Merge pull request #3598 from tchak/fix-siret-champ

[fix #3593] Save SIRET data on search

app/controllers/champs/siret_controller.rb

@@ -7,17 +7,24 @@ class Champs::SiretController < ApplicationController
     find_etablisement
 
     if @siret.empty?
-      @etablissement&.mark_for_destruction
+      @champ&.update!(value: '')
+      @etablissement&.destroy
     elsif @siret.present? && @siret.length == 14
       etablissement = find_etablisement_with_siret
       if etablissement.present?
         @etablissement = etablissement
+        if @champ.present?
+          etablissement.champ = @champ
+          etablissement.save!
+        end
       else
-        @etablissement&.mark_for_destruction
+        @champ&.update!(value: '')
+        @etablissement&.destroy
         @siret = :not_found
       end
     else
-      @etablissement&.mark_for_destruction
+      @champ&.update!(value: '')
+      @etablissement&.destroy
       @siret = :invalid
     end
   end
@@ -36,10 +43,10 @@ class Champs::SiretController < ApplicationController
 
   def find_etablisement
     if params[:champ_id].present?
-      champ = Champ.find_by(dossier_id: logged_user.dossiers, id: params[:champ_id])
-      @etablissement = champ&.etablissement
+      @champ = Champ.find_by(dossier_id: logged_user.dossiers, id: params[:champ_id])
+      @etablissement = @champ&.etablissement
     end
-    @procedure_id = champ&.dossier&.procedure_id || 'aperçu'
+    @procedure_id = @champ&.dossier&.procedure_id || 'aperçu'
   end
 
   def find_etablisement_with_siret

app/controllers/new_gestionnaire/dossiers_controller.rb

@@ -164,8 +164,7 @@ module NewGestionnaire
 
     def champs_private_params
       params.require(:dossier).permit(champs_private_attributes: [
-        :id, :primary_value, :secondary_value, :piece_justificative_file, :value, value: [],
-        etablissement_attributes: Champs::SiretChamp::ETABLISSEMENT_ATTRIBUTES
+        :id, :primary_value, :secondary_value, :piece_justificative_file, :value, value: []
       ])
     end
 

app/controllers/new_user/dossiers_controller.rb

@@ -282,7 +282,6 @@ module NewUser
       params.permit(dossier: {
         champs_attributes: [
           :id, :value, :primary_value, :secondary_value, :piece_justificative_file, value: [],
-          etablissement_attributes: Champs::SiretChamp::ETABLISSEMENT_ATTRIBUTES,
           champs_attributes: [:id, :_destroy, :value, :primary_value, :secondary_value, :piece_justificative_file, value: []]
         ]
       })

app/models/champs/siret_champ.rb

@@ -1,44 +1,4 @@
 class Champs::SiretChamp < Champ
-  ETABLISSEMENT_ATTRIBUTES = [
-    :id,
-    :_destroy,
-    :signature,
-    :siret,
-    :siege_social,
-    :naf,
-    :libelle_naf,
-    :adresse,
-    :numero_voie,
-    :type_voie,
-    :nom_voie,
-    :code_postal,
-    :localite,
-    :code_insee_localite,
-    :entreprise_siren,
-    :entreprise_capital_social,
-    :entreprise_numero_tva_intracommunautaire,
-    :entreprise_forme_juridique,
-    :entreprise_forme_juridique_code,
-    :entreprise_nom_commercial,
-    :entreprise_raison_sociale,
-    :entreprise_siret_siege_social,
-    :entreprise_code_effectif_entreprise,
-    :entreprise_date_creation,
-    :entreprise_nom,
-    :entreprise_prenom,
-    :association_rna,
-    :association_titre,
-    :association_objet,
-    :association_date_creation,
-    :association_date_declaration,
-    :association_date_publication,
-    exercices_attributes: [
-      [:id, :ca, :date_fin_exercice, :date_fin_exercice_timestamp]
-    ]
-  ]
-
-  accepts_nested_attributes_for :etablissement, allow_destroy: true, update_only: true
-
   def search_terms
     etablissement.present? ? etablissement.search_terms : [value]
   end

app/models/etablissement.rb

@@ -9,8 +9,6 @@ class Etablissement < ApplicationRecord
   validates :siret, presence: true
   validates :dossier_id, uniqueness: { allow_nil: true }
 
