2024-04-29 00:17:15 +02:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2024-01-25 11:13:47 +01:00
|
|
|
module Administrateurs
|
|
|
|
class APITokensController < AdministrateurController
|
2024-01-26 14:52:28 +01:00
|
|
|
include ActionView::RecordIdentifier
|
|
|
|
|
2024-01-25 11:13:47 +01:00
|
|
|
before_action :authenticate_administrateur!
|
2024-01-30 09:57:43 +01:00
|
|
|
before_action :set_api_token, only: [:edit, :update, :destroy, :remove_procedure]
|
2024-01-25 11:13:47 +01:00
|
|
|
|
|
|
|
def nom
|
|
|
|
@name = name
|
|
|
|
end
|
|
|
|
|
|
|
|
def autorisations
|
|
|
|
@name = name
|
2024-01-30 09:54:06 +01:00
|
|
|
@libelle_id_procedures = libelle_id_procedures
|
2024-01-25 11:13:47 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
def securite
|
|
|
|
end
|
|
|
|
|
|
|
|
def create
|
|
|
|
if params[:networkFiltering] == "customNetworks" && invalid_network?
|
|
|
|
return redirect_to securite_admin_api_tokens_path(all_params.merge(invalidNetwork: true))
|
|
|
|
end
|
|
|
|
|
|
|
|
@api_token, @packed_token = APIToken.generate(current_administrateur)
|
|
|
|
|
|
|
|
@api_token.update!(name:, write_access:,
|
|
|
|
allowed_procedure_ids:, authorized_networks:, expires_at:)
|
2024-01-19 10:15:55 +01:00
|
|
|
|
|
|
|
@curl_command = curl_command(@packed_token, @api_token.procedure_ids.first)
|
2024-01-25 11:13:47 +01:00
|
|
|
end
|
|
|
|
|
2024-01-26 17:11:00 +01:00
|
|
|
def edit
|
2024-01-30 09:54:06 +01:00
|
|
|
@libelle_id_procedures = libelle_id_procedures
|
2024-01-26 17:11:00 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
def update
|
2024-01-30 09:56:36 +01:00
|
|
|
@libelle_id_procedures = libelle_id_procedures
|
|
|
|
|
|
|
|
h = {}
|
|
|
|
|
|
|
|
if !params[:networks].nil?
|
|
|
|
if invalid_network?
|
|
|
|
@invalid_network_message = "vous devez entrer des adresses ipv4 ou ipv6 valides"
|
|
|
|
return render :edit
|
|
|
|
end
|
|
|
|
|
|
|
|
if @api_token.eternal? && networks.empty?
|
|
|
|
@invalid_network_message = "Vous ne pouvez pas supprimer les restrictions d'accès à l'API d'un jeton permanent."
|
|
|
|
@api_token.reload
|
|
|
|
return render :edit
|
|
|
|
end
|
|
|
|
|
|
|
|
h[:authorized_networks] = networks
|
|
|
|
end
|
2024-01-30 09:57:30 +01:00
|
|
|
|
|
|
|
if procedure_to_add.present?
|
|
|
|
to_add = current_administrateur
|
|
|
|
.procedure_ids
|
|
|
|
.intersection([procedure_to_add])
|
|
|
|
|
|
|
|
h[:allowed_procedure_ids] =
|
|
|
|
(Array.wrap(@api_token.allowed_procedure_ids) + to_add).uniq
|
2024-01-26 17:11:00 +01:00
|
|
|
end
|
|
|
|
|
2024-01-30 09:56:36 +01:00
|
|
|
if params[:name].present?
|
|
|
|
h[:name] = name
|
2024-01-26 17:11:00 +01:00
|
|
|
end
|
|
|
|
|
2024-01-30 09:56:36 +01:00
|
|
|
@api_token.update!(h)
|
2024-01-26 17:11:00 +01:00
|
|
|
|
2024-01-30 09:56:36 +01:00
|
|
|
render :edit
|
2024-01-26 17:11:00 +01:00
|
|
|
end
|
|
|
|
|
2024-01-30 09:57:43 +01:00
|
|
|
def remove_procedure
|
|
|
|
procedure_id = params[:procedure_id].to_i
|
|
|
|
@api_token.allowed_procedure_ids =
|
|
|
|
@api_token.allowed_procedure_ids - [procedure_id]
|
|
|
|
@api_token.save!
