[#884] add user

Gemfile

@@ -59,6 +59,8 @@ gem 'chartkick'
 
 gem 'logstasher'
 
+gem "font-awesome-rails"
+
 group :test do
   gem 'capybara'
   gem 'factory_girl'

Gemfile.lock

@@ -114,6 +114,8 @@ GEM
     faraday (0.9.1)
       multipart-post (>= 1.2, < 3)
     ffi (1.9.6)
+    font-awesome-rails (4.4.0.0)
+      railties (>= 3.2, < 5.0)
     globalid (0.3.5)
       activesupport (>= 4.1.0)
     haml (4.0.6)
@@ -339,6 +341,7 @@ DEPENDENCIES
   devise
   draper
   factory_girl
+  font-awesome-rails
   haml-rails
   jbuilder (~> 2.0)
   jquery-rails

app/assets/stylesheets/application.scss

@@ -16,6 +16,7 @@
  *= require_self
  *= require bootstrap-datepicker3
  *= require leaflet
+ *= require font-awesome
  */
 @import "bootstrap-sprockets";
 @import "bootstrap";

app/controllers/start_controller.rb

@@ -1,4 +1,5 @@
 class StartController < ApplicationController
+  before_action :authenticate_user!
   def index
     get_procedure_infos
 

app/controllers/users/confirmations_controller.rb

@@ -0,0 +1,28 @@
+class Users::ConfirmationsController < Devise::ConfirmationsController
+  # GET /resource/confirmation/new
+  # def new
+  #   super
+  # end
+
+  # POST /resource/confirmation
+  # def create
+  #   super
+  # end
+
+  # GET /resource/confirmation?confirmation_token=abcdef
+  # def show
+  #   super
+  # end
+
+  # protected
+
+  # The path used after resending confirmation instructions.
+  # def after_resending_confirmation_instructions_path_for(resource_name)
+  #   super(resource_name)
+  # end
+
+  # The path used after confirmation.
+  # def after_confirmation_path_for(resource_name, resource)
+  #   super(resource_name, resource)
+  # end
+end

app/controllers/users/omniauth_callbacks_controller.rb

@@ -0,0 +1,28 @@
+class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
+  # You should configure your model like this:
+  # devise :omniauthable, omniauth_providers: [:twitter]
+
+  # You should also create an action method in this controller like this:
+  # def twitter
+  # end
+
+  # More info at:
+  # https://github.com/plataformatec/devise#omniauth
+
+  # GET|POST /resource/auth/twitter
+  # def passthru
+  #   super
+  # end
+
+  # GET|POST /users/auth/twitter/callback
+  # def failure
+  #   super
+  # end
+
+  # protected
+
+  # The path used when omniauth fails
+  # def after_omniauth_failure_path_for(scope)
+  #   super(scope)
+  # end
+end

app/controllers/users/passwords_controller.rb

@@ -0,0 +1,32 @@
+class Users::PasswordsController < Devise::PasswordsController
+  # GET /resource/password/new
+  # def new
+  #   super
+  # end
+
+  # POST /resource/password
+  # def create
+  #   super
+  # end
+
+  # GET /resource/password/edit?reset_password_token=abcdef
+  # def edit
+  #   super
+  # end
+
+  # PUT /resource/password
+  # def update
+  #   super
+  # end
+
+  # protected
+
+  # def after_resetting_password_path_for(resource)
+  #   super(resource)
+  # end
+
+  # The path used after sending reset password instructions
+  # def after_sending_reset_password_instructions_path_for(resource_name)
+  #   super(resource_name)
+  # end
+end

app/controllers/users/registrations_controller.rb

@@ -0,0 +1,60 @@
+class Users::RegistrationsController < Devise::RegistrationsController
+# before_filter :configure_sign_up_params, only: [:create]
+# before_filter :configure_account_update_params, only: [:update]
+
+  # GET /resource/sign_up
+  # def new
+  #   super
+  # end
+
+  # POST /resource
+  # def create
+  #   super
+  # end
+
+  # GET /resource/edit
+  # def edit
+  #   super
+  # end
+
+  # PUT /resource
+  # def update
+  #   super
+  # end
+
+  # DELETE /resource
+  # def destroy
+  #   super
+  # end
+
+  # GET /resource/cancel
+  # Forces the session data which is usually expired after sign
+  # in to be expired now. This is useful if the user wants to
+  # cancel oauth signing in/up in the middle of the process,
+  # removing all OAuth session data.
+  # def cancel
+  #   super
+  # end
+
+  # protected
+
+  # You can put the params you want to permit in the empty array.
+  # def configure_sign_up_params
+  #   devise_parameter_sanitizer.for(:sign_up) << :attribute
+  # end
+
+  # You can put the params you want to permit in the empty array.
+  # def configure_account_update_params
+  #   devise_parameter_sanitizer.for(:account_update) << :attribute
+  # end
+
+  # The path used after sign up.
+  # def after_sign_up_path_for(resource)
+  #   super(resource)
+  # end
+
+  # The path used after sign up for inactive accounts.
+  # def after_inactive_sign_up_path_for(resource)
+  #   super(resource)
+  # end
+end