-  validate :validate_signature
-
   def search_terms
     [
       entreprise_siren,
@@ -52,16 +50,6 @@ class Etablissement < ApplicationRecord
     ].reject(&:blank?).join(', ').squeeze(' ')
   end
 
-  def verify
-    SignatureService.verify(signature, message_for_signature)
-  end
-
-  def sign
-    SignatureService.sign(message_for_signature)
-  end
-
-  attr_accessor :signature
-
   def association?
     association_rna.present?
   end
@@ -83,18 +71,4 @@ class Etablissement < ApplicationRecord
       inline_adresse: inline_adresse
     )
   end
-
-  private
-
-  def validate_signature
-    if champ && !verify
-      errors.add(:base, 'Numéro SIRET introuvable.')
-    end
-  end
-
-  def message_for_signature
-    JSON.pretty_generate(as_json(include: {
-      exercices: { only: [:ca, :date_fin_exercice, :date_fin_exercice_timestamp] }
-    }).delete_if { |_k, v| v.blank? })
-  end
 end

app/services/signature_service.rb

@@ -1,22 +0,0 @@
-class SignatureService
-  class << self
-    def verify(signature, message)
-      begin
-        decoded_message = verifier.verify(signature)
-        return message == decoded_message
-      rescue ActiveSupport::MessageVerifier::InvalidSignature
-        return false
-      end
-    end
-
-    def sign(message)
-      verifier.generate(message)
-    end
-
-    private
-
-    def verifier
-      @@verifier ||= ActiveSupport::MessageVerifier.new(Rails.application.secrets.signing_key)
-    end
-  end
-end

app/views/shared/champs/siret/_etablissement.html.haml

@@ -9,9 +9,3 @@
 - else
   - if siret.present? && siret == etablissement&.siret
     = render partial: 'shared/dossiers/editable_champs/etablissement_titre', locals: { etablissement: etablissement }
-    = fields_for attribute, etablissement do |form|
-      = render partial: 'shared/dossiers/editable_champs/etablissement', locals: { form: form, signature: etablissement.sign }
-
-  - elsif etablissement.present?
-    = fields_for attribute, etablissement do |form|
-      = form.hidden_field :_destroy

app/views/shared/dossiers/editable_champs/_etablissement.html.haml

@@ -1,34 +0,0 @@
-= form.hidden_field :signature, value: signature
-= form.hidden_field :siret
-= form.hidden_field :siege_social
-= form.hidden_field :naf
-= form.hidden_field :libelle_naf
-= form.hidden_field :adresse
-= form.hidden_field :numero_voie
-= form.hidden_field :type_voie
-= form.hidden_field :nom_voie
-= form.hidden_field :code_postal
-= form.hidden_field :localite
-= form.hidden_field :code_insee_localite
-= form.hidden_field :entreprise_siren
-= form.hidden_field :entreprise_capital_social
-= form.hidden_field :entreprise_numero_tva_intracommunautaire
-= form.hidden_field :entreprise_forme_juridique
-= form.hidden_field :entreprise_forme_juridique_code
-= form.hidden_field :entreprise_nom_commercial
-= form.hidden_field :entreprise_raison_sociale
-= form.hidden_field :entreprise_siret_siege_social
-= form.hidden_field :entreprise_code_effectif_entreprise
-= form.hidden_field :entreprise_date_creation
-= form.hidden_field :entreprise_nom
-= form.hidden_field :entreprise_prenom
-= form.hidden_field :association_rna
-= form.hidden_field :association_titre
-= form.hidden_field :association_objet
-= form.hidden_field :association_date_creation
-= form.hidden_field :association_date_declaration
-= form.hidden_field :association_date_publication
-= form.fields_for :exercices do |form|
-  = form.hidden_field :ca
-  = form.hidden_field :date_fin_exercice
-  = form.hidden_field :date_fin_exercice_timestamp

app/views/shared/dossiers/editable_champs/_siret.html.haml

@@ -7,5 +7,3 @@
 %div{ class: "siret-info-#{form.index}" }
   - if champ.etablissement.present?
     = render partial: 'shared/dossiers/editable_champs/etablissement_titre', locals: { etablissement: champ.etablissement }
-    = form.fields_for :etablissement do |form|
-      = render partial: 'shared/dossiers/editable_champs/etablissement', locals: { form: form, signature: champ.etablissement.sign }

