[#10799] Move api entreprise token logic in a concern

2024-09-24 17:03:18 +02:00 · 2024-09-24 17:03:18 +02:00 · 7009eed9d7
commit 7009eed9d7
parent 39fdb8ddbb
5 changed files with 72 additions and 20 deletions
--- a/app/models/concerns/api_entreprise_token_concern.rb
+++ b/app/models/concerns/api_entreprise_token_concern.rb
@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+module APIEntrepriseTokenConcern
+  extend ActiveSupport::Concern
+
+  SOON_TO_EXPIRE_DELAY = 1.month
+
+  included do
+    validates :api_entreprise_token, jwt_token: true, allow_blank: true
+    before_save :set_api_entreprise_token_expires_at, if: :will_save_change_to_api_entreprise_token?
+
+    def api_entreprise_role?(role)
+      APIEntrepriseToken.new(api_entreprise_token).role?(role)
+    end
+
+    def api_entreprise_token
+      self[:api_entreprise_token].presence || Rails.application.secrets.api_entreprise[:key]
+    end
+
+    def api_entreprise_token_expired?
+      APIEntrepriseToken.new(api_entreprise_token).expired?
+    end
+
+    def api_entreprise_token_expires_soon?
+      api_entreprise_token_expires_at && api_entreprise_token_expires_at <= SOON_TO_EXPIRE_DELAY.from_now
+    end
+
+    def set_api_entreprise_token_expires_at
+      self.api_entreprise_token_expires_at = APIEntrepriseToken.new(api_entreprise_token).expiration
+    end
+  end
+end
--- a/app/models/procedure.rb
+++ b/app/models/procedure.rb
@ -1,6 +1,7 @@
 # frozen_string_literal: true

 class Procedure < ApplicationRecord
+  include APIEntrepriseTokenConcern
  include ProcedureStatsConcern
  include EncryptableConcern
  include InitiationProcedureConcern
@ -284,11 +285,9 @@ class Procedure < ApplicationRecord
    size: { less_than: LOGO_MAX_SIZE },
    if: -> { new_record? || created_at > Date.new(2020, 11, 13) }

-  validates :api_entreprise_token, jwt_token: true, allow_blank: true
  validates :api_particulier_token, format: { with: /\A[A-Za-z0-9\-_=.]{15,}\z/ }, allow_blank: true
  validate :validate_auto_archive_on_in_the_future, if: :will_save_change_to_auto_archive_on?

-  before_save :set_api_entreprise_token_expires_at, if: :will_save_change_to_api_entreprise_token?
  before_save :update_juridique_required
  after_save :extend_conservation_for_dossiers

@ -756,18 +755,6 @@ class Procedure < ApplicationRecord
    "Procedure;#{id}"
  end

-  def api_entreprise_role?(role)
-    APIEntrepriseToken.new(api_entreprise_token).role?(role)
-  end
-
-  def api_entreprise_token
-    self[:api_entreprise_token].presence || Rails.application.secrets.api_entreprise[:key]
-  end
-
-  def api_entreprise_token_expired?
-    APIEntrepriseToken.new(api_entreprise_token).expired?
-  end
-
  def create_new_revision(revision = nil)
    transaction do
      new_revision = (revision || draft_revision)
@ -974,10 +961,6 @@ class Procedure < ApplicationRecord
    monavis_embed.gsub('nd_source=button', "nd_source=#{source}").gsub('<a ', '<a target="_blank" rel="noopener noreferrer" ')
  end

-  def set_api_entreprise_token_expires_at
-    self.api_entreprise_token_expires_at = APIEntrepriseToken.new(api_entreprise_token).expiration
-  end
-
  private

  def published_revisions_types_de_champ(parent = nil)
--- a/app/views/administrateurs/procedures/_api_entreprise_token_expiration_alert.html.haml
+++ b/app/views/administrateurs/procedures/_api_entreprise_token_expiration_alert.html.haml
@ -5,7 +5,7 @@
        %p
          Votre jeton API Entreprise est expiré.
          Merci de le renouveler.
-  - else
+  - elsif procedure.api_entreprise_token_expires_soon?
    = render Dsfr::AlertComponent.new(state: :warning, size: :sm, extra_class_names: 'fr-mb-2w') do |c|
      - c.with_body do
        %p
--- a/spec/models/concerns/api_entreprise_token_concern_spec.rb
+++ b/spec/models/concerns/api_entreprise_token_concern_spec.rb
@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+describe APIEntrepriseTokenConcern do
+  describe "#api_entreprise_token_expires_soon?" do
+    subject { procedure.api_entreprise_token_expires_soon? }
+
+    let(:procedure) { create(:procedure, api_entreprise_token:) }
+
+    context "when there is no token" do
+      let(:api_entreprise_token) { nil }
+
+      it { is_expected.to be_falsey }
+    end
+
+    context "when the token expires in 2 months" do
+      let(:api_entreprise_token) { JWT.encode({ exp: 2.months.from_now.to_i }, nil, "none") }
+
+      it { is_expected.to be_falsey }
+    end
+
+    context "when the token expires tomorrow" do
+      let(:api_entreprise_token) { JWT.encode({ exp: 1.day.from_now.to_i }, nil, "none") }
+
+      it { is_expected.to be_truthy }
+    end
+  end
+end
--- a/spec/views/administrateurs/procedures/_api_entreprise_token_expiration_alert.html.haml_spec.rb
+++ b/spec/views/administrateurs/procedures/_api_entreprise_token_expiration_alert.html.haml_spec.rb
@ -24,7 +24,7 @@ RSpec.describe 'administrateurs/procedures/_api_entreprise_token_expiration_aler
    end
  end

-  context "when the token is valid it should display the expiration date" do
+  context "when the token expires in few days it should display the expiration date" do
    let(:expiration) { 2.days.from_now }
    let(:api_entreprise_token) { JWT.encode({ exp: expiration.to_i }, nil, "none") }

@ -34,4 +34,14 @@ RSpec.describe 'administrateurs/procedures/_api_entreprise_token_expiration_aler
      expect(rendered).to have_content("Votre jeton API Entreprise expirera le\n#{expiration.strftime('%d/%m/%Y à %H:%M')}")
    end
  end
+
+  context "when the token expires in a long time" do
+    let(:expiration) { 2.months.from_now }
+    let(:api_entreprise_token) { JWT.encode({ exp: expiration.to_i }, nil, "none") }
+
+    it "does not render anything" do
+      subject
+      expect(rendered).to be_empty
+    end
+  end
 end