app/controllers/users/sessions_controller.rb

@@ -0,0 +1,25 @@
+class Users::SessionsController < Devise::SessionsController
+# before_filter :configure_sign_in_params, only: [:create]
+
+  # GET /resource/sign_in
+  # def new
+  #   super
+  # end
+
+  # POST /resource/sign_in
+  # def create
+  #   super
+  # end
+
+  # DELETE /resource/sign_out
+  # def destroy
+  #   super
+  # end
+
+  # protected
+
+  # You can put the params you want to permit in the empty array.
+  # def configure_sign_in_params
+  #   devise_parameter_sanitizer.for(:sign_in) << :attribute
+  # end
+end

app/controllers/users/unlocks_controller.rb

@@ -0,0 +1,28 @@
+class Users::UnlocksController < Devise::UnlocksController
+  # GET /resource/unlock/new
+  # def new
+  #   super
+  # end
+
+  # POST /resource/unlock
+  # def create
+  #   super
+  # end
+
+  # GET /resource/unlock?unlock_token=abcdef
+  # def show
+  #   super
+  # end
+
+  # protected
+
+  # The path used after sending unlock password instructions
+  # def after_sending_unlock_instructions_path_for(resource)
+  #   super(resource)
+  # end
+
+  # The path used after unlocking the resource
+  # def after_unlock_path_for(resource)
+  #   super(resource)
+  # end
+end

app/controllers/welcome_controller.rb

@@ -0,0 +1,6 @@
+class WelcomeController < ApplicationController
+  before_action :authenticate_user!
+  def index
+
+  end
+end

app/models/user.rb

@@ -0,0 +1,6 @@
+class User < ActiveRecord::Base
+  # Include default devise modules. Others available are:
+  # :confirmable, :lockable, :timeoutable and :omniauthable
+  devise :database_authenticatable, :registerable,
+         :recoverable, :rememberable, :trackable, :validatable
+end

app/views/dossiers/show.html.haml

@@ -1,4 +1,4 @@
-.container
+.container#recap_info_entreprise
   %h2 Récapitulatif de vos informations <em id="insee_infogreffe" class='small'>(récupérées auprès de l'INSEE et d'INFOGREFFE)</em>
   %br
 

app/views/layouts/application.html.haml

@@ -17,6 +17,11 @@
           %div{style: 'decorate:none; box-shadow:none; float:right; margin-top:8px'}
             = current_gestionnaire.email
             = link_to "Déconnexion", '/gestionnaires/sign_out', method: :delete, :class => 'btn btn-md'
+        - elsif user_signed_in?
+          %div.user{style: 'decorate:none; box-shadow:none; float:right; margin-top:8px'}
+            %i.fa.fa-user
+            = current_user.email
+            = link_to "Déconnexion", '/users/sign_out', method: :delete, :class => 'btn btn-md'
 
       #flash_message.center
       - if flash.notice

app/views/users/confirmations/new.html.erb

@@ -0,0 +1,16 @@
+<h2>Resend confirmation instructions</h2>
+
+<%= form_for(resource, as: resource_name, url: confirmation_path(resource_name), html: { method: :post }) do |f| %>
+  <%= devise_error_messages! %>
+
+  <div class="field">
+    <%= f.label :email %><br />
+    <%= f.email_field :email, autofocus: true %>
+  </div>
+
+  <div class="actions">
+    <%= f.submit "Resend confirmation instructions" %>
+  </div>
+<% end %>
+
+<%= render "users/shared/links" %>

app/views/users/mailer/confirmation_instructions.html.erb

@@ -0,0 +1,5 @@
+<p>Welcome <%= @email %>!</p>
+
+<p>You can confirm your account email through the link below:</p>
+
+<p><%= link_to 'Confirm my account', confirmation_url(@resource, confirmation_token: @token) %></p>