spec/controllers/champs/siret_controller_spec.rb

@@ -6,8 +6,10 @@ describe Champs::SiretController, type: :controller do
 
   describe '#show' do
     let(:dossier) { create(:dossier, user: user, procedure: procedure) }
+    let(:champ) { create(:champ_siret, dossier: dossier) }
     let(:params) do
       {
+        champ_id: champ.id,
         dossier: {
           champs_attributes: {
             '1' => { value: siret.to_s }
@@ -30,6 +32,9 @@ describe Champs::SiretController, type: :controller do
         it 'empty info message' do
           expect(response.body).to include('.siret-info-1')
           expect(response.body).to include('innerHTML = ""')
+          champ.reload
+          expect(champ.etablissement).to be_nil
+          expect(champ.value).to be_empty
         end
       end
 
@@ -41,6 +46,9 @@ describe Champs::SiretController, type: :controller do
 
         it 'invalid error' do
           expect(response.body).to include('Le numéro de SIRET doit comporter exactement 14 chiffres.')
+          champ.reload
+          expect(champ.etablissement).to be_nil
+          expect(champ.value).to be_empty
         end
       end
 
@@ -53,6 +61,9 @@ describe Champs::SiretController, type: :controller do
 
         it 'not found error' do
           expect(response.body).to include('Nous n’avons pas trouvé d’établissement correspondant à ce numéro de SIRET.')
+          champ.reload
+          expect(champ.etablissement).to be_nil
+          expect(champ.value).to be_empty
         end
       end
 
@@ -66,7 +77,9 @@ describe Champs::SiretController, type: :controller do
 
         it 'etablissement info message' do
           expect(response.body).to include(etablissement.entreprise_raison_sociale)
-          expect(response.body).to include(etablissement.entreprise_capital_social.to_s)
+          champ.reload
+          expect(champ.value).to eq(etablissement.siret)
+          expect(champ.etablissement.siret).to eq(etablissement.siret)
         end
       end
     end

spec/factories/champ.rb

@@ -160,10 +160,6 @@ FactoryBot.define do
     association :type_de_champ, factory: [:type_de_champ_siret]
     association :etablissement, factory: [:etablissement]
     value { '44011762001530' }
-
-    after(:build) do |champ, _evaluator|
-      champ.etablissement.signature = champ.etablissement.sign
-    end
   end
 
   factory :champ_repetition, class: 'Champs::RepetitionChamp' do

spec/models/etablissement_spec.rb

@@ -37,24 +37,4 @@ describe Etablissement do
       end
     end
   end
-
-  describe '#verify' do
-    let(:etablissement) { create(:etablissement) }
-    let(:etablissement2) { create(:etablissement) }
-
-    it 'should verify signed etablissement' do
-      etablissement.signature = etablissement.sign
-      expect(etablissement.verify).to eq(true)
-    end
-
-    it 'should reject etablissement with other etablissement signature' do
-      etablissement.signature = etablissement2.sign
-      expect(etablissement.verify).to eq(false)
-    end
-
-    it 'should reject etablissement with wrong signature' do
-      etablissement.signature = "fd7687fdsgdf6gd7f8g"
-      expect(etablissement.verify).to eq(false)
-    end
-  end
 end

spec/services/signature_service_spec.rb

@@ -1,24 +0,0 @@
-require 'spec_helper'
-
-describe SignatureService do
-  let(:service) { SignatureService }
-  let(:message) { { hello: 'World!' }.to_json }
-  let(:tampered_message) { { hello: 'Tampered' }.to_json }
-
-  it 'sign and verify' do
-    signature = service.sign(message)
-    expect(service.verify(signature, message)).to eq(true)
-  end
-
-  it 'fails the verification if the message changed' do
-    signature = service.sign(message)
-    expect(service.verify(signature, tampered_message)).to eq(false)
-  end
-
-  it 'fails the verification if the signature changed' do
-    other_signature = service.sign(tampered_message)
-    expect(service.verify(nil, message)).to eq(false)
-    expect(service.verify('', message)).to eq(false)
-    expect(service.verify(other_signature, message)).to eq(false)
-  end
-end