From 92bd382c6428c45339060e26430693182f209158 Mon Sep 17 00:00:00 2001
From: simon lehericey <mail@simon.lehericey.net>
Date: Thu, 27 Jun 2019 16:19:08 +0200
Subject: [PATCH 1/2] [fix #4008] secured login for all gestionnaires

---
 db/migrate/20190627132911_secured_login_by_default.rb | 5 +++++
 db/schema.rb                                          | 4 ++--
 spec/models/gestionnaire_spec.rb                      | 4 ++++
 3 files changed, 11 insertions(+), 2 deletions(-)
 create mode 100644 db/migrate/20190627132911_secured_login_by_default.rb

diff --git a/db/migrate/20190627132911_secured_login_by_default.rb b/db/migrate/20190627132911_secured_login_by_default.rb
new file mode 100644
index 000000000..0a5a0e423
--- /dev/null
+++ b/db/migrate/20190627132911_secured_login_by_default.rb
@@ -0,0 +1,5 @@
+class SecuredLoginByDefault < ActiveRecord::Migration[5.2]
+  def change
+    change_column_default(:gestionnaires, :features, from: {}, to: { "enable_email_login_token": true })
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index f44e8df90..a6427974e 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2019_06_16_141702) do
+ActiveRecord::Schema.define(version: 2019_06_27_132911) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -388,7 +388,7 @@ ActiveRecord::Schema.define(version: 2019_06_16_141702) do
     t.datetime "updated_at"
     t.text "encrypted_login_token"
     t.datetime "login_token_created_at"
-    t.jsonb "features", default: {}, null: false
+    t.jsonb "features", default: {"enable_email_login_token"=>true}, null: false
     t.index ["email"], name: "index_gestionnaires_on_email", unique: true
     t.index ["reset_password_token"], name: "index_gestionnaires_on_reset_password_token", unique: true
   end
diff --git a/spec/models/gestionnaire_spec.rb b/spec/models/gestionnaire_spec.rb
index 14f0c7ef3..86423c874 100644
--- a/spec/models/gestionnaire_spec.rb
+++ b/spec/models/gestionnaire_spec.rb
@@ -12,6 +12,10 @@ describe Gestionnaire, type: :model do
     assign(procedure_2)
   end
 
+  describe 'default features' do
+    it { expect(gestionnaire.features).to eq({ "enable_email_login_token" => true }) }
+  end
+
   describe '#visible_procedures' do
     let(:procedure_not_assigned)           { create :procedure, administrateur: admin }
     let(:procedure_with_default_path)      { create :procedure, administrateur: admin }

From 05b1c416162d9d470982e68f092bf99d9c336b8a Mon Sep 17 00:00:00 2001
From: simon lehericey <mail@simon.lehericey.net>
Date: Thu, 27 Jun 2019 16:33:51 +0200
Subject: [PATCH 2/2] After_party task to enable_secured_login for the stock

---
 .../20190627142239_enable_secured_login_for_all.rake      | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 lib/tasks/deployment/20190627142239_enable_secured_login_for_all.rake

diff --git a/lib/tasks/deployment/20190627142239_enable_secured_login_for_all.rake b/lib/tasks/deployment/20190627142239_enable_secured_login_for_all.rake
new file mode 100644
index 000000000..70120bb96
--- /dev/null
+++ b/lib/tasks/deployment/20190627142239_enable_secured_login_for_all.rake
@@ -0,0 +1,8 @@
+namespace :after_party do
+  desc 'Deployment task: enable_secured_login_for_all'
+  task enable_secured_login_for_all: :environment do
+    Gestionnaire.update_all(features: { "enable_email_login_token": true })
+
+    AfterParty::TaskRecord.create version: '20190627142239'
+  end
+end