app/views/users/mailer/reset_password_instructions.html.erb

@@ -0,0 +1,8 @@
+<p>Hello <%= @resource.email %>!</p>
+
+<p>Someone has requested a link to change your password. You can do this through the link below.</p>
+
+<p><%= link_to 'Change my password', edit_password_url(@resource, reset_password_token: @token) %></p>
+
+<p>If you didn't request this, please ignore this email.</p>
+<p>Your password won't change until you access the link above and create a new one.</p>

app/views/users/mailer/unlock_instructions.html.erb

@@ -0,0 +1,7 @@
+<p>Hello <%= @resource.email %>!</p>
+
+<p>Your account has been locked due to an excessive number of unsuccessful sign in attempts.</p>
+
+<p>Click the link below to unlock your account:</p>
+
+<p><%= link_to 'Unlock my account', unlock_url(@resource, unlock_token: @token) %></p>

app/views/users/passwords/edit.html.erb

@@ -0,0 +1,22 @@
+<h2>Change your password</h2>
+
+<%= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :put }) do |f| %>
+  <%= devise_error_messages! %>
+  <%= f.hidden_field :reset_password_token %>
+
+  <div class="field">
+    <%= f.label :password, "New password" %><br />
+    <%= f.password_field :password, autofocus: true, autocomplete: "off" %>
+  </div>
+
+  <div class="field">
+    <%= f.label :password_confirmation, "Confirm new password" %><br />
+    <%= f.password_field :password_confirmation, autocomplete: "off" %>
+  </div>
+
+  <div class="actions">
+    <%= f.submit "Change my password" %>
+  </div>
+<% end %>
+
+<%= render "users/shared/links" %>

app/views/users/passwords/new.html.erb

@@ -0,0 +1,16 @@
+<h2>Forgot your password?</h2>
+
+<%= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :post }) do |f| %>
+  <%= devise_error_messages! %>
+
+  <div class="field">
+    <%= f.label :email %><br />
+    <%= f.email_field :email, autofocus: true %>
+  </div>
+
+  <div class="actions">
+    <%= f.submit "Send me reset password instructions" %>
+  </div>
+<% end %>
+
+<%= render "users/shared/links" %>

app/views/users/registrations/edit.html.erb

@@ -0,0 +1,39 @@
+<h2>Edit <%= resource_name.to_s.humanize %></h2>
+
+<%= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put }) do |f| %>
+  <%= devise_error_messages! %>
+
+  <div class="field">
+    <%= f.label :email %><br />
+    <%= f.email_field :email, autofocus: true %>
+  </div>
+
+  <% if devise_mapping.confirmable? && resource.pending_reconfirmation? %>
+    <div>Currently waiting confirmation for: <%= resource.unconfirmed_email %></div>
+  <% end %>
+
+  <div class="field">
+    <%= f.label :password %> <i>(leave blank if you don't want to change it)</i><br />
+    <%= f.password_field :password, autocomplete: "off" %>
+  </div>
+
+  <div class="field">
+    <%= f.label :password_confirmation %><br />
+    <%= f.password_field :password_confirmation, autocomplete: "off" %>
+  </div>
+
+  <div class="field">
+    <%= f.label :current_password %> <i>(we need your current password to confirm your changes)</i><br />
+    <%= f.password_field :current_password, autocomplete: "off" %>
+  </div>
+
+  <div class="actions">
+    <%= f.submit "Update" %>
+  </div>
+<% end %>
+
+<h3>Cancel my account</h3>
+
+<p>Unhappy? <%= button_to "Cancel my account", registration_path(resource_name), data: { confirm: "Are you sure?" }, method: :delete %></p>
+
+<%= link_to "Back", :back %>

app/views/users/registrations/new.html.erb

@@ -0,0 +1,29 @@
+<h2>Sign up</h2>
+
+<%= form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f| %>
+  <%= devise_error_messages! %>
+
+  <div class="field">
+    <%= f.label :email %><br />
+    <%= f.email_field :email, autofocus: true %>
+  </div>
+
+  <div class="field">
+    <%= f.label :password %>
+    <% if @validatable %>
+    <em>(<%= @minimum_password_length %> characters minimum)</em>
+    <% end %><br />
+    <%= f.password_field :password, autocomplete: "off" %>
+  </div>
+
+  <div class="field">
+    <%= f.label :password_confirmation %><br />
+    <%= f.password_field :password_confirmation, autocomplete: "off" %>
+  </div>
+
+  <div class="actions">
+    <%= f.submit "Sign up" %>
+  </div>
+<% end %>
+
+<%= render "users/shared/links" %>

