Enable flipflop for instructeurs
This commit is contained in:
parent
68c097a64e
commit
48701e80bd
9 changed files with 36 additions and 26 deletions
|
@ -6,6 +6,7 @@ class ApplicationController < ActionController::Base
|
||||||
# Prevent CSRF attacks by raising an exception.
|
# Prevent CSRF attacks by raising an exception.
|
||||||
# For APIs, you may want to use :null_session instead.
|
# For APIs, you may want to use :null_session instead.
|
||||||
protect_from_forgery with: :exception, if: -> { !Rails.env.test? }
|
protect_from_forgery with: :exception, if: -> { !Rails.env.test? }
|
||||||
|
before_action :set_current_roles
|
||||||
before_action :load_navbar_left_pannel_partial_url
|
before_action :load_navbar_left_pannel_partial_url
|
||||||
before_action :set_raven_context
|
before_action :set_raven_context
|
||||||
before_action :redirect_if_untrusted
|
before_action :redirect_if_untrusted
|
||||||
|
@ -79,6 +80,11 @@ class ApplicationController < ActionController::Base
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
|
def set_current_roles
|
||||||
|
Current.administrateur = current_administrateur
|
||||||
|
Current.gestionnaire = current_gestionnaire
|
||||||
|
end
|
||||||
|
|
||||||
def set_active_storage_host
|
def set_active_storage_host
|
||||||
ActiveStorage::Current.host = request.base_url
|
ActiveStorage::Current.host = request.base_url
|
||||||
end
|
end
|
||||||
|
@ -158,7 +164,7 @@ class ApplicationController < ActionController::Base
|
||||||
def redirect_if_untrusted
|
def redirect_if_untrusted
|
||||||
if gestionnaire_signed_in? &&
|
if gestionnaire_signed_in? &&
|
||||||
sensitive_path &&
|
sensitive_path &&
|
||||||
current_gestionnaire.feature_enabled?(:enable_email_login_token) &&
|
Flipflop.enable_email_login_token? &&
|
||||||
!trusted_device?
|
!trusted_device?
|
||||||
|
|
||||||
# return at this location
|
# return at this location
|
||||||
|
|
|
@ -9,19 +9,24 @@ module Flipflop::Strategies
|
||||||
end
|
end
|
||||||
|
|
||||||
def enabled?(feature)
|
def enabled?(feature)
|
||||||
# Can only check features if we have the user's session.
|
find_current_administrateur&.feature_enabled?(feature) ||
|
||||||
if request?
|
find_current_gestionnaire&.feature_enabled?(feature)
|
||||||
find_current_administrateur&.feature_enabled?(feature)
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
def find_current_administrateur
|
def find_current_administrateur
|
||||||
if request.session["warden.user.administrateur.key"]
|
administrateur_id = Current.administrateur&.id
|
||||||
administrateur_id = request.session["warden.user.administrateur.key"][0][0]
|
if administrateur_id
|
||||||
Administrateur.find_by(id: administrateur_id)
|
Administrateur.find_by(id: administrateur_id)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def find_current_gestionnaire
|
||||||
|
gestionnaire_id = Current.gestionnaire&.id
|
||||||
|
if gestionnaire_id
|
||||||
|
Gestionnaire.find_by(id: gestionnaire_id)
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
3
app/models/current.rb
Normal file
3
app/models/current.rb
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
class Current < ActiveSupport::CurrentAttributes
|
||||||
|
attribute :gestionnaire, :administrateur
|
||||||
|
end
|
|
@ -151,9 +151,7 @@ describe ApplicationController, type: :controller do
|
||||||
let(:current_gestionnaire) { create(:gestionnaire) }
|
let(:current_gestionnaire) { create(:gestionnaire) }
|
||||||
|
|
||||||
before do
|
before do
|
||||||
allow(current_gestionnaire).to receive(:feature_enabled?).and_return(feature_enabled)
|
|
||||||
allow(@controller).to receive(:current_gestionnaire).and_return(current_gestionnaire)
|
allow(@controller).to receive(:current_gestionnaire).and_return(current_gestionnaire)
|
||||||
|
|
||||||
allow(@controller).to receive(:redirect_to)
|
allow(@controller).to receive(:redirect_to)
|
||||||
allow(@controller).to receive(:trusted_device?).and_return(trusted_device)
|
allow(@controller).to receive(:trusted_device?).and_return(trusted_device)
|
||||||
allow(@controller).to receive(:gestionnaire_signed_in?).and_return(gestionnaire_signed_in)
|
allow(@controller).to receive(:gestionnaire_signed_in?).and_return(gestionnaire_signed_in)
|
||||||
|
@ -171,7 +169,9 @@ describe ApplicationController, type: :controller do
|
||||||
let(:gestionnaire_signed_in) { true }
|
let(:gestionnaire_signed_in) { true }
|
||||||
|
|
||||||
context 'when the feature is activated' do
|
context 'when the feature is activated' do
|
||||||
let(:feature_enabled) { true }
|
before do
|
||||||
|
Flipflop::FeatureSet.current.test!.switch!(:enable_email_login_token, true)
|
||||||
|
end
|
||||||
|
|
||||||
context 'when the device is trusted' do
|
context 'when the device is trusted' do
|
||||||
let(:trusted_device) { true }
|
