Merge pull request #3643 from betagouv/dev

2019-03-20-01
This commit is contained in:
Pierre de La Morinerie 2019-03-20 10:38:54 +01:00 committed by GitHub
commit 3bea78503f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
16 changed files with 118 additions and 237 deletions

View file

@ -22,25 +22,25 @@ GEM
specs:
aasm (5.0.1)
concurrent-ruby (~> 1.0)
actioncable (5.2.2)
actionpack (= 5.2.2)
actioncable (5.2.2.1)
actionpack (= 5.2.2.1)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
actionmailer (5.2.2)
actionpack (= 5.2.2)
actionview (= 5.2.2)
activejob (= 5.2.2)
actionmailer (5.2.2.1)
actionpack (= 5.2.2.1)
actionview (= 5.2.2.1)
activejob (= 5.2.2.1)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
actionpack (5.2.2)
actionview (= 5.2.2)
activesupport (= 5.2.2)
actionpack (5.2.2.1)
actionview (= 5.2.2.1)
activesupport (= 5.2.2.1)
rack (~> 2.0)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
actionview (5.2.2)
activesupport (= 5.2.2)
actionview (5.2.2.1)
activesupport (= 5.2.2.1)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
@ -53,20 +53,20 @@ GEM
activemodel (>= 4.1, < 6)
case_transform (>= 0.2)
jsonapi-renderer (>= 0.1.1.beta1, < 0.3)
activejob (5.2.2)
activesupport (= 5.2.2)
activejob (5.2.2.1)
activesupport (= 5.2.2.1)
globalid (>= 0.3.6)
activemodel (5.2.2)
activesupport (= 5.2.2)
activerecord (5.2.2)
activemodel (= 5.2.2)
activesupport (= 5.2.2)
activemodel (5.2.2.1)
activesupport (= 5.2.2.1)
activerecord (5.2.2.1)
activemodel (= 5.2.2.1)
activesupport (= 5.2.2.1)
arel (>= 9.0)
activestorage (5.2.2)
actionpack (= 5.2.2)
activerecord (= 5.2.2)
activestorage (5.2.2.1)
actionpack (= 5.2.2.1)
activerecord (= 5.2.2.1)
marcel (~> 0.3.1)
activesupport (5.2.2)
activesupport (5.2.2.1)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
@ -148,7 +148,7 @@ GEM
coffee-script-source
execjs
coffee-script-source (1.12.2)
concurrent-ruby (1.1.4)
concurrent-ruby (1.1.5)
copy_carrierwave_file (1.3.0)
carrierwave (>= 0.9)
crack (0.4.3)
@ -174,7 +174,7 @@ GEM
delayed_job (> 2.0.3)
rack-protection (>= 1.5.5)
sinatra (>= 1.4.4)
devise (4.5.0)
devise (4.6.1)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0, < 6.0)
@ -222,7 +222,7 @@ GEM
font-awesome-rails (4.7.0.4)
railties (>= 3.2, < 6.0)
formatador (0.2.5)
globalid (0.4.1)
globalid (0.4.2)
activesupport (>= 4.2.0)
groupdate (4.1.1)
activesupport (>= 4.2)
@ -348,7 +348,7 @@ GEM
nenv (0.3.0)
netrc (0.11.0)
nio4r (2.3.1)
nokogiri (1.10.0)
nokogiri (1.10.1)
mini_portile2 (~> 2.4.0)
notiffany (0.1.1)
nenv (~> 0.1)
@ -424,18 +424,18 @@ GEM
rack
rack-test (1.1.0)
rack (>= 1.0, < 3)
rails (5.2.2)
actioncable (= 5.2.2)
actionmailer (= 5.2.2)
actionpack (= 5.2.2)
actionview (= 5.2.2)
activejob (= 5.2.2)
activemodel (= 5.2.2)
activerecord (= 5.2.2)
activestorage (= 5.2.2)
activesupport (= 5.2.2)
rails (5.2.2.1)
actioncable (= 5.2.2.1)
actionmailer (= 5.2.2.1)
actionpack (= 5.2.2.1)
actionview (= 5.2.2.1)
activejob (= 5.2.2.1)
activemodel (= 5.2.2.1)
activerecord (= 5.2.2.1)
activestorage (= 5.2.2.1)
activesupport (= 5.2.2.1)
bundler (>= 1.3.0)
railties (= 5.2.2)
railties (= 5.2.2.1)
sprockets-rails (>= 2.0.0)
rails-controller-testing (1.0.4)
actionpack (>= 5.0.1.x)
@ -449,9 +449,9 @@ GEM
rails-i18n (5.1.2)
i18n (>= 0.7, < 2)
railties (>= 5.0, < 6)
railties (5.2.2)
actionpack (= 5.2.2)
activesupport (= 5.2.2)
railties (5.2.2.1)
actionpack (= 5.2.2.1)
activesupport (= 5.2.2.1)
method_source
rake (>= 0.8.7)
thor (>= 0.19.0, < 2.0)
@ -464,9 +464,9 @@ GEM
regexp_parser (1.3.0)
request_store (1.4.1)
rack (>= 1.4)
responders (2.4.0)
actionpack (>= 4.2.0, < 5.3)
railties (>= 4.2.0, < 5.3)
responders (2.4.1)
actionpack (>= 4.2.0, < 6.0)
railties (>= 4.2.0, < 6.0)
rest-client (2.0.2)
http-cookie (>= 1.0.2, < 2.0)
mime-types (>= 1.16, < 4.0)