app/views/users/sessions/new.html.haml

@@ -0,0 +1,19 @@
+%h2#login_user Connexion
+= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f|
+  .field
+    = f.label :email
+    %br
+    = f.email_field :email, autofocus: true
+  .field
+    = f.label :password
+    %br
+    = f.password_field :password, autocomplete: "off"
+  %br
+  / - if devise_mapping.rememberable?
+  /   .field
+  /     = f.check_box :remember_me
+  /     = f.label :remember_me
+  .actions
+    = f.submit "Se connecter"
+
+= render "users/shared/links"

app/views/users/shared/_links.html.erb

@@ -0,0 +1,25 @@
+<%- if controller_name != 'sessions' %>
+  <%= link_to "Log in", new_session_path(resource_name) %><br />
+<% end -%>
+
+<%- if devise_mapping.registerable? && controller_name != 'registrations' %>
+  <%= link_to "Sign up", new_registration_path(resource_name) %><br />
+<% end -%>
+
+<%- if devise_mapping.recoverable? && controller_name != 'passwords' && controller_name != 'registrations' %>
+  <%= link_to "Forgot your password?", new_password_path(resource_name) %><br />
+<% end -%>
+
+<%- if devise_mapping.confirmable? && controller_name != 'confirmations' %>
+  <%= link_to "Didn't receive confirmation instructions?", new_confirmation_path(resource_name) %><br />
+<% end -%>
+
+<%- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks' %>
+  <%= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name) %><br />
+<% end -%>
+
+<%- if devise_mapping.omniauthable? %>
+  <%- resource_class.omniauth_providers.each do |provider| %>
+    <%= link_to "Sign in with #{provider.to_s.titleize}", omniauth_authorize_path(resource_name, provider) %><br />
+  <% end -%>
+<% end -%>

app/views/users/unlocks/new.html.erb

@@ -0,0 +1,16 @@
+<h2>Resend unlock instructions</h2>
+
+<%= form_for(resource, as: resource_name, url: unlock_path(resource_name), html: { method: :post }) do |f| %>
+  <%= devise_error_messages! %>
+
+  <div class="field">
+    <%= f.label :email %><br />
+    <%= f.email_field :email, autofocus: true %>
+  </div>
+
+  <div class="actions">
+    <%= f.submit "Resend unlock instructions" %>
+  </div>
+<% end %>
+
+<%= render "users/shared/links" %>

app/views/welcome/index.html.haml

@@ -0,0 +1,2 @@
+%h1 coucou
+

config/routes.rb

@@ -1,12 +1,17 @@
 Rails.application.routes.draw do
+
+  devise_for :users, controllers: {
+    sessions: 'users/sessions'
+  }
+
   devise_for :gestionnaires, controllers: {
     sessions: 'gestionnaires/sessions'
-
   }, skip: [:password, :registrations]
 
 
-  root 'start#index'
+  root 'welcome#index'
 
+  get 'start' => 'start#index'
   get 'start/index'
   get 'start/error_siret'
   get 'start/error_login'

db/migrate/20150922141232_create_users.rb

@@ -0,0 +1,42 @@
+class CreateUsers < ActiveRecord::Migration
+  def change
+    create_table(:users) do |t|
+      ## Database authenticatable
+      t.string :email,              null: false, default: ""
+      t.string :encrypted_password, null: false, default: ""
+
+      ## Recoverable
+      t.string   :reset_password_token
+      t.datetime :reset_password_sent_at
+
+      ## Rememberable
+      t.datetime :remember_created_at
+
+      ## Trackable
+      t.integer  :sign_in_count, default: 0, null: false
+      t.datetime :current_sign_in_at
+      t.datetime :last_sign_in_at
+      t.inet     :current_sign_in_ip
+      t.inet     :last_sign_in_ip
+
+      ## Confirmable
+      # t.string   :confirmation_token
+      # t.datetime :confirmed_at
+      # t.datetime :confirmation_sent_at
+      # t.string   :unconfirmed_email # Only if using reconfirmable
+
+      ## Lockable
+      # t.integer  :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
+      # t.string   :unlock_token # Only if unlock strategy is :email or :both
+      # t.datetime :locked_at
+
+
+      t.timestamps
+    end
+
+    add_index :users, :email,                unique: true
+    add_index :users, :reset_password_token, unique: true
+    # add_index :users, :confirmation_token,   unique: true
+    # add_index :users, :unlock_token,         unique: true
+  end
+end

db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20150922113504) do
+ActiveRecord::Schema.define(version: 20150922141232) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -108,7 +108,7 @@ ActiveRecord::Schema.define(version: 20150922113504) do
     t.integer "type_de_piece_justificative_id"
   end
 