let(:trusted_device) { true }
|
||||||
|
@ -183,7 +183,9 @@ describe ApplicationController, type: :controller do
|
||||||
end
|
end
|
||||||
|
|
||||||
context 'when the feature is activated' do
|
context 'when the feature is activated' do
|
||||||
let(:feature_enabled) { true }
|
before do
|
||||||
|
Flipflop::FeatureSet.current.test!.switch!(:enable_email_login_token, true)
|
||||||
|
end
|
||||||
|
|
||||||
context 'when the device is not trusted' do
|
context 'when the device is not trusted' do
|
||||||
let(:trusted_device) { false }
|
let(:trusted_device) { false }
|
||||||
|
|
|
@ -10,12 +10,13 @@ describe Users::SessionsController, type: :controller do
|
||||||
|
|
||||||
describe '#create' do
|
describe '#create' do
|
||||||
context "when the user is also a gestionnaire and an administrateur" do
|
context "when the user is also a gestionnaire and an administrateur" do
|
||||||
let!(:administrateur) { create(:administrateur, :with_admin_trusted_device, email: email, password: password) }
|
let!(:administrateur) { create(:administrateur, email: email, password: password) }
|
||||||
let(:gestionnaire) { administrateur.gestionnaire }
|
let(:gestionnaire) { administrateur.gestionnaire }
|
||||||
let(:trusted_device) { true }
|
let(:trusted_device) { true }
|
||||||
let(:send_password) { password }
|
let(:send_password) { password }
|
||||||
|
|
||||||
before do
|
before do
|
||||||
|
Flipflop::FeatureSet.current.test!.switch!(:enable_email_login_token, true)
|
||||||
allow(controller).to receive(:trusted_device?).and_return(trusted_device)
|
allow(controller).to receive(:trusted_device?).and_return(trusted_device)
|
||||||
allow(GestionnaireMailer).to receive(:send_login_token).and_return(double(deliver_later: true))
|
allow(GestionnaireMailer).to receive(:send_login_token).and_return(double(deliver_later: true))
|
||||||
end
|
end
|
||||||
|
|
|
@ -9,12 +9,6 @@ FactoryBot.define do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
trait :with_admin_trusted_device do
|
|
||||||
after(:create) do |admin|
|
|
||||||
admin.gestionnaire.update(features: { "enable_email_login_token" => true })
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
trait :with_api_token do
|
trait :with_api_token do
|
||||||
after(:create) do |admin|
|
after(:create) do |admin|
|
||||||
admin.renew_api_token
|
admin.renew_api_token
|
||||||
|
|
|
@ -4,10 +4,4 @@ FactoryBot.define do
|
||||||
email { generate(:gestionnaire_email) }
|
email { generate(:gestionnaire_email) }
|
||||||
password { 'password' }
|
password { 'password' }
|
||||||
end
|
end
|
||||||
|
|
||||||
trait :with_trusted_device do
|
|
||||||
after(:create) do |gestionnaire|
|
|
||||||
gestionnaire.update(features: { "enable_email_login_token" => true })
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -5,9 +5,10 @@ feature 'Administrator connection' do
|
||||||
|
|
||||||
let(:email) { 'admin1@admin.com' }
|
let(:email) { 'admin1@admin.com' }
|
||||||
let(:password) { 'mon chien aime les bananes' }
|
let(:password) { 'mon chien aime les bananes' }
|
||||||
let!(:admin) { create(:administrateur, :with_admin_trusted_device, :with_procedure, email: email, password: password) }
|
let!(:admin) { create(:administrateur, :with_procedure, email: email, password: password) }
|
||||||
|
|
||||||
before do
|
before do
|
||||||
|
Flipflop::FeatureSet.current.test!.switch!(:enable_email_login_token, true)
|
||||||
visit new_administrateur_session_path
|
visit new_administrateur_session_path
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -4,11 +4,15 @@ feature 'The gestionnaire part' do
|
||||||
include ActiveJob::TestHelper
|
include ActiveJob::TestHelper
|
||||||
|
|
||||||
let(:password) { 'secret_password' }
|
let(:password) { 'secret_password' }
|
||||||
let!(:gestionnaire) { create(:gestionnaire, :with_trusted_device, password: password) }
|
let!(:gestionnaire) { create(:gestionnaire, password: password) }
|
||||||
|
|
||||||
let!(:procedure) { create(:procedure, :published, gestionnaires: [gestionnaire]) }
|
let!(:procedure) { create(:procedure, :published, gestionnaires: [gestionnaire]) }
|
||||||
let!(:dossier) { create(:dossier, state: Dossier.states.fetch(:en_construction), procedure: procedure) }
|
let!(:dossier) { create(:dossier, state: Dossier.states.fetch(:en_construction), procedure: procedure) }
|
||||||
|
|
||||||
|
before do
|
||||||
|
Flipflop::FeatureSet.current.test!.switch!(:enable_email_login_token, true)
|
||||||
|
end
|
||||||
|
|
||||||
context 'when the gestionnaire is also a user' do
|
context 'when the gestionnaire is also a user' do
|
||||||
let!(:user) { create(:user, email: gestionnaire.email, password: password) }
|
let!(:user) { create(:user, email: gestionnaire.email, password: password) }
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue