Check demarche ownership on multiple administrateurs

app/controllers/admin/procedures_controller.rb

@@ -69,7 +69,7 @@ class Admin::ProceduresController < AdminController
   def create
     @procedure = Procedure.new(procedure_params.merge(administrateurs: [current_administrateur]))
     @path = @procedure.path
-    @availability = Procedure.path_availability(current_administrateur, @procedure.path)
+    @availability = Procedure.path_availability([current_administrateur], @procedure.path)
 
     if !@procedure.save
       flash.now.alert = @procedure.errors.full_messages
@@ -195,7 +195,7 @@ class Admin::ProceduresController < AdminController
       .pluck('procedures.id')
 
     @grouped_procedures = Procedure
-      .includes(:administrateur, :service)
+      .includes(:administrateurs, :service)
       .where(id: significant_procedure_ids)
       .group_by(&:organisation_name)
       .sort_by { |_, procedures| procedures.first.created_at }
@@ -217,11 +217,10 @@ class Admin::ProceduresController < AdminController
     json_path_list = Procedure
       .find_with_path(params[:request])
       .order(:id)
-      .pluck(:path, :administrateur_id)
-      .map do |path, administrateur_id|
+      .map do |procedure|
         {
-          label: path,
-          mine: administrateur_id == current_administrateur.id
+          label: procedure.path,
+          mine: current_administrateur.owns?(procedure)
         }
       end.to_json
 
@@ -236,7 +235,7 @@ class Admin::ProceduresController < AdminController
       procedure = current_administrateur.procedures.find(procedure_id)
       @availability = procedure.path_availability(path)
     else
-      @availability = Procedure.path_availability(current_administrateur, path)
+      @availability = Procedure.path_availability([current_administrateur], path)
     end
   end
 
@@ -273,7 +272,7 @@ class Admin::ProceduresController < AdminController
     if @procedure&.locked?
       params.require(:procedure).permit(*editable_params)
     else
-      params.require(:procedure).permit(*editable_params, :duree_conservation_dossiers_dans_ds, :duree_conservation_dossiers_hors_ds, :for_individual, :individual_with_siret, :ask_birthday, :path).merge(administrateur_id: current_administrateur.id)
+      params.require(:procedure).permit(*editable_params, :duree_conservation_dossiers_dans_ds, :duree_conservation_dossiers_hors_ds, :for_individual, :individual_with_siret, :ask_birthday, :path)
     end
   end
 end

app/controllers/api/v1/dossiers_controller.rb

@@ -38,7 +38,7 @@ class API::V1::DossiersController < APIController
   def fetch_procedure_and_check_token
     @procedure = Procedure.for_api.find(params[:procedure_id])
 
-    if !valid_token_for_administrateur?(@procedure.administrateur)
+    if !valid_token_for_administrateur?(@procedure.administrateurs)
       render json: {}, status: :unauthorized
     end
 

app/controllers/api/v1/procedures_controller.rb

@@ -10,7 +10,7 @@ class API::V1::ProceduresController < APIController
   def fetch_procedure_and_check_token
     @procedure = Procedure.for_api.find(params[:id])
 
-    if !valid_token_for_administrateur?(@procedure.administrateur)
+    if !valid_token_for_administrateur?(@procedure.administrateurs)
       render json: {}, status: :unauthorized
     end
 

app/controllers/api_controller.rb

@@ -3,8 +3,10 @@ class APIController < ApplicationController
 
   protected
 
-  def valid_token_for_administrateur?(administrateur)
-    administrateur.valid_api_token?(token)
+  def valid_token_for_administrateur?(administrateurs)
+    administrateurs.any? do |administrateur|
+      administrateur.valid_api_token?(token)
+    end
   end
 
   private

app/controllers/new_user/dossiers_controller.rb

@@ -186,7 +186,7 @@ module NewUser
     end
 
     def ask_deletion
-      dossier = current_user.dossiers.includes(:user, procedure: :administrateur).find(params[:id])
+      dossier = current_user.dossiers.includes(:user, procedure: :administrateurs).find(params[:id])
 
       if dossier.can_be_deleted_by_user?
         dossier.delete_and_keep_track

app/controllers/stats_controller.rb

@@ -235,7 +235,7 @@ class StatsController < ApplicationController
   end
 
   def procedures_count_per_administrateur(procedures)
-    count_per_administrateur = procedures.group(:administrateur_id).count.values
+    count_per_administrateur = procedures.joins(:administrateurs).group('administrateurs.id').count.values
     {
       'Une démarche' => count_per_administrateur.select { |count| count == 1 }.count,
       'Entre deux et cinq démarches' => count_per_administrateur.select { |count| count.in?(2..5) }.count,

app/models/administrateur.rb

@@ -7,9 +7,8 @@ class Administrateur < ApplicationRecord
     :recoverable, :rememberable, :trackable, :validatable
 
   has_and_belongs_to_many :gestionnaires
-  has_many :procedures
   has_many :administrateurs_procedures
-  has_many :admin_procedures, through: :administrateurs_procedures, source: :procedure
+  has_many :procedures, through: :administrateurs_procedures
   has_many :services
   has_many :dossiers, -> { state_not_brouillon }, through: :procedures
 