-  add_index "pieces_justificatives", ["type_de_piece_justificative_id"], name: "index_pieces_justificatives_on_type_piece_jointe_id", using: :btree
+  add_index "pieces_justificatives", ["type_de_piece_justificative_id"], name: "index_pieces_justificatives_on_type_de_piece_justificative_id", using: :btree
 
   create_table "procedures", force: :cascade do |t|
     t.string   "libelle"
@@ -130,6 +130,24 @@ ActiveRecord::Schema.define(version: 20150922113504) do
     t.integer  "procedure_id"
   end
 
+  create_table "users", force: :cascade do |t|
+    t.string   "email",                  default: "", null: false
+    t.string   "encrypted_password",     default: "", null: false
+    t.string   "reset_password_token"
+    t.datetime "reset_password_sent_at"
+    t.datetime "remember_created_at"
+    t.integer  "sign_in_count",          default: 0,  null: false
+    t.datetime "current_sign_in_at"
+    t.datetime "last_sign_in_at"
+    t.inet     "current_sign_in_ip"
+    t.inet     "last_sign_in_ip"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+  add_index "users", ["email"], name: "index_users_on_email", unique: true, using: :btree
+  add_index "users", ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true, using: :btree
+
   add_foreign_key "cerfas", "dossiers"
   add_foreign_key "commentaires", "dossiers"
 end

spec/controllers/start_controller_spec.rb

@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-RSpec.describe StartController, type: :controller do
+describe StartController, type: :controller do
   let!(:procedure) { create(:procedure) }
 
   describe 'GET #index' do
@@ -10,68 +10,73 @@ RSpec.describe StartController, type: :controller do
 
     context 'when params procedure_id is present' do
       context 'when procedure_id is valid' do
-        it { expect(response).to have_http_status(:success) }
-      end
-
-      context 'when procedure_id is not valid' do
-        let(:procedure) { '' }
-        it { expect(response).to have_http_status(404) }
+        context 'when user is logged in' do
+          before do
+            sign_in create(:user)
+          end
+          subject { get :index, procedure_id: procedure }
+          it { expect(subject).to have_http_status(:success) }
+          context 'when procedure_id is not valid' do
+            let(:procedure) { '' }
+            it { is_expected.to have_http_status(404) }
+          end
+          context 'when params procedure_id is not present' do
+            subject { get :index }
+            it { is_expected.to have_http_status(404) }
+          end
+        end
+        context 'when user is not logged' do
+          it { expect(response).to have_http_status(302) }
+        end
       end
     end
-
-    context 'when params procedure_id is not present' do
-      before do
-        get :index
-      end
-      it { expect(response).to have_http_status(404) }
-    end
   end
 
-  describe 'GET #index with bad SIRET' do
-    before do
-      get :error_siret, procedure_id: procedure
-    end
+  # describe 'GET #index with bad SIRET' do
+  #   before do
+  #     get :error_siret, procedure_id: procedure
+  #   end
 
-    it 'returns http success and flash alert is present' do
-      expect(response).to have_http_status(:success)
-    end
-    it 'la flash alert est présente' do
-      expect(flash[:alert]).to be_present
-    end
-    it 'la flash alert a un libellé correct' do
-      expect(flash[:alert]).to have_content('Ce SIRET n\'est pas valide')
-    end
-  end
+  #   it 'returns http success and flash alert is present' do
+  #     expect(response).to have_http_status(:success)
+  #   end
+  #   it 'la flash alert est présente' do
+  #     expect(flash[:alert]).to be_present
+  #   end
+  #   it 'la flash alert a un libellé correct' do
+  #     expect(flash[:alert]).to have_content('Ce SIRET n\'est pas valide')
+  #   end
+  # end
 
-  describe 'GET #index with bad LOGIN' do
-    before do
-      get :error_login
-    end
+  # describe 'GET #index with bad LOGIN' do
+  #   before do
+  #     get :error_login
+  #   end
 