|
|
|
|
|
|
|
|
render turbo_stream: turbo_stream.remove("authorized_procedure_#{procedure_id}")
|
|
|
|
end
|
|
|
|
|
2024-01-25 11:13:47 +01:00
|
|
|
def destroy
|
|
|
|
@api_token.destroy
|
|
|
|
|
2024-01-26 14:52:28 +01:00
|
|
|
render turbo_stream: turbo_stream.remove(dom_id(@api_token))
|
2024-01-25 11:13:47 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
2024-01-19 10:15:55 +01:00
|
|
|
def curl_command(packed_token, procedure_id)
|
|
|
|
<<~EOF
|
|
|
|
curl \\
|
|
|
|
-H 'Content-Type: application/json' \\
|
|
|
|
-H 'Authorization: Bearer #{packed_token}' \\
|
|
|
|
--data '{ "query": "{ demarche(number: #{procedure_id}) { title } }" }' \\
|
|
|
|
'#{api_v2_graphql_url}'
|
|
|
|
EOF
|
|
|
|
end
|
|
|
|
|
2024-01-30 09:54:06 +01:00
|
|
|
def libelle_id_procedures
|
|
|
|
current_administrateur
|
|
|
|
.procedures
|
|
|
|
.order(:libelle)
|
|
|
|
.pluck(:libelle, :id)
|
|
|
|
.map { |libelle, id| ["#{id} - #{libelle}", id] }
|
|
|
|
end
|
|
|
|
|
2024-01-25 11:13:47 +01:00
|
|
|
def all_params
|
|
|
|
[:name, :access, :target, :targets, :networkFiltering, :networks, :lifetime, :customLifetime]
|
|
|
|
.index_with { |param| params[param] }
|
|
|
|
end
|
|
|
|
|
|
|
|
def authorized_networks
|
|
|
|
if params[:networkFiltering] == "customNetworks"
|
|
|
|
networks
|
|
|
|
else
|
|
|
|
[]
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def invalid_network?
|
|
|
|
params[:networks]
|
|
|
|
.split
|
|
|
|
.any? do
|
|
|
|
begin
|
|
|
|
IPAddr.new(_1)
|
|
|
|
false
|
|
|
|
rescue
|
|
|
|
true
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def networks
|
|
|
|
params[:networks]
|
|
|
|
.split
|
|
|
|
.map { begin IPAddr.new(_1) rescue nil end }
|
|
|
|
.compact
|
|
|
|
end
|
|
|
|
|
|
|
|
def set_api_token
|
|
|
|
@api_token = current_administrateur.api_tokens.find(params[:id])
|
|
|
|
end
|
|
|
|
|
|
|
|
def name
|
|
|
|
params[:name]
|
|
|
|
end
|
|
|
|
|
2024-01-30 09:57:30 +01:00
|
|
|
def procedure_to_add
|
|
|
|
params[:procedure_to_add]&.to_i
|
|
|
|
end
|
|
|
|
|
2024-01-25 11:13:47 +01:00
|
|
|
def write_access
|
|
|
|
params[:access] == "read_write"
|
|
|
|
end
|
|
|
|
|
|
|
|
def allowed_procedure_ids
|
|
|
|
if params[:target] == "custom"
|
|
|
|
current_administrateur
|
|
|
|
.procedure_ids
|
|
|
|
.intersection(params[:targets].map(&:to_i))
|
|
|
|
else
|
|
|
|
nil
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def expires_at
|
|
|
|
case params[:lifetime]
|
|
|
|
in 'oneWeek'
|
|
|
|
1.week.from_now.to_date
|
|
|
|
in 'custom'
|
|
|
|
[
|
|
|
|
Date.parse(params[:customLifetime]),
|
|
|
|
1.year.from_now
|
|
|
|
].min
|
|
|
|
in 'infinite' if authorized_networks.present?
|
|
|
|
nil
|
|
|
|
else
|
|
|
|
1.week.from_now.to_date
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|