@@ -117,7 +116,7 @@ class Administrateur < ApplicationRecord
   end
 
   def owns?(procedure)
-    id == procedure.administrateur_id
+    procedure.administrateurs.include?(self)
   end
 
   def gestionnaire

app/models/dossier.rb

@@ -264,7 +264,7 @@ class Dossier < ApplicationRecord
     update(hidden_at: deleted_dossier.deleted_at)
 
     if en_construction?
-      administration_emails = followers_gestionnaires.present? ? followers_gestionnaires.pluck(:email) : [procedure.administrateur.email]
+      administration_emails = followers_gestionnaires.present? ? followers_gestionnaires.pluck(:email) : procedure.administrateurs.pluck(:email)
       administration_emails.each do |email|
         DossierMailer.notify_deletion_to_administration(deleted_dossier, email).deliver_later
       end

app/models/procedure.rb

@@ -1,6 +1,8 @@
 require Rails.root.join('lib', 'percentile')
 
 class Procedure < ApplicationRecord
+  self.ignored_columns = [:administrateur_id]
+
   MAX_DUREE_CONSERVATION = 36
 
   has_many :types_de_piece_justificative, -> { ordered }, dependent: :destroy
@@ -12,7 +14,6 @@ class Procedure < ApplicationRecord
   has_one :module_api_carto, dependent: :destroy
   has_one :attestation_template, dependent: :destroy
 
-  belongs_to :administrateur
   belongs_to :parent_procedure, class_name: 'Procedure'
   belongs_to :service
 
@@ -48,7 +49,7 @@ class Procedure < ApplicationRecord
 
   scope :for_api, -> {
     includes(
-      :administrateur,
+      :administrateurs,
       :types_de_champ_private,
       :types_de_champ,
       :types_de_piece_justificative,
@@ -220,7 +221,6 @@ class Procedure < ApplicationRecord
       procedure.administrateurs = administrateurs
     end
 
-    procedure.administrateur = admin
     procedure.initiated_mail = initiated_mail&.dup
     procedure.received_mail = received_mail&.dup
     procedure.closed_mail = closed_mail&.dup
@@ -341,10 +341,10 @@ class Procedure < ApplicationRecord
   PATH_CAN_PUBLISH = [PATH_AVAILABLE, PATH_AVAILABLE_PUBLIEE]
 
   def path_availability(path)
-    Procedure.path_availability(administrateur, path, id)
+    Procedure.path_availability(administrateurs, path, id)
   end
 
-  def self.path_availability(administrateur, path, exclude_id = nil)
+  def self.path_availability(administrateurs, path, exclude_id = nil)
     if exclude_id.present?
       procedure = where.not(id: exclude_id).find_by(path: path)
     else
@@ -353,7 +353,7 @@ class Procedure < ApplicationRecord
 
     if procedure.blank?
       PATH_AVAILABLE
-    elsif administrateur.owns?(procedure)
+    elsif administrateurs.any? { |administrateur| administrateur.owns?(procedure) }
       if procedure.brouillon?
         PATH_NOT_AVAILABLE_BROUILLON
       else
@@ -391,7 +391,9 @@ class Procedure < ApplicationRecord
   private
 
   def claim_path_ownership!(path)
-    procedure = Procedure.where(administrateur: administrateur).find_by(path: path)
+    procedure = Procedure.joins(:administrateurs)
+      .where(administrateurs: { id: administrateur_ids })
+      .find_by(path: path)
 
     if procedure&.publiee? && procedure != self
       procedure.archive!

app/views/admin/procedures/new_from_existing.html.haml

@@ -27,4 +27,4 @@
             %td
               = link_to('Cloner', admin_procedure_clone_path(procedure.id, from_new_from_existing: true), 'data-method' => :put, class: 'btn-sm btn-primary clone-btn')
             %td{ style: 'padding-left: 10px;' }
-              = link_to('Contacter', "mailto:#{procedure.administrateur.email}")
+              = link_to('Contacter', "mailto:#{procedure.administrateurs.pluck(:email) * ","}")

app/views/administration_mailer/dubious_procedures.html.haml

@@ -13,6 +13,9 @@
         Nombre de dossier : #{procedure.dossiers.count}
         %br
           Admin :
-          = link_to "#{procedure.administrateur.email}", "mailto:#{procedure.administrateur.email}"
+          %ul
+            - procedure.administrateurs.each do |administrateur|
+              %li
+                = link_to "#{administrateur.email}", "mailto:#{administrateur.email}"
 - else
   Il n'y a aucune démarche douteuse aujourd'hui

app/views/root/landing.html.haml

@@ -43,7 +43,7 @@
         %ul.numbers
           %li.number
             .number-value
-              = number_with_delimiter(Procedure.includes(:administrateur).publiees_ou_archivees.map(&:administrateur).uniq.count, :locale => :fr)
+              = number_with_delimiter(Procedure.includes(:administrateurs).publiees_ou_archivees.flat_map(&:administrateurs).uniq.count, :locale => :fr)
             .number-label<
               administrations
               %br<>