-    it 'returns http success and flash alert is present' do
-      expect(response).to have_http_status(:success)
-    end
-    it 'la flash alert est présente' do
-      expect(flash[:alert]).to be_present
-    end
-    it 'la flash alert a un libellé correct' do
-      expect(flash[:alert]).to have_content('Ce compte n\'existe pas')
-    end
-  end
+  #   it 'returns http success and flash alert is present' do
+  #     expect(response).to have_http_status(:success)
+  #   end
+  #   it 'la flash alert est présente' do
+  #     expect(flash[:alert]).to be_present
+  #   end
+  #   it 'la flash alert a un libellé correct' do
+  #     expect(flash[:alert]).to have_content('Ce compte n\'existe pas')
+  #   end
+  # end
 
-  describe 'GET #index with bad DOSSIER' do
-    before do
-      get :error_dossier
-    end
+  # describe 'GET #index with bad DOSSIER' do
+  #   before do
+  #     get :error_dossier
+  #   end
 
-    it 'returns http success and flash alert is present' do
-      expect(response).to have_http_status(:success)
-    end
-    it 'la flash alert est présente' do
-      expect(flash[:alert]).to be_present
-    end
-    it 'la flash alert a un libellé correct' do
-      expect(flash[:alert]).to have_content('Ce dossier n\'existe pas')
-    end
-  end
+  #   it 'returns http success and flash alert is present' do
+  #     expect(response).to have_http_status(:success)
+  #   end
+  #   it 'la flash alert est présente' do
+  #     expect(flash[:alert]).to be_present
+  #   end
+  #   it 'la flash alert a un libellé correct' do
+  #     expect(flash[:alert]).to have_content('Ce dossier n\'existe pas')
+  #   end
+  # end
 end

spec/factories/user.rb

@@ -0,0 +1,7 @@
+FactoryGirl.define do
+  sequence(:user_email) { |n| "plop#{n}@plop.com" }
+  factory :user do
+    email { generate(:user_email) }
+    password 'password'
+  end
+end

spec/features/users/start_demande_spec.rb

@@ -0,0 +1,39 @@
+require 'spec_helper'
+
+feature 'user arrive on start page' do
+  let(:procedure) { create(:procedure) }
+  let(:user) { create(:user) }
+  let(:siret) { '42149333900020' }
+  let(:siren) { siret[0...9] }
+  context 'when user is not logged in' do
+    before do
+      visit start_path(procedure_id: procedure.id)
+    end
+    scenario 'he is redirected to login page' do
+      expect(page).to have_css('#login_user')
+    end
+    context 'when he enter login information' do
+      before do
+        page.find_by_id('user_email').set user.email
+        page.find_by_id('user_password').set user.password
+        page.click_on 'Se connecter'
+      end
+      scenario 'he is redirected to start page to enter a siret' do
+        expect(page).to have_css('#pro_section')
+      end
+      context 'when enter a siret' do
+        before do
+          stub_request(:get, "https://api-dev.apientreprise.fr/api/v1/etablissements/#{siret}?token=#{SIADETOKEN}")
+            .to_return(status: 200, body: File.read('spec/support/files/etablissement.json'))
+          stub_request(:get, "https://api-dev.apientreprise.fr/api/v1/entreprises/#{siren}?token=#{SIADETOKEN}")
+            .to_return(status: 200, body: File.read('spec/support/files/entreprise.json'))
+          page.find_by_id('siret').set siret
+          page.click_on 'Commencer'
+        end
+        scenario 'he is redirected to recap info entreprise page' do
+          expect(page).to have_css('#recap_info_entreprise')
+        end
+      end
+    end
+  end
+end

spec/models/user_spec.rb

@@ -0,0 +1,18 @@
+require 'rails_helper'
+
+describe User, type: :model do
+  describe 'database columns' do
+    it { is_expected.to have_db_column(:email) }
+    it { is_expected.to have_db_column(:encrypted_password) }
+    it { is_expected.to have_db_column(:reset_password_token) }
+    it { is_expected.to have_db_column(:reset_password_sent_at) }
+    it { is_expected.to have_db_column(:remember_created_at) }
+    it { is_expected.to have_db_column(:sign_in_count) }
+    it { is_expected.to have_db_column(:current_sign_in_at) }
+    it { is_expected.to have_db_column(:last_sign_in_at) }
+    it { is_expected.to have_db_column(:current_sign_in_ip) }
+    it { is_expected.to have_db_column(:last_sign_in_ip) }
+    it { is_expected.to have_db_column(:created_at) }
+    it { is_expected.to have_db_column(:updated_at) }
+  end
+end