This commit is contained in:
Tanguy PATTE 2015-09-23 10:02:01 +02:00
parent f7fb0f99bf
commit 78e86f00ea
33 changed files with 624 additions and 61 deletions

View file

@ -59,6 +59,8 @@ gem 'chartkick'
gem 'logstasher' gem 'logstasher'
gem "font-awesome-rails"
group :test do group :test do
gem 'capybara' gem 'capybara'
gem 'factory_girl' gem 'factory_girl'

View file

@ -114,6 +114,8 @@ GEM
faraday (0.9.1) faraday (0.9.1)
multipart-post (>= 1.2, < 3) multipart-post (>= 1.2, < 3)
ffi (1.9.6) ffi (1.9.6)
font-awesome-rails (4.4.0.0)
railties (>= 3.2, < 5.0)
globalid (0.3.5) globalid (0.3.5)
activesupport (>= 4.1.0) activesupport (>= 4.1.0)
haml (4.0.6) haml (4.0.6)
@ -339,6 +341,7 @@ DEPENDENCIES
devise devise
draper draper
factory_girl factory_girl
font-awesome-rails
haml-rails haml-rails
jbuilder (~> 2.0) jbuilder (~> 2.0)
jquery-rails jquery-rails

View file

@ -16,6 +16,7 @@
*= require_self *= require_self
*= require bootstrap-datepicker3 *= require bootstrap-datepicker3
*= require leaflet *= require leaflet
*= require font-awesome
*/ */
@import "bootstrap-sprockets"; @import "bootstrap-sprockets";
@import "bootstrap"; @import "bootstrap";

View file

@ -1,4 +1,5 @@
class StartController < ApplicationController class StartController < ApplicationController
before_action :authenticate_user!
def index def index
get_procedure_infos get_procedure_infos

View file

@ -0,0 +1,28 @@
class Users::ConfirmationsController < Devise::ConfirmationsController
# GET /resource/confirmation/new
# def new
# super
# end
# POST /resource/confirmation
# def create
# super
# end
# GET /resource/confirmation?confirmation_token=abcdef
# def show
# super
# end
# protected
# The path used after resending confirmation instructions.
# def after_resending_confirmation_instructions_path_for(resource_name)
# super(resource_name)
# end
# The path used after confirmation.
# def after_confirmation_path_for(resource_name, resource)
# super(resource_name, resource)
# end
end

View file

@ -0,0 +1,28 @@
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
# You should configure your model like this:
# devise :omniauthable, omniauth_providers: [:twitter]
# You should also create an action method in this controller like this:
# def twitter
# end
# More info at:
# https://github.com/plataformatec/devise#omniauth
# GET|POST /resource/auth/twitter
# def passthru
# super
# end
# GET|POST /users/auth/twitter/callback
# def failure
# super
# end
# protected
# The path used when omniauth fails
# def after_omniauth_failure_path_for(scope)
# super(scope)
# end
end

View file

@ -0,0 +1,32 @@
class Users::PasswordsController < Devise::PasswordsController
# GET /resource/password/new
# def new
# super
# end
# POST /resource/password
# def create
# super
# end
# GET /resource/password/edit?reset_password_token=abcdef
# def edit
# super
# end
# PUT /resource/password
# def update
# super
# end
# protected
# def after_resetting_password_path_for(resource)
# super(resource)
# end
# The path used after sending reset password instructions
# def after_sending_reset_password_instructions_path_for(resource_name)
# super(resource_name)
# end
end

View file

@ -0,0 +1,60 @@
class Users::RegistrationsController < Devise::RegistrationsController
# before_filter :configure_sign_up_params, only: [:create]
# before_filter :configure_account_update_params, only: [:update]
# GET /resource/sign_up
# def new
# super
# end
# POST /resource
# def create
# super
# end
# GET /resource/edit
# def edit
# super
# end
# PUT /resource
# def update
# super
# end
# DELETE /resource
# def destroy
# super
# end
# GET /resource/cancel
# Forces the session data which is usually expired after sign
# in to be expired now. This is useful if the user wants to
# cancel oauth signing in/up in the middle of the process,
# removing all OAuth session data.
# def cancel
# super
# end
# protected
# You can put the params you want to permit in the empty array.
# def configure_sign_up_params
# devise_parameter_sanitizer.for(:sign_up) << :attribute
# end
# You can put the params you want to permit in the empty array.
# def configure_account_update_params
# devise_parameter_sanitizer.for(:account_update) << :attribute
# end
# The path used after sign up.
# def after_sign_up_path_for(resource)
# super(resource)
# end
# The path used after sign up for inactive accounts.
# def after_inactive_sign_up_path_for(resource)
# super(resource)
# end
end