View file

@ -7,17 +7,24 @@ class Champs::SiretController < ApplicationController
find_etablisement
if @siret.empty?
@etablissement&.mark_for_destruction
@champ&.update!(value: '')
@etablissement&.destroy
elsif @siret.present? && @siret.length == 14
etablissement = find_etablisement_with_siret
if etablissement.present?
@etablissement = etablissement
if @champ.present?
etablissement.champ = @champ
etablissement.save!
end
else
@etablissement&.mark_for_destruction
@champ&.update!(value: '')
@etablissement&.destroy
@siret = :not_found
end
else
@etablissement&.mark_for_destruction
@champ&.update!(value: '')
@etablissement&.destroy
@siret = :invalid
end
end
@ -36,10 +43,10 @@ class Champs::SiretController < ApplicationController
def find_etablisement
if params[:champ_id].present?
champ = Champ.find_by(dossier_id: logged_user.dossiers, id: params[:champ_id])
@etablissement = champ&.etablissement
@champ = Champ.find_by(dossier_id: logged_user.dossiers, id: params[:champ_id])
@etablissement = @champ&.etablissement
end
@procedure_id = champ&.dossier&.procedure_id || 'aperçu'
@procedure_id = @champ&.dossier&.procedure_id || 'aperçu'
end
def find_etablisement_with_siret

View file

@ -164,8 +164,7 @@ module NewGestionnaire
def champs_private_params
params.require(:dossier).permit(champs_private_attributes: [
:id, :primary_value, :secondary_value, :piece_justificative_file, :value, value: [],
etablissement_attributes: Champs::SiretChamp::ETABLISSEMENT_ATTRIBUTES
:id, :primary_value, :secondary_value, :piece_justificative_file, :value, value: []
])
end

View file

@ -282,7 +282,6 @@ module NewUser
params.permit(dossier: {
champs_attributes: [
:id, :value, :primary_value, :secondary_value, :piece_justificative_file, value: [],
etablissement_attributes: Champs::SiretChamp::ETABLISSEMENT_ATTRIBUTES,
champs_attributes: [:id, :_destroy, :value, :primary_value, :secondary_value, :piece_justificative_file, value: []]
]
})

