diff --git a/Gemfile.lock b/Gemfile.lock index f2250a9da..1698f81a4 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -22,25 +22,25 @@ GEM specs: aasm (5.0.1) concurrent-ruby (~> 1.0) - actioncable (5.2.2) - actionpack (= 5.2.2) + actioncable (5.2.2.1) + actionpack (= 5.2.2.1) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailer (5.2.2) - actionpack (= 5.2.2) - actionview (= 5.2.2) - activejob (= 5.2.2) + actionmailer (5.2.2.1) + actionpack (= 5.2.2.1) + actionview (= 5.2.2.1) + activejob (= 5.2.2.1) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (5.2.2) - actionview (= 5.2.2) - activesupport (= 5.2.2) + actionpack (5.2.2.1) + actionview (= 5.2.2.1) + activesupport (= 5.2.2.1) rack (~> 2.0) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (5.2.2) - activesupport (= 5.2.2) + actionview (5.2.2.1) + activesupport (= 5.2.2.1) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) @@ -53,20 +53,20 @@ GEM activemodel (>= 4.1, < 6) case_transform (>= 0.2) jsonapi-renderer (>= 0.1.1.beta1, < 0.3) - activejob (5.2.2) - activesupport (= 5.2.2) + activejob (5.2.2.1) + activesupport (= 5.2.2.1) globalid (>= 0.3.6) - activemodel (5.2.2) - activesupport (= 5.2.2) - activerecord (5.2.2) - activemodel (= 5.2.2) - activesupport (= 5.2.2) + activemodel (5.2.2.1) + activesupport (= 5.2.2.1) + activerecord (5.2.2.1) + activemodel (= 5.2.2.1) + activesupport (= 5.2.2.1) arel (>= 9.0) - activestorage (5.2.2) - actionpack (= 5.2.2) - activerecord (= 5.2.2) + activestorage (5.2.2.1) + actionpack (= 5.2.2.1) + activerecord (= 5.2.2.1) marcel (~> 0.3.1) - activesupport (5.2.2) + activesupport (5.2.2.1) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 0.7, < 2) minitest (~> 5.1) @@ -148,7 +148,7 @@ GEM coffee-script-source execjs coffee-script-source (1.12.2) - concurrent-ruby (1.1.4) + concurrent-ruby (1.1.5) copy_carrierwave_file (1.3.0) carrierwave (>= 0.9) crack (0.4.3) @@ -174,7 +174,7 @@ GEM delayed_job (> 2.0.3) rack-protection (>= 1.5.5) sinatra (>= 1.4.4) - devise (4.5.0) + devise (4.6.1) bcrypt (~> 3.0) orm_adapter (~> 0.1) railties (>= 4.1.0, < 6.0) @@ -222,7 +222,7 @@ GEM font-awesome-rails (4.7.0.4) railties (>= 3.2, < 6.0) formatador (0.2.5) - globalid (0.4.1) + globalid (0.4.2) activesupport (>= 4.2.0) groupdate (4.1.1) activesupport (>= 4.2) @@ -348,7 +348,7 @@ GEM nenv (0.3.0) netrc (0.11.0) nio4r (2.3.1) - nokogiri (1.10.0) + nokogiri (1.10.1) mini_portile2 (~> 2.4.0) notiffany (0.1.1) nenv (~> 0.1) @@ -424,18 +424,18 @@ GEM rack rack-test (1.1.0) rack (>= 1.0, < 3) - rails (5.2.2) - actioncable (= 5.2.2) - actionmailer (= 5.2.2) - actionpack (= 5.2.2) - actionview (= 5.2.2) - activejob (= 5.2.2) - activemodel (= 5.2.2) - activerecord (= 5.2.2) - activestorage (= 5.2.2) - activesupport (= 5.2.2) + rails (5.2.2.1) + actioncable (= 5.2.2.1) + actionmailer (= 5.2.2.1) + actionpack (= 5.2.2.1) + actionview (= 5.2.2.1) + activejob (= 5.2.2.1) + activemodel (= 5.2.2.1) + activerecord (= 5.2.2.1) + activestorage (= 5.2.2.1) + activesupport (= 5.2.2.1) bundler (>= 1.3.0) - railties (= 5.2.2) + railties (= 5.2.2.1) sprockets-rails (>= 2.0.0) rails-controller-testing (1.0.4) actionpack (>= 5.0.1.x) @@ -449,9 +449,9 @@ GEM rails-i18n (5.1.2) i18n (>= 0.7, < 2) railties (>= 5.0, < 6) - railties (5.2.2) - actionpack (= 5.2.2) - activesupport (= 5.2.2) + railties (5.2.2.1) + actionpack (= 5.2.2.1) + activesupport (= 5.2.2.1) method_source rake (>= 0.8.7) thor (>= 0.19.0, < 2.0) @@ -464,9 +464,9 @@ GEM regexp_parser (1.3.0) request_store (1.4.1) rack (>= 1.4) - responders (2.4.0) - actionpack (>= 4.2.0, < 5.3) - railties (>= 4.2.0, < 5.3) + responders (2.4.1) + actionpack (>= 4.2.0, < 6.0) + railties (>= 4.2.0, < 6.0) rest-client (2.0.2) http-cookie (>= 1.0.2, < 2.0) mime-types (>= 1.16, < 4.0) diff --git a/app/controllers/champs/siret_controller.rb b/app/controllers/champs/siret_controller.rb index dd1d73b18..763146915 100644 --- a/app/controllers/champs/siret_controller.rb +++ b/app/controllers/champs/siret_controller.rb @@ -7,17 +7,24 @@ class Champs::SiretController < ApplicationController find_etablisement if @siret.empty? - @etablissement&.mark_for_destruction + @champ&.update!(value: '') + @etablissement&.destroy elsif @siret.present? && @siret.length == 14 etablissement = find_etablisement_with_siret if etablissement.present? @etablissement = etablissement + if @champ.present? + etablissement.champ = @champ + etablissement.save! + end else - @etablissement&.mark_for_destruction + @champ&.update!(value: '') + @etablissement&.destroy @siret = :not_found end else - @etablissement&.mark_for_destruction + @champ&.update!(value: '') + @etablissement&.destroy @siret = :invalid end end @@ -36,10 +43,10 @@ class Champs::SiretController < ApplicationController def find_etablisement if params[:champ_id].present? - champ = Champ.find_by(dossier_id: logged_user.dossiers, id: params[:champ_id]) - @etablissement = champ&.etablissement + @champ = Champ.find_by(dossier_id: logged_user.dossiers, id: params[:champ_id]) + @etablissement = @champ&.etablissement end - @procedure_id = champ&.dossier&.procedure_id || 'aperçu' + @procedure_id = @champ&.dossier&.procedure_id || 'aperçu' end def find_etablisement_with_siret diff --git a/app/controllers/new_gestionnaire/dossiers_controller.rb b/app/controllers/new_gestionnaire/dossiers_controller.rb index 341a88da6..1e06d4fac 100644 --- a/app/controllers/new_gestionnaire/dossiers_controller.rb +++ b/app/controllers/new_gestionnaire/dossiers_controller.rb @@ -164,8 +164,7 @@ module NewGestionnaire def champs_private_params params.require(:dossier).permit(champs_private_attributes: [ - :id, :primary_value, :secondary_value, :piece_justificative_file, :value, value: [], - etablissement_attributes: Champs::SiretChamp::ETABLISSEMENT_ATTRIBUTES + :id, :primary_value, :secondary_value, :piece_justificative_file, :value, value: [] ]) end diff --git a/app/controllers/new_user/dossiers_controller.rb b/app/controllers/new_user/dossiers_controller.rb index 6bbd5c412..b4bb54a99 100644 --- a/app/controllers/new_user/dossiers_controller.rb +++ b/app/controllers/new_user/dossiers_controller.rb @@ -282,7 +282,6 @@ module NewUser params.permit(dossier: { champs_attributes: [ :id, :value, :primary_value, :secondary_value, :piece_justificative_file, value: [], - etablissement_attributes: Champs::SiretChamp::ETABLISSEMENT_ATTRIBUTES, champs_attributes: [:id, :_destroy, :value, :primary_value, :secondary_value, :piece_justificative_file, value: []] ] }) diff --git a/app/models/champs/siret_champ.rb b/app/models/champs/siret_champ.rb index c2eb139b5..d968c85b7 100644 --- a/app/models/champs/siret_champ.rb +++ b/app/models/champs/siret_champ.rb @@ -1,44 +1,4 @@ class Champs::SiretChamp < Champ - ETABLISSEMENT_ATTRIBUTES = [ - :id, - :_destroy, - :signature, - :siret, - :siege_social, - :naf, - :libelle_naf, - :adresse, - :numero_voie, - :type_voie, - :nom_voie, - :code_postal, - :localite, - :code_insee_localite, - :entreprise_siren, - :entreprise_capital_social, - :entreprise_numero_tva_intracommunautaire, - :entreprise_forme_juridique, - :entreprise_forme_juridique_code, - :entreprise_nom_commercial, - :entreprise_raison_sociale, - :entreprise_siret_siege_social, - :entreprise_code_effectif_entreprise, - :entreprise_date_creation, - :entreprise_nom, - :entreprise_prenom, - :association_rna, - :association_titre, - :association_objet, - :association_date_creation, - :association_date_declaration, - :association_date_publication, - exercices_attributes: [ - [:id, :ca, :date_fin_exercice, :date_fin_exercice_timestamp] - ] - ] - - accepts_nested_attributes_for :etablissement, allow_destroy: true, update_only: true - def search_terms etablissement.present? ? etablissement.search_terms : [value] end diff --git a/app/models/etablissement.rb b/app/models/etablissement.rb index 67952e5f0..68df850d3 100644 --- a/app/models/etablissement.rb +++ b/app/models/etablissement.rb @@ -9,8 +9,6 @@ class Etablissement < ApplicationRecord validates :siret, presence: true validates :dossier_id, uniqueness: { allow_nil: true } - validate :validate_signature - def search_terms [ entreprise_siren, @@ -52,16 +50,6 @@ class Etablissement < ApplicationRecord ].reject(&:blank?).join(', ').squeeze(' ') end - def verify - SignatureService.verify(signature, message_for_signature) - end - - def sign - SignatureService.sign(message_for_signature) - end - - attr_accessor :signature - def association? association_rna.present? end @@ -83,18 +71,4 @@ class Etablissement < ApplicationRecord inline_adresse: inline_adresse ) end - - private - - def validate_signature - if champ && !verify - errors.add(:base, 'Numéro SIRET introuvable.') - end - end - - def message_for_signature - JSON.pretty_generate(as_json(include: { - exercices: { only: [:ca, :date_fin_exercice, :date_fin_exercice_timestamp] } - }).delete_if { |_k, v| v.blank? }) - end end diff --git a/app/models/procedure.rb b/app/models/procedure.rb index e1bb60838..efad7eb07 100644 --- a/app/models/procedure.rb +++ b/app/models/procedure.rb @@ -467,7 +467,6 @@ class Procedure < ApplicationRecord def percentile_time(start_attribute, end_attribute, p) times = dossiers - .state_termine .where(end_attribute => 1.month.ago..Time.zone.now) .pluck(start_attribute, end_attribute) .map { |(start_date, end_date)| end_date - start_date } diff --git a/app/services/signature_service.rb b/app/services/signature_service.rb deleted file mode 100644 index 4fafd51b2..000000000 --- a/app/services/signature_service.rb +++ /dev/null @@ -1,22 +0,0 @@ -class SignatureService - class << self - def verify(signature, message) - begin - decoded_message = verifier.verify(signature) - return message == decoded_message - rescue ActiveSupport::MessageVerifier::InvalidSignature - return false - end - end - - def sign(message) - verifier.generate(message) - end - - private - - def verifier - @@verifier ||= ActiveSupport::MessageVerifier.new(Rails.application.secrets.signing_key) - end - end -end diff --git a/app/views/shared/champs/siret/_etablissement.html.haml b/app/views/shared/champs/siret/_etablissement.html.haml index 556b39e90..bdb8eb8e4 100644 --- a/app/views/shared/champs/siret/_etablissement.html.haml +++ b/app/views/shared/champs/siret/_etablissement.html.haml @@ -9,9 +9,3 @@ - else - if siret.present? && siret == etablissement&.siret = render partial: 'shared/dossiers/editable_champs/etablissement_titre', locals: { etablissement: etablissement } - = fields_for attribute, etablissement do |form| - = render partial: 'shared/dossiers/editable_champs/etablissement', locals: { form: form, signature: etablissement.sign } - - - elsif etablissement.present? - = fields_for attribute, etablissement do |form| - = form.hidden_field :_destroy diff --git a/app/views/shared/dossiers/editable_champs/_etablissement.html.haml b/app/views/shared/dossiers/editable_champs/_etablissement.html.haml deleted file mode 100644 index 81d5baac9..000000000 --- a/app/views/shared/dossiers/editable_champs/_etablissement.html.haml +++ /dev/null @@ -1,34 +0,0 @@ -= form.hidden_field :signature, value: signature -= form.hidden_field :siret -= form.hidden_field :siege_social -= form.hidden_field :naf -= form.hidden_field :libelle_naf -= form.hidden_field :adresse -= form.hidden_field :numero_voie -= form.hidden_field :type_voie -= form.hidden_field :nom_voie -= form.hidden_field :code_postal -= form.hidden_field :localite -= form.hidden_field :code_insee_localite -= form.hidden_field :entreprise_siren -= form.hidden_field :entreprise_capital_social -= form.hidden_field :entreprise_numero_tva_intracommunautaire -= form.hidden_field :entreprise_forme_juridique -= form.hidden_field :entreprise_forme_juridique_code -= form.hidden_field :entreprise_nom_commercial -= form.hidden_field :entreprise_raison_sociale -= form.hidden_field :entreprise_siret_siege_social -= form.hidden_field :entreprise_code_effectif_entreprise -= form.hidden_field :entreprise_date_creation -= form.hidden_field :entreprise_nom -= form.hidden_field :entreprise_prenom -= form.hidden_field :association_rna -= form.hidden_field :association_titre -= form.hidden_field :association_objet -= form.hidden_field :association_date_creation -= form.hidden_field :association_date_declaration -= form.hidden_field :association_date_publication -= form.fields_for :exercices do |form| - = form.hidden_field :ca - = form.hidden_field :date_fin_exercice - = form.hidden_field :date_fin_exercice_timestamp diff --git a/app/views/shared/dossiers/editable_champs/_siret.html.haml b/app/views/shared/dossiers/editable_champs/_siret.html.haml index 740061365..ca5bbac72 100644 --- a/app/views/shared/dossiers/editable_champs/_siret.html.haml +++ b/app/views/shared/dossiers/editable_champs/_siret.html.haml @@ -7,5 +7,3 @@ %div{ class: "siret-info-#{form.index}" } - if champ.etablissement.present? = render partial: 'shared/dossiers/editable_champs/etablissement_titre', locals: { etablissement: champ.etablissement } - = form.fields_for :etablissement do |form| - = render partial: 'shared/dossiers/editable_champs/etablissement', locals: { form: form, signature: champ.etablissement.sign } diff --git a/spec/controllers/champs/siret_controller_spec.rb b/spec/controllers/champs/siret_controller_spec.rb index e4e62311d..dfacb8f36 100644 --- a/spec/controllers/champs/siret_controller_spec.rb +++ b/spec/controllers/champs/siret_controller_spec.rb @@ -6,8 +6,10 @@ describe Champs::SiretController, type: :controller do describe '#show' do let(:dossier) { create(:dossier, user: user, procedure: procedure) } + let(:champ) { create(:champ_siret, dossier: dossier) } let(:params) do { + champ_id: champ.id, dossier: { champs_attributes: { '1' => { value: siret.to_s } @@ -30,6 +32,9 @@ describe Champs::SiretController, type: :controller do it 'empty info message' do expect(response.body).to include('.siret-info-1') expect(response.body).to include('innerHTML = ""') + champ.reload + expect(champ.etablissement).to be_nil + expect(champ.value).to be_empty end end @@ -41,6 +46,9 @@ describe Champs::SiretController, type: :controller do it 'invalid error' do expect(response.body).to include('Le numéro de SIRET doit comporter exactement 14 chiffres.') + champ.reload + expect(champ.etablissement).to be_nil + expect(champ.value).to be_empty end end @@ -53,6 +61,9 @@ describe Champs::SiretController, type: :controller do it 'not found error' do expect(response.body).to include('Nous n’avons pas trouvé d’établissement correspondant à ce numéro de SIRET.') + champ.reload + expect(champ.etablissement).to be_nil + expect(champ.value).to be_empty end end @@ -66,7 +77,9 @@ describe Champs::SiretController, type: :controller do it 'etablissement info message' do expect(response.body).to include(etablissement.entreprise_raison_sociale) - expect(response.body).to include(etablissement.entreprise_capital_social.to_s) + champ.reload + expect(champ.value).to eq(etablissement.siret) + expect(champ.etablissement.siret).to eq(etablissement.siret) end end end diff --git a/spec/factories/champ.rb b/spec/factories/champ.rb index c1cb471e7..af14458ad 100644 --- a/spec/factories/champ.rb +++ b/spec/factories/champ.rb @@ -160,10 +160,6 @@ FactoryBot.define do association :type_de_champ, factory: [:type_de_champ_siret] association :etablissement, factory: [:etablissement] value { '44011762001530' } - - after(:build) do |champ, _evaluator| - champ.etablissement.signature = champ.etablissement.sign - end end factory :champ_repetition, class: 'Champs::RepetitionChamp' do diff --git a/spec/models/etablissement_spec.rb b/spec/models/etablissement_spec.rb index 27bb13084..bdfc65650 100644 --- a/spec/models/etablissement_spec.rb +++ b/spec/models/etablissement_spec.rb @@ -37,24 +37,4 @@ describe Etablissement do end end end - - describe '#verify' do - let(:etablissement) { create(:etablissement) } - let(:etablissement2) { create(:etablissement) } - - it 'should verify signed etablissement' do - etablissement.signature = etablissement.sign - expect(etablissement.verify).to eq(true) - end - - it 'should reject etablissement with other etablissement signature' do - etablissement.signature = etablissement2.sign - expect(etablissement.verify).to eq(false) - end - - it 'should reject etablissement with wrong signature' do - etablissement.signature = "fd7687fdsgdf6gd7f8g" - expect(etablissement.verify).to eq(false) - end - end end diff --git a/spec/models/procedure_spec.rb b/spec/models/procedure_spec.rb index d6a9df4dc..00d6ff862 100644 --- a/spec/models/procedure_spec.rb +++ b/spec/models/procedure_spec.rb @@ -707,6 +707,48 @@ describe Procedure do end end + describe '#usual_verification_time' do + let(:procedure) { create(:procedure) } + + def create_dossier(construction_date:, instruction_date:) + dossier = create(:dossier, :en_instruction, procedure: procedure) + dossier.update!