DGNum/demarches-normaliennes
15
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

[#10799] Move api entreprise token logic in a concern

Browse source
This commit is contained in:
Mathieu Magnin 2024-09-24 17:03:18 +02:00
parent 39fdb8ddbb
commit 7009eed9d7
No known key found for this signature in database
GPG key ID: 8DCAFC82D7BA654E
5 changed files with 72 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
app/models/concerns/api_entreprise_token_concern.rb Normal file
View file

@ -0,0 +1,32 @@
# frozen_string_literal: true
module APIEntrepriseTokenConcern
extend ActiveSupport::Concern
SOON_TO_EXPIRE_DELAY = 1.month
included do
validates :api_entreprise_token, jwt_token: true, allow_blank: true
before_save :set_api_entreprise_token_expires_at, if: :will_save_change_to_api_entreprise_token?
def api_entreprise_role?(role)
APIEntrepriseToken.new(api_entreprise_token).role?(role)
end
def api_entreprise_token
self[:api_entreprise_token].presence || Rails.application.secrets.api_entreprise[:key]
end
def api_entreprise_token_expired?
APIEntrepriseToken.new(api_entreprise_token).expired?
end
def api_entreprise_token_expires_soon?
api_entreprise_token_expires_at && api_entreprise_token_expires_at <= SOON_TO_EXPIRE_DELAY.from_now
end
def set_api_entreprise_token_expires_at
self.api_entreprise_token_expires_at = APIEntrepriseToken.new(api_entreprise_token).expiration
end
end
end

19
app/models/procedure.rb
View file

@ -1,6 +1,7 @@
# frozen_string_literal: true # frozen_string_literal: true
class Procedure < ApplicationRecord class Procedure < ApplicationRecord
include APIEntrepriseTokenConcern
include ProcedureStatsConcern include ProcedureStatsConcern
include EncryptableConcern include EncryptableConcern
include InitiationProcedureConcern include InitiationProcedureConcern
@ -284,11 +285,9 @@ class Procedure < ApplicationRecord
size: { less_than: LOGO_MAX_SIZE }, size: { less_than: LOGO_MAX_SIZE },
if: -> { new_record? || created_at > Date.new(2020, 11, 13) } if: -> { new_record? || created_at > Date.new(2020, 11, 13) }
validates :api_entreprise_token, jwt_token: true, allow_blank: true
validates :api_particulier_token, format: { with: /\A[A-Za-z0-9\-_=.]{15,}\z/ }, allow_blank: true validates :api_particulier_token, format: { with: /\A[A-Za-z0-9\-_=.]{15,}\z/ }, allow_blank: true
validate :validate_auto_archive_on_in_the_future, if: :will_save_change_to_auto_archive_on? validate :validate_auto_archive_on_in_the_future, if: :will_save_change_to_auto_archive_on?
before_save :set_api_entreprise_token_expires_at, if: :will_save_change_to_api_entreprise_token?
before_save :update_juridique_required before_save :update_juridique_required
after_save :extend_conservation_for_dossiers after_save :extend_conservation_for_dossiers
@ -756,18 +755,6 @@ class Procedure < ApplicationRecord
"Procedure;#{id}" "Procedure;#{id}"
end end
def api_entreprise_role?(role)
APIEntrepriseToken.new(api_entreprise_token).role?(role)
end
def api_entreprise_token
self[:api_entreprise_token].presence || Rails.application.secrets.api_entreprise[:key]
end
def api_entreprise_token_expired?
APIEntrepriseToken.new(api_entreprise_token).expired?
end
def create_new_revision(revision = nil) def create_new_revision(revision = nil)
transaction do transaction do
new_revision = (revision || draft_revision) new_revision = (revision || draft_revision)
@ -974,10 +961,6 @@ class Procedure < ApplicationRecord
monavis_embed.gsub('nd_source=button', "nd_source=#{source}").gsub('<a ', '<a target="_blank" rel="noopener noreferrer" ') monavis_embed.gsub('nd_source=button', "nd_source=#{source}").gsub('<a ', '<a target="_blank" rel="noopener noreferrer" ')
end end
def set_api_entreprise_token_expires_at
self.api_entreprise_token_expires_at = APIEntrepriseToken.new(api_entreprise_token).expiration
end
private private
def published_revisions_types_de_champ(parent = nil) def published_revisions_types_de_champ(parent = nil)

2
app/views/administrateurs/procedures/_api_entreprise_token_expiration_alert.html.haml
View file

@ -5,7 +5,7 @@
%p %p
Votre jeton API Entreprise est expiré. Votre jeton API Entreprise est expiré.
Merci de le renouveler. Merci de le renouveler.
- else - elsif procedure.api_entreprise_token_expires_soon?
= render Dsfr::AlertComponent.new(state: :warning, size: :sm, extra_class_names: 'fr-mb-2w') do |c| = render Dsfr::AlertComponent.new(state: :warning, size: :sm, extra_class_names: 'fr-mb-2w') do |c|
- c.with_body do - c.with_body do
%p %p

27
spec/models/concerns/api_entreprise_token_concern_spec.rb Normal file
View file

@ -0,0 +1,27 @@
# frozen_string_literal: true
describe APIEntrepriseTokenConcern do
describe "#api_entreprise_token_expires_soon?" do
subject { procedure.api_entreprise_token_expires_soon? }
let(:procedure) { create(:procedure, api_entreprise_token:) }
context "when there is no token" do
let(:api_entreprise_token) { nil }
it { is_expected.to be_falsey }
end
context "when the token expires in 2 months" do
let(:api_entreprise_token) { JWT.encode({ exp: 2.months.from_now.to_i }, nil, "none") }
it { is_expected.to be_falsey }
end
context "when the token expires tomorrow" do
let(:api_entreprise_token) { JWT.encode({ exp: 1.day.from_now.to_i }, nil, "none") }
it { is_expected.to be_truthy }
end
end
end

12
spec/views/administrateurs/procedures/_api_entreprise_token_expiration_alert.html.haml_spec.rb
View file

@ -24,7 +24,7 @@ RSpec.describe 'administrateurs/procedures/_api_entreprise_token_expiration_aler
end end
end end
context "when the token is valid it should display the expiration date" do context "when the token expires in few days it should display the expiration date" do
let(:expiration) { 2.days.from_now } let(:expiration) { 2.days.from_now }
let(:api_entreprise_token) { JWT.encode({ exp: expiration.to_i }, nil, "none") } let(:api_entreprise_token) { JWT.encode({ exp: expiration.to_i }, nil, "none") }
@ -34,4 +34,14 @@ RSpec.describe 'administrateurs/procedures/_api_entreprise_token_expiration_aler
expect(rendered).to have_content("Votre jeton API Entreprise expirera le\n#{expiration.strftime('%d/%m/%Y à %H:%M')}") expect(rendered).to have_content("Votre jeton API Entreprise expirera le\n#{expiration.strftime('%d/%m/%Y à %H:%M')}")
end end
end end
context "when the token expires in a long time" do
let(:expiration) { 2.months.from_now }
let(:api_entreprise_token) { JWT.encode({ exp: expiration.to_i }, nil, "none") }
it "does not render anything" do
subject
expect(rendered).to be_empty
end
end
end end