 +02:00
render :brouillon
2018-02-21 18:32:07 +01:00
else
2018-09-06 13:29:56 +02:00
if save_draft?
flash . now . notice = 'Votre brouillon a bien été sauvegardé.'
render :brouillon
else
@dossier . en_construction!
NotificationMailer . send_initiated_notification ( @dossier ) . deliver_later
redirect_to merci_dossier_path ( @dossier )
end
2018-02-21 18:32:07 +01:00
end
end
2018-09-05 18:23:10 +02:00
def modifier
@dossier = dossier_with_champs
end
2018-09-06 11:39:46 +02:00
def update
@dossier = dossier_with_champs
2018-09-06 13:35:59 +02:00
errors = update_dossier_and_compute_errors
2018-09-06 11:39:46 +02:00
if errors . present?
flash . now . alert = errors
render :modifier
2018-09-06 13:31:29 +02:00
else
2018-10-02 12:23:53 +02:00
redirect_to demande_dossier_path ( @dossier )
2018-09-06 11:39:46 +02:00
end
end
2018-02-27 09:49:58 +01:00
def merci
@dossier = current_user . dossiers . includes ( :procedure ) . find ( params [ :id ] )
end
2018-09-05 13:56:12 +02:00
def create_commentaire
2018-11-29 15:00:26 +01:00
@commentaire = CommentaireService . build ( current_user , dossier , commentaire_params )
2018-09-05 13:56:12 +02:00
if @commentaire . save
2018-09-04 18:27:34 +02:00
flash . notice = " Votre message a bien été envoyé à l’ instructeur en charge de votre dossier. "
2018-09-05 13:56:12 +02:00
redirect_to messagerie_dossier_path ( dossier )
else
flash . now . alert = @commentaire . errors . full_messages
render :messagerie
end
end
2018-05-24 15:55:47 +02:00
def ask_deletion
2019-02-26 16:18:04 +01:00
dossier = current_user . dossiers . includes ( :user , procedure : :administrateurs ) . find ( params [ :id ] )
2018-06-13 13:58:14 +02:00
2019-02-06 19:11:55 +01:00
if dossier . can_be_deleted_by_user?
2019-07-15 16:00:49 +02:00
dossier . delete_and_keep_track ( current_user )
2018-06-13 13:58:14 +02:00
flash . notice = 'Votre dossier a bien été supprimé.'
2018-06-27 14:47:02 +02:00
redirect_to dossiers_path
2018-06-13 13:58:14 +02:00
else
flash . notice = " L'instruction de votre dossier a commencé, il n'est plus possible de supprimer votre dossier. Si vous souhaitez annuler l'instruction contactez votre administration par la messagerie de votre dossier. "
2018-11-01 13:00:35 +01:00
redirect_to dossier_path ( dossier )
2018-06-13 13:58:14 +02:00
end
2018-05-24 15:55:47 +02:00
end
2018-07-17 11:40:19 +02:00
def recherche
@dossier_id = params [ :dossier_id ]
dossier = current_user . dossiers . find_by ( id : @dossier_id )
if dossier
redirect_to url_for_dossier ( dossier )
else
flash . alert = " Vous n’ avez pas de dossier avec le nº #{ @dossier_id } . "
redirect_to dossiers_path
end
end
2018-11-01 13:00:35 +01:00
def new
erase_user_location!
if params [ :brouillon ]
procedure = Procedure . brouillon . find ( params [ :procedure_id ] )
else
procedure = Procedure . publiees . find ( params [ :procedure_id ] )
end
dossier = Dossier . create! ( procedure : procedure , user : current_user , state : Dossier . states . fetch ( :brouillon ) )
if dossier . procedure . for_individual
2019-07-31 15:49:18 +02:00
if current_user . france_connect_information . present?
dossier . update_with_france_connect ( current_user . france_connect_information )
end
2018-11-01 13:00:35 +01:00
redirect_to identite_dossier_path ( dossier )
else
redirect_to siret_dossier_path ( id : dossier . id )
end
rescue ActiveRecord :: RecordNotFound
flash . alert = t ( 'errors.messages.procedure_not_found' )
redirect_to url_for dossiers_path
end
2019-03-13 16:48:38 +01:00
def dossier_for_help
dossier_id = params [ :id ] || params [ :dossier_id ]
@dossier || ( dossier_id . present? && Dossier . find_by ( id : dossier_id . to_i ) )
end
2017-06-29 14:18:12 +02:00
private
2018-11-01 13:00:35 +01:00
def store_user_location!
store_location_for ( :user , request . fullpath )
end
def erase_user_location!
2019-01-14 16:16:23 +01:00
clear_stored_location_for ( :user )
2018-11-01 13:00:35 +01:00
end
2018-10-25 18:05:47 +02:00
def show_demarche_en_test_banner
if @dossier . present? && @dossier . procedure . brouillon?
