Save SIRET data on search

This commit is contained in:
Paul Chavard 2019-03-12 14:57:03 +01:00 committed by Pierre de La Morinerie
parent d5d2f8cc18
commit 69a51e3296
13 changed files with 28 additions and 188 deletions

View file

@ -7,17 +7,24 @@ class Champs::SiretController < ApplicationController
find_etablisement find_etablisement
if @siret.empty? if @siret.empty?
@etablissement&.mark_for_destruction @champ&.update!(value: '')
@etablissement&.destroy
elsif @siret.present? && @siret.length == 14 elsif @siret.present? && @siret.length == 14
etablissement = find_etablisement_with_siret etablissement = find_etablisement_with_siret
if etablissement.present? if etablissement.present?
@etablissement = etablissement @etablissement = etablissement
if @champ.present?
etablissement.champ = @champ
etablissement.save!
end
else else
@etablissement&.mark_for_destruction @champ&.update!(value: '')
@etablissement&.destroy
@siret = :not_found @siret = :not_found
end end
else else
@etablissement&.mark_for_destruction @champ&.update!(value: '')
@etablissement&.destroy
@siret = :invalid @siret = :invalid
end end
end end
@ -36,10 +43,10 @@ class Champs::SiretController < ApplicationController
def find_etablisement def find_etablisement
if params[:champ_id].present? if params[:champ_id].present?
champ = Champ.find_by(dossier_id: logged_user.dossiers, id: params[:champ_id]) @champ = Champ.find_by(dossier_id: logged_user.dossiers, id: params[:champ_id])
@etablissement = champ&.etablissement @etablissement = @champ&.etablissement
end end
@procedure_id = champ&.dossier&.procedure_id || 'aperçu' @procedure_id = @champ&.dossier&.procedure_id || 'aperçu'
end end
def find_etablisement_with_siret def find_etablisement_with_siret

View file

@ -164,8 +164,7 @@ module NewGestionnaire
def champs_private_params def champs_private_params
params.require(:dossier).permit(champs_private_attributes: [ params.require(:dossier).permit(champs_private_attributes: [
:id, :primary_value, :secondary_value, :piece_justificative_file, :value, value: [], :id, :primary_value, :secondary_value, :piece_justificative_file, :value, value: []
etablissement_attributes: Champs::SiretChamp::ETABLISSEMENT_ATTRIBUTES
]) ])
end end

View file

@ -282,7 +282,6 @@ module NewUser
params.permit(dossier: { params.permit(dossier: {
champs_attributes: [ champs_attributes: [
:id, :value, :primary_value, :secondary_value, :piece_justificative_file, value: [], :id, :value, :primary_value, :secondary_value, :piece_justificative_file, value: [],
etablissement_attributes: Champs::SiretChamp::ETABLISSEMENT_ATTRIBUTES,
champs_attributes: [:id, :_destroy, :value, :primary_value, :secondary_value, :piece_justificative_file, value: []] champs_attributes: [:id, :_destroy, :value, :primary_value, :secondary_value, :piece_justificative_file, value: []]
] ]
}) })

View file

@ -1,44 +1,4 @@
class Champs::SiretChamp < Champ class Champs::SiretChamp < Champ
ETABLISSEMENT_ATTRIBUTES = [
:id,
:_destroy,
:signature,
:siret,
:siege_social,
:naf,
:libelle_naf,
:adresse,
:numero_voie,
:type_voie,
:nom_voie,
:code_postal,
:localite,
:code_insee_localite,
:entreprise_siren,
:entreprise_capital_social,
:entreprise_numero_tva_intracommunautaire,
:entreprise_forme_juridique,
:entreprise_forme_juridique_code,
:entreprise_nom_commercial,
:entreprise_raison_sociale,
:entreprise_siret_siege_social,
:entreprise_code_effectif_entreprise,
:entreprise_date_creation,
:entreprise_nom,
:entreprise_prenom,
:association_rna,
:association_titre,
:association_objet,
:association_date_creation,
:association_date_declaration,
:association_date_publication,
exercices_attributes: [
[:id, :ca, :date_fin_exercice, :date_fin_exercice_timestamp]
]
]
accepts_nested_attributes_for :etablissement, allow_destroy: true, update_only: true
def search_terms def search_terms
etablissement.present? ? etablissement.search_terms : [value] etablissement.present? ? etablissement.search_terms : [value]
end end