View file

@ -1,44 +1,4 @@
class Champs::SiretChamp < Champ
ETABLISSEMENT_ATTRIBUTES = [
:id,
:_destroy,
:signature,
:siret,
:siege_social,
:naf,
:libelle_naf,
:adresse,
:numero_voie,
:type_voie,
:nom_voie,
:code_postal,
:localite,
:code_insee_localite,
:entreprise_siren,
:entreprise_capital_social,
:entreprise_numero_tva_intracommunautaire,
:entreprise_forme_juridique,
:entreprise_forme_juridique_code,
:entreprise_nom_commercial,
:entreprise_raison_sociale,
:entreprise_siret_siege_social,
:entreprise_code_effectif_entreprise,
:entreprise_date_creation,
:entreprise_nom,
:entreprise_prenom,
:association_rna,
:association_titre,
:association_objet,
:association_date_creation,
:association_date_declaration,
:association_date_publication,
exercices_attributes: [
[:id, :ca, :date_fin_exercice, :date_fin_exercice_timestamp]
]
]
accepts_nested_attributes_for :etablissement, allow_destroy: true, update_only: true
def search_terms
etablissement.present? ? etablissement.search_terms : [value]
end

View file

@ -9,8 +9,6 @@ class Etablissement < ApplicationRecord
validates :siret, presence: true
validates :dossier_id, uniqueness: { allow_nil: true }
validate :validate_signature
def search_terms
[
entreprise_siren,
@ -52,16 +50,6 @@ class Etablissement < ApplicationRecord
].reject(&:blank?).join(', ').squeeze(' ')
end
def verify
SignatureService.verify(signature, message_for_signature)
end
def sign
SignatureService.sign(message_for_signature)
end
attr_accessor :signature
def association?
association_rna.present?
end
@ -83,18 +71,4 @@ class Etablissement < ApplicationRecord
inline_adresse: inline_adresse
)
end
private
def validate_signature
if champ && !verify
errors.add(:base, 'Numéro SIRET introuvable.')
end
end
def message_for_signature
JSON.pretty_generate(as_json(include: {
exercices: { only: [:ca, :date_fin_exercice, :date_fin_exercice_timestamp] }
}).delete_if { |_k, v| v.blank? })
end
end

View file

@ -467,7 +467,6 @@ class Procedure < ApplicationRecord
def percentile_time(start_attribute, end_attribute, p)
times = dossiers
.state_termine
.where(end_attribute => 1.month.ago..Time.zone.now)
.pluck(start_attribute, end_attribute)
.map { |(start_date, end_date)| end_date - start_date }

View file

@ -1,22 +0,0 @@
class SignatureService
class << self
def verify(signature, message)
begin
decoded_message = verifier.verify(signature)
return message == decoded_message
rescue ActiveSupport::MessageVerifier::InvalidSignature
return false
end
end
def sign(message)
verifier.generate(message)
end
private
def verifier
@@verifier ||= ActiveSupport::MessageVerifier.new(Rails.application.secrets.signing_key)
end
end
end

View file

@ -9,9 +9,3 @@
- else
- if siret.present? && siret == etablissement&.siret
= render partial: 'shared/dossiers/editable_champs/etablissement_titre', locals: { etablissement: etablissement }
= fields_for attribute, etablissement do |form|
= render partial: 'shared/dossiers/editable_champs/etablissement', locals: { form: form, signature: etablissement.sign }
- elsif etablissement.present?
= fields_for attribute, etablissement do |form|
= form.hidden_field :_destroy