2019-08-28 11:37:39 +02:00
flash . now . alert = " Ce dossier est déposé sur une démarche en test. Toute modification de la démarche par l'administrateur (ajout d'un champ, publication de la démarche...) entrainera sa suppression. "
2018-10-25 18:05:47 +02:00
end
end
2018-06-08 15:51:46 +02:00
def ensure_dossier_can_be_updated
2019-02-06 18:20:35 +01:00
if ! dossier . can_be_updated_by_user?
2018-06-08 15:51:46 +02:00
flash . alert = 'Votre dossier ne peut plus être modifié'
2018-06-27 14:47:02 +02:00
redirect_to dossiers_path
2018-06-08 15:51:46 +02:00
end
end
2018-03-30 18:17:47 +02:00
def page
[ params [ :page ] . to_i , 1 ] . max
end
2018-04-03 10:49:16 +02:00
def current_tab ( mes_dossiers_count , dossiers_invites_count )
if dossiers_invites_count == 0
'mes-dossiers'
elsif mes_dossiers_count == 0
'dossiers-invites'
else
params [ :current_tab ] . presence || 'mes-dossiers'
end
end
2018-02-27 17:25:45 +01:00
# FIXME: require(:dossier) when all the champs are united
2018-02-21 18:32:07 +01:00
def champs_params
2018-04-03 17:53:14 +02:00
params . permit ( dossier : {
champs_attributes : [
2018-06-27 14:31:34 +02:00
:id , :value , :primary_value , :secondary_value , :piece_justificative_file , value : [ ] ,
2019-01-30 16:14:15 +01:00
champs_attributes : [ :id , :_destroy , :value , :primary_value , :secondary_value , :piece_justificative_file , value : [ ] ]
2018-04-03 17:53:14 +02:00
]
} )
2018-02-21 18:32:07 +01:00
end
2017-06-29 14:18:12 +02:00
def dossier
2018-09-04 17:47:34 +02:00
@dossier || = Dossier . find ( params [ :id ] || params [ :dossier_id ] )
2017-06-29 14:18:12 +02:00
end
2018-02-21 18:32:07 +01:00
def dossier_with_champs
2018-08-30 11:51:35 +02:00
Dossier . with_champs . find ( params [ :id ] )
2018-02-21 18:32:07 +01:00
end
2018-09-06 13:35:59 +02:00
def update_dossier_and_compute_errors
2019-07-24 14:41:56 +02:00
errors = [ ]
2018-09-06 13:35:59 +02:00
if champs_params [ :dossier ] && ! @dossier . update ( champs_params [ :dossier ] )
errors += @dossier . errors . full_messages
end
if ! save_draft?
2019-01-30 16:14:15 +01:00
errors += @dossier . check_mandatory_champs
2018-09-06 13:35:59 +02:00
end
errors
end
2017-06-29 14:18:12 +02:00
def ensure_ownership!
2018-05-30 18:26:23 +02:00
if ! current_user . owns? ( dossier )
2018-03-29 15:25:05 +02:00
forbidden!
2017-06-29 14:18:12 +02:00
end
end
2018-02-08 17:13:15 +01:00
2018-03-29 15:25:05 +02:00
def ensure_ownership_or_invitation!
2018-05-30 18:31:02 +02:00
if ! current_user . owns_or_invite? ( dossier )
2018-03-29 15:25:05 +02:00
forbidden!
end
end
2018-03-29 16:49:01 +02:00
def forbid_invite_submission!
2018-05-30 18:26:23 +02:00
if passage_en_construction? && ! current_user . owns? ( dossier )
2018-03-29 16:49:01 +02:00
forbidden!
end
end
2018-09-06 13:29:56 +02:00
def forbid_closed_submission!
if passage_en_construction? && ! dossier . can_transition_to_en_construction?
forbidden!
end
end
2018-03-29 15:25:05 +02:00
def forbidden!
flash [ :alert ] = " Vous n'avez pas accès à ce dossier "
redirect_to root_path
end
2018-10-15 18:41:53 +02:00
def render_siret_error ( error_message )
flash . alert = error_message
render :siret
end
2018-02-08 17:13:15 +01:00
def individual_params
params . require ( :individual ) . permit ( :gender , :nom , :prenom , :birthdate )
end
2018-10-15 18:41:53 +02:00
def siret_params
params . require ( :user ) . permit ( :siret )
end
2018-09-05 13:56:12 +02:00
def commentaire_params
2019-06-25 17:12:44 +02:00
params . require ( :commentaire ) . permit ( :body , :piece_jointe )
2018-09-05 13:56:12 +02:00
end
2018-03-29 16:49:01 +02:00
def passage_en_construction?
2018-09-05 19:06:00 +02:00
dossier . brouillon? && ! save_draft?
2018-03-29 16:49:01 +02:00
end
2018-09-05 19:06:00 +02:00
def save_draft?
2018-10-12 12:11:43 +02:00
dossier . brouillon? && params [ :save_draft ]
2018-02-21 18:32:07 +01:00
end
2017-06-29 14:18:12 +02:00
end
end