View file

@ -9,8 +9,6 @@ class Etablissement < ApplicationRecord
validates :siret, presence: true validates :siret, presence: true
validates :dossier_id, uniqueness: { allow_nil: true } validates :dossier_id, uniqueness: { allow_nil: true }
validate :validate_signature
def search_terms def search_terms
[ [
entreprise_siren, entreprise_siren,
@ -52,16 +50,6 @@ class Etablissement < ApplicationRecord
].reject(&:blank?).join(', ').squeeze(' ') ].reject(&:blank?).join(', ').squeeze(' ')
end end
def verify
SignatureService.verify(signature, message_for_signature)
end
def sign
SignatureService.sign(message_for_signature)
end
attr_accessor :signature
def association? def association?
association_rna.present? association_rna.present?
end end
@ -83,18 +71,4 @@ class Etablissement < ApplicationRecord
inline_adresse: inline_adresse inline_adresse: inline_adresse
) )
end end
private
def validate_signature
if champ && !verify
errors.add(:base, 'Numéro SIRET introuvable.')
end
end
def message_for_signature
JSON.pretty_generate(as_json(include: {
exercices: { only: [:ca, :date_fin_exercice, :date_fin_exercice_timestamp] }
}).delete_if { |_k, v| v.blank? })
end
end end

View file

@ -1,22 +0,0 @@
class SignatureService
class << self
def verify(signature, message)
begin
decoded_message = verifier.verify(signature)
return message == decoded_message
rescue ActiveSupport::MessageVerifier::InvalidSignature
return false
end
end
def sign(message)
verifier.generate(message)
end
private
def verifier
@@verifier ||= ActiveSupport::MessageVerifier.new(Rails.application.secrets.signing_key)
end
end
end

View file

@ -9,9 +9,3 @@
- else - else
- if siret.present? && siret == etablissement&.siret - if siret.present? && siret == etablissement&.siret
= render partial: 'shared/dossiers/editable_champs/etablissement_titre', locals: { etablissement: etablissement } = render partial: 'shared/dossiers/editable_champs/etablissement_titre', locals: { etablissement: etablissement }
= fields_for attribute, etablissement do |form|
= render partial: 'shared/dossiers/editable_champs/etablissement', locals: { form: form, signature: etablissement.sign }
- elsif etablissement.present?
= fields_for attribute, etablissement do |form|
= form.hidden_field :_destroy

View file

@ -1,34 +0,0 @@
= form.hidden_field :signature, value: signature
= form.hidden_field :siret
= form.hidden_field :siege_social
= form.hidden_field :naf
= form.hidden_field :libelle_naf
= form.hidden_field :adresse
= form.hidden_field :numero_voie
= form.hidden_field :type_voie
= form.hidden_field :nom_voie
= form.hidden_field :code_postal
= form.hidden_field :localite
= form.hidden_field :code_insee_localite
= form.hidden_field :entreprise_siren
= form.hidden_field :entreprise_capital_social
= form.hidden_field :entreprise_numero_tva_intracommunautaire
= form.hidden_field :entreprise_forme_juridique
= form.hidden_field :entreprise_forme_juridique_code
= form.hidden_field :entreprise_nom_commercial
= form.hidden_field :entreprise_raison_sociale
= form.hidden_field :entreprise_siret_siege_social
= form.hidden_field :entreprise_code_effectif_entreprise
= form.hidden_field :entreprise_date_creation
= form.hidden_field :entreprise_nom
= form.hidden_field :entreprise_prenom
= form.hidden_field :association_rna
= form.hidden_field :association_titre
= form.hidden_field :association_objet
= form.hidden_field :association_date_creation
= form.hidden_field :association_date_declaration
= form.hidden_field :association_date_publication
= form.fields_for :exercices do |form|
= form.hidden_field :ca
= form.hidden_field :date_fin_exercice
= form.hidden_field :date_fin_exercice_timestamp

View file

@ -7,5 +7,3 @@
%div{ class: "siret-info-#{form.index}" } %div{ class: "siret-info-#{form.index}" }
- if champ.etablissement.present? - if champ.etablissement.present?
= render partial: 'shared/dossiers/editable_champs/etablissement_titre', locals: { etablissement: champ.etablissement } = render partial: 'shared/dossiers/editable_champs/etablissement_titre', locals: { etablissement: champ.etablissement }
= form.fields_for :etablissement do |form|
= render partial: 'shared/dossiers/editable_champs/etablissement', locals: { form: form, signature: champ.etablissement.sign }

