Merge pull request #1963 from betagouv/fix-1931

[RGPD] [Fix #1931] User can ask support to delete dossier
This commit is contained in:
gregoirenovel 2018-05-24 16:49:28 +02:00 committed by GitHub
commit 0b19f1a8c5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 63 additions and 0 deletions

View file

@ -98,6 +98,13 @@ module NewUser
end
end
def ask_deletion
@dossier = current_user.dossiers.find(params[:id])
DossierMailer.ask_deletion(@dossier).deliver_later
flash.notice = 'Une demande de suppression de votre dossier a été envoyée, elle sera traitée dans les plus brefs délais.'
redirect_to users_dossier_recapitulatif_path(@dossier)
end
private
def page

View file

@ -0,0 +1,8 @@
class DossierMailer < ApplicationMailer
layout 'mailers/layout'
def ask_deletion(dossier)
@dossier = dossier
mail(to: "contact@demarches-simplifiees.fr", subject: "Demande de suppression de dossier")
end
end

View file

@ -0,0 +1,12 @@
- content_for(:title, 'Demande de suppression de dossier')
%h1 Bonjour
%p
Une demande de suppression a été effectuée pour le dossier
= @dossier.id
par l'utilisateur
= @dossier.user.email
\.
%p
Merci de le notifier quand cela est fait.

View file

@ -13,3 +13,9 @@
.split-hr-left
.dossier-state= @facade.dossier.display_state
.split-hr-left
.text-center.mt-1
= link_to ask_deletion_dossier_path(@facade.dossier), method: :post, class:"btn btn-danger", data: { confirm: "Confirmez-vous la demande de suppression de ce dossier ?" } do
Demander la suppression
%br
du dossier

View file

@ -225,6 +225,7 @@ Rails.application.routes.draw do
patch 'update_identite'
get 'modifier'
get 'merci'
post 'ask_deletion'
end
get 'attestation'
end

View file

@ -384,4 +384,33 @@ describe NewUser::DossiersController, type: :controller do
end
end
end
describe '#ask_deletion' do
before { sign_in(user) }
subject { post :ask_deletion, params: { id: dossier.id } }
context 'when dossier is owned by signed in user' do
let(:dossier) { create(:dossier, user: user, autorisation_donnees: true) }
it do
expect(DossierMailer).to receive(:ask_deletion).and_return(double(deliver_later: nil))
subject
end
it { is_expected.to redirect_to(users_dossier_recapitulatif_path(dossier)) }
end
context 'when dossier is not owned by signed in user' do
let(:user2) { create(:user) }
let(:dossier) { create(:dossier, user: user2, autorisation_donnees: true) }
it do
expect(DossierMailer).not_to receive(:ask_deletion)
subject
end
it { is_expected.to redirect_to(root_path) }
end
end
end