(en_construction_at: construction_date, en_instruction_at: instruction_date) + end + + before do + delays.each do |delay| + create_dossier(construction_date: 1.week.ago - delay, instruction_date: 1.week.ago) + end + end + + context 'when there are several dossiers in the time frame' do + let(:delays) { [1.day, 2.days, 2.days, 2.days, 2.days, 3.days, 3.days, 3.days, 3.days, 12.days] } + + it 'returns a time representative of the dossier verification delay' do + expect(procedure.usual_verification_time).to be_between(3.days, 4.days) + end + end + + context 'when there are very old dossiers' do + let(:delays) { [2.days, 2.days] } + let!(:old_dossier) { create_dossier(construction_date: 3.months.ago, instruction_date: 2.months.ago) } + + it 'ignores dossiers older than 1 month' do + expect(procedure.usual_verification_time).to be_within(10.seconds).of(2.days) + end + end + + context 'when there is only one dossier in the time frame' do + let(:delays) { [1.day] } + it { expect(procedure.usual_verification_time).to be_within(10.seconds).of(1.day) } + end + + context 'where there are no dossiers' do + let(:delays) { [] } + it { expect(procedure.usual_verification_time).to be_nil } + end + end + describe '#usual_instruction_time' do let(:procedure) { create(:procedure) } @@ -716,13 +758,13 @@ describe Procedure do end before do - processed_delays.each do |delay| + delays.each do |delay| create_dossier(instruction_date: 1.week.ago - delay, processed_date: 1.week.ago) end end context 'when there are several processed dossiers' do - let(:processed_delays) { [1.day, 2.days, 2.days, 2.days, 2.days, 3.days, 3.days, 3.days, 3.days, 12.days] } + let(:delays) { [1.day, 2.days, 2.days, 2.days, 2.days, 3.days, 3.days, 3.days, 3.days, 12.days] } it 'returns a time representative of the dossier instruction delay' do expect(procedure.usual_instruction_time).to be_between(3.days, 4.days) @@ -730,7 +772,7 @@ describe Procedure do end context 'when there are very old dossiers' do - let(:processed_delays) { [2.days, 2.days] } + let(:delays) { [2.days, 2.days] } let!(:old_dossier) { create_dossier(instruction_date: 3.months.ago, processed_date: 2.months.ago) } it 'ignores dossiers older than 1 month' do @@ -739,12 +781,12 @@ describe Procedure do end context 'when there is only one processed dossier' do - let(:processed_delays) { [1.day] } + let(:delays) { [1.day] } it { expect(procedure.usual_instruction_time).to be_within(10.seconds).of(1.day) } end context 'where there is no processed dossier' do - let(:processed_delays) { [] } + let(:delays) { [] } it { expect(procedure.usual_instruction_time).to be_nil } end end diff --git a/spec/services/signature_service_spec.rb b/spec/services/signature_service_spec.rb deleted file mode 100644 index 14a160f69..000000000 --- a/spec/services/signature_service_spec.rb +++ /dev/null @@ -1,24 +0,0 @@ -require 'spec_helper' - -describe SignatureService do - let(:service) { SignatureService } - let(:message) { { hello: 'World!' }.to_json } - let(:tampered_message) { { hello: 'Tampered' }.to_json } - - it 'sign and verify' do - signature = service.sign(message) - expect(service.verify(signature, message)).to eq(true) - end - - it 'fails the verification if the message changed' do - signature = service.sign(message) - expect(service.verify(signature, tampered_message)).to eq(false) - end - - it 'fails the verification if the signature changed' do - other_signature = service.sign(tampered_message) - expect(service.verify(nil, message)).to eq(false) - expect(service.verify('', message)).to eq(false) - expect(service.verify(other_signature, message)).to eq(false) - end -end