View file

@ -6,8 +6,10 @@ describe Champs::SiretController, type: :controller do
describe '#show' do describe '#show' do
let(:dossier) { create(:dossier, user: user, procedure: procedure) } let(:dossier) { create(:dossier, user: user, procedure: procedure) }
let(:champ) { create(:champ_siret, dossier: dossier) }
let(:params) do let(:params) do
{ {
champ_id: champ.id,
dossier: { dossier: {
champs_attributes: { champs_attributes: {
'1' => { value: siret.to_s } '1' => { value: siret.to_s }
@ -30,6 +32,9 @@ describe Champs::SiretController, type: :controller do
it 'empty info message' do it 'empty info message' do
expect(response.body).to include('.siret-info-1') expect(response.body).to include('.siret-info-1')
expect(response.body).to include('innerHTML = ""') expect(response.body).to include('innerHTML = ""')
champ.reload
expect(champ.etablissement).to be_nil
expect(champ.value).to be_empty
end end
end end
@ -41,6 +46,9 @@ describe Champs::SiretController, type: :controller do
it 'invalid error' do it 'invalid error' do
expect(response.body).to include('Le numéro de SIRET doit comporter exactement 14 chiffres.') expect(response.body).to include('Le numéro de SIRET doit comporter exactement 14 chiffres.')
champ.reload
expect(champ.etablissement).to be_nil
expect(champ.value).to be_empty
end end
end end
@ -53,6 +61,9 @@ describe Champs::SiretController, type: :controller do
it 'not found error' do it 'not found error' do
expect(response.body).to include('Nous navons pas trouvé détablissement correspondant à ce numéro de SIRET.') expect(response.body).to include('Nous navons pas trouvé détablissement correspondant à ce numéro de SIRET.')
champ.reload
expect(champ.etablissement).to be_nil
expect(champ.value).to be_empty
end end
end end
@ -66,7 +77,9 @@ describe Champs::SiretController, type: :controller do
it 'etablissement info message' do it 'etablissement info message' do
expect(response.body).to include(etablissement.entreprise_raison_sociale) expect(response.body).to include(etablissement.entreprise_raison_sociale)
expect(response.body).to include(etablissement.entreprise_capital_social.to_s) champ.reload
expect(champ.value).to eq(etablissement.siret)
expect(champ.etablissement.siret).to eq(etablissement.siret)
end end
end end
end end

View file

@ -160,10 +160,6 @@ FactoryBot.define do
association :type_de_champ, factory: [:type_de_champ_siret] association :type_de_champ, factory: [:type_de_champ_siret]
association :etablissement, factory: [:etablissement] association :etablissement, factory: [:etablissement]
value { '44011762001530' } value { '44011762001530' }
after(:build) do |champ, _evaluator|
champ.etablissement.signature = champ.etablissement.sign
end
end end
factory :champ_repetition, class: 'Champs::RepetitionChamp' do factory :champ_repetition, class: 'Champs::RepetitionChamp' do

View file

@ -37,24 +37,4 @@ describe Etablissement do
end end
end end
end end
describe '#verify' do
let(:etablissement) { create(:etablissement) }
let(:etablissement2) { create(:etablissement) }
it 'should verify signed etablissement' do
etablissement.signature = etablissement.sign
expect(etablissement.verify).to eq(true)
end
it 'should reject etablissement with other etablissement signature' do
etablissement.signature = etablissement2.sign
expect(etablissement.verify).to eq(false)
end
it 'should reject etablissement with wrong signature' do
etablissement.signature = "fd7687fdsgdf6gd7f8g"
expect(etablissement.verify).to eq(false)
end
end
end end

View file

@ -1,24 +0,0 @@
require 'spec_helper'
describe SignatureService do
let(:service) { SignatureService }
let(:message) { { hello: 'World!' }.to_json }
let(:tampered_message) { { hello: 'Tampered' }.to_json }
it 'sign and verify' do
signature = service.sign(message)
expect(service.verify(signature, message)).to eq(true)
end
it 'fails the verification if the message changed' do
signature = service.sign(message)
expect(service.verify(signature, tampered_message)).to eq(false)
end
it 'fails the verification if the signature changed' do
other_signature = service.sign(tampered_message)
expect(service.verify(nil, message)).to eq(false)
expect(service.verify('', message)).to eq(false)
expect(service.verify(other_signature, message)).to eq(false)
end
end