View file

@ -1,34 +0,0 @@
= form.hidden_field :signature, value: signature
= form.hidden_field :siret
= form.hidden_field :siege_social
= form.hidden_field :naf
= form.hidden_field :libelle_naf
= form.hidden_field :adresse
= form.hidden_field :numero_voie
= form.hidden_field :type_voie
= form.hidden_field :nom_voie
= form.hidden_field :code_postal
= form.hidden_field :localite
= form.hidden_field :code_insee_localite
= form.hidden_field :entreprise_siren
= form.hidden_field :entreprise_capital_social
= form.hidden_field :entreprise_numero_tva_intracommunautaire
= form.hidden_field :entreprise_forme_juridique
= form.hidden_field :entreprise_forme_juridique_code
= form.hidden_field :entreprise_nom_commercial
= form.hidden_field :entreprise_raison_sociale
= form.hidden_field :entreprise_siret_siege_social
= form.hidden_field :entreprise_code_effectif_entreprise
= form.hidden_field :entreprise_date_creation
= form.hidden_field :entreprise_nom
= form.hidden_field :entreprise_prenom
= form.hidden_field :association_rna
= form.hidden_field :association_titre
= form.hidden_field :association_objet
= form.hidden_field :association_date_creation
= form.hidden_field :association_date_declaration
= form.hidden_field :association_date_publication
= form.fields_for :exercices do |form|
= form.hidden_field :ca
= form.hidden_field :date_fin_exercice
= form.hidden_field :date_fin_exercice_timestamp

View file

@ -7,5 +7,3 @@
%div{ class: "siret-info-#{form.index}" }
- if champ.etablissement.present?
= render partial: 'shared/dossiers/editable_champs/etablissement_titre', locals: { etablissement: champ.etablissement }
= form.fields_for :etablissement do |form|
= render partial: 'shared/dossiers/editable_champs/etablissement', locals: { form: form, signature: champ.etablissement.sign }

View file

@ -6,8 +6,10 @@ describe Champs::SiretController, type: :controller do
describe '#show' do
let(:dossier) { create(:dossier, user: user, procedure: procedure) }
let(:champ) { create(:champ_siret, dossier: dossier) }
let(:params) do
{
champ_id: champ.id,
dossier: {
champs_attributes: {
'1' => { value: siret.to_s }
@ -30,6 +32,9 @@ describe Champs::SiretController, type: :controller do
it 'empty info message' do
expect(response.body).to include('.siret-info-1')
expect(response.body).to include('innerHTML = ""')
champ.reload
expect(champ.etablissement).to be_nil
expect(champ.value).to be_empty
end
end
@ -41,6 +46,9 @@ describe Champs::SiretController, type: :controller do
it 'invalid error' do
expect(response.body).to include('Le numéro de SIRET doit comporter exactement 14 chiffres.')
champ.reload
expect(champ.etablissement).to be_nil
expect(champ.value).to be_empty
end
end
@ -53,6 +61,9 @@ describe Champs::SiretController, type: :controller do
it 'not found error' do
expect(response.body).to include('Nous navons pas trouvé détablissement correspondant à ce numéro de SIRET.')
champ.reload
expect(champ.etablissement).to be_nil
expect(champ.value).to be_empty
end
end
@ -66,7 +77,9 @@ describe Champs::SiretController, type: :controller do
it 'etablissement info message' do
expect(response.body).to include(etablissement.entreprise_raison_sociale)
expect(response.body).to include(etablissement.entreprise_capital_social.to_s)
champ.reload
expect(champ.value).to eq(etablissement.siret)
expect(champ.etablissement.siret).to eq(etablissement.siret)
end
end
end

View file

@ -160,10 +160,6 @@ FactoryBot.define do
association :type_de_champ, factory: [:type_de_champ_siret]
association :etablissement, factory: [:etablissement]
value { '44011762001530' }
after(:build) do |champ, _evaluator|
champ.etablissement.signature = champ.etablissement.sign
end
end
factory :champ_repetition, class: 'Champs::RepetitionChamp' do

View file

@ -37,24 +37,4 @@ describe Etablissement do
end
end
end
describe '#verify' do
let(:etablissement) { create(:etablissement) }
let(:etablissement2) { create(:etablissement) }
it 'should verify signed etablissement' do
etablissement.signature = etablissement.sign
expect(etablissement.verify).to eq(true)
end
it 'should reject etablissement with other etablissement signature' do
etablissement.signature = etablissement2.sign
expect(etablissement.verify).to eq(false)
end
it 'should reject etablissement with wrong signature' do
etablissement.signature = "fd7687fdsgdf6gd7f8g"
expect(etablissement.verify).to eq(false)
end
end
end

View file

@ -707,6 +707,48 @@ describe Procedure do
end
end
describe '#usual_verification_time' do
let(:procedure) { create(:procedure) }
def create_dossier(construction_date:, instruction_date:)
dossier = create(:dossier, :en_instruction, procedure: procedure)
dossier.update!(en_construction_at: construction_date, en_instruction_at: instruction_date)
end
before do
delays.each do |delay|
create_dossier(construction_date: 1.week.ago - delay, instruction_date: 1.week.ago)
end
end
context 'when there are several dossiers in the time frame' do
let(:delays) { [1.day, 2.days, 2.days, 2.days, 2.days, 3.days, 3.days, 3.days, 3.days, 12.days] }
it 'returns a time representative of the dossier verification delay' do
expect(procedure.usual_verification_time).to be_between(3.days, 4.days)
end
end
context 'when there are very old dossiers' do
let(:delays) { [2.days, 2.days] }
let!(:old_dossier) { create_dossier(construction_date: 3.months.ago, instruction_date: 2.months.ago) }
it 'ignores dossiers older than 1 month' do
expect(procedure.usual_verification_time).to be_within(10.seconds).of(2.days)
end
end
context 'when there is only one dossier in the time frame' do
let(:delays) { [1.day] }
it { expect(procedure.usual_verification_time).to be_within(10.seconds).of(1.day) }
end
context 'where there are no dossiers' do
let(:delays) { [] }
it { expect(procedure.usual_verification_time).to be_nil }
end
end
describe '#usual_instruction_time' do
let(:procedure) { create(:procedure) }
@ -716,13 +758,13 @@ describe Procedure do
end
before do
processed_delays.each do |delay|
delays.each do |delay|
create_dossier(instruction_date: 1.week.ago - delay, processed_date: 1.week.ago)
end
end
context 'when there are several processed dossiers' do
let(:processed_delays) { [1.day, 2.days, 2.days, 2.days, 2.days, 3.days, 3.days, 3.days, 3.days, 12.days] }
let(:delays) { [1.day, 2.days, 2.days, 2.days, 2.days, 3.days, 3.days, 3.days, 3.days, 12.days] }
it 'returns a time representative of the dossier instruction delay' do
expect(procedure.usual_instruction_time).to be_between(3.days, 4.days)
@ -730,7 +772,7 @@ describe Procedure do
end
context 'when there are very old dossiers' do
let(:processed_delays) { [2.days, 2.days] }
let(:delays) { [2.days, 2.days] }
let!(:old_dossier) { create_dossier(instruction_date: 3.months.ago, processed_date: 2.months.ago) }
it 'ignores dossiers older than 1 month' do
@ -739,12 +781,12 @@ describe Procedure do
end
context 'when there is only one processed dossier' do
let(:processed_delays) { [1.day] }
let(:delays) { [1.day] }
it { expect(procedure.usual_instruction_time).to be_within(10.seconds).of(1.day) }
end
context 'where there is no processed dossier' do
let(:processed_delays) { [] }
let(:delays) { [] }
it { expect(procedure.usual_instruction_time).to be_nil }
end
end

View file

@ -1,24 +0,0 @@
require 'spec_helper'
describe SignatureService do
let(:service) { SignatureService }
let(:message) { { hello: 'World!' }.to_json }
let(:tampered_message) { { hello: 'Tampered' }.to_json }
it 'sign and verify' do
signature = service.sign(message)
expect(service.verify(signature, message)).to eq(true)
end
it 'fails the verification if the message changed' do
signature = service.sign(message)
expect(service.verify(signature, tampered_message)).to eq(false)
end
it 'fails the verification if the signature changed' do
other_signature = service.sign(tampered_message)
expect(service.verify(nil, message)).to eq(false)
expect(service.verify('', message)).to eq(false)
expect(service.verify(other_signature, message)).to eq(false)
end
end