View file

@ -0,0 +1,25 @@
class Users::SessionsController < Devise::SessionsController
# before_filter :configure_sign_in_params, only: [:create]
# GET /resource/sign_in
# def new
# super
# end
# POST /resource/sign_in
# def create
# super
# end
# DELETE /resource/sign_out
# def destroy
# super
# end
# protected
# You can put the params you want to permit in the empty array.
# def configure_sign_in_params
# devise_parameter_sanitizer.for(:sign_in) << :attribute
# end
end

View file

@ -0,0 +1,28 @@
class Users::UnlocksController < Devise::UnlocksController
# GET /resource/unlock/new
# def new
# super
# end
# POST /resource/unlock
# def create
# super
# end
# GET /resource/unlock?unlock_token=abcdef
# def show
# super
# end
# protected
# The path used after sending unlock password instructions
# def after_sending_unlock_instructions_path_for(resource)
# super(resource)
# end
# The path used after unlocking the resource
# def after_unlock_path_for(resource)
# super(resource)
# end
end

View file

@ -0,0 +1,6 @@
class WelcomeController < ApplicationController
before_action :authenticate_user!
def index
end
end

6
app/models/user.rb Normal file
View file

@ -0,0 +1,6 @@
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
end

View file

@ -1,4 +1,4 @@
.container .container#recap_info_entreprise
%h2 Récapitulatif de vos informations <em id="insee_infogreffe" class='small'>(récupérées auprès de l'INSEE et d'INFOGREFFE)</em> %h2 Récapitulatif de vos informations <em id="insee_infogreffe" class='small'>(récupérées auprès de l'INSEE et d'INFOGREFFE)</em>
%br %br

View file

@ -17,6 +17,11 @@
%div{style: 'decorate:none; box-shadow:none; float:right; margin-top:8px'} %div{style: 'decorate:none; box-shadow:none; float:right; margin-top:8px'}
= current_gestionnaire.email = current_gestionnaire.email
= link_to "Déconnexion", '/gestionnaires/sign_out', method: :delete, :class => 'btn btn-md' = link_to "Déconnexion", '/gestionnaires/sign_out', method: :delete, :class => 'btn btn-md'
- elsif user_signed_in?
%div.user{style: 'decorate:none; box-shadow:none; float:right; margin-top:8px'}
%i.fa.fa-user
= current_user.email
= link_to "Déconnexion", '/users/sign_out', method: :delete, :class => 'btn btn-md'
#flash_message.center #flash_message.center
- if flash.notice - if flash.notice

View file

@ -0,0 +1,16 @@
<h2>Resend confirmation instructions</h2>
<%= form_for(resource, as: resource_name, url: confirmation_path(resource_name), html: { method: :post }) do |f| %>
<%= devise_error_messages! %>
<div class="field">
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true %>
</div>
<div class="actions">
<%= f.submit "Resend confirmation instructions" %>
</div>
<% end %>
<%= render "users/shared/links" %>

View file

@ -0,0 +1,5 @@
<p>Welcome <%= @email %>!</p>
<p>You can confirm your account email through the link below:</p>
<p><%= link_to 'Confirm my account', confirmation_url(@resource, confirmation_token: @token) %></p>

View file

@ -0,0 +1,8 @@
<p>Hello <%= @resource.email %>!</p>
<p>Someone has requested a link to change your password. You can do this through the link below.</p>
<p><%= link_to 'Change my password', edit_password_url(@resource, reset_password_token: @token) %></p>
<p>If you didn't request this, please ignore this email.</p>
<p>Your password won't change until you access the link above and create a new one.</p>

View file

@ -0,0 +1,7 @@
<p>Hello <%= @resource.email %>!</p>
<p>Your account has been locked due to an excessive number of unsuccessful sign in attempts.</p>
<p>Click the link below to unlock your account:</p>
<p><%= link_to 'Unlock my account', unlock_url(@resource, unlock_token: @token) %></p>

View file

@ -0,0 +1,22 @@
<h2>Change your password</h2>
<%= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :put }) do |f| %>
<%= devise_error_messages! %>
<%= f.hidden_field :reset_password_token %>
<div class="field">
<%= f.label :password, "New password" %><br />
<%= f.password_field :password, autofocus: true, autocomplete: "off" %>
</div>
<div class="field">
<%= f.label :password_confirmation, "Confirm new password" %><br />
<%= f.password_field :password_confirmation, autocomplete: "off" %>
</div>
<div class="actions">
<%= f.submit "Change my password" %>
</div>
<% end %>
<%= render "users/shared/links" %>

View file

@ -0,0 +1,16 @@
<h2>Forgot your password?</h2>
<%= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :post }) do |f| %>
<%= devise_error_messages! %>
<div class="field">
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true %>
</div>
<div class="actions">
<%= f.submit "Send me reset password instructions" %>
</div>
<% end %>
<%= render "users/shared/links" %>

View file

@ -0,0 +1,39 @@
<h2>Edit <%= resource_name.to_s.humanize %></h2>
<%= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put }) do |f| %>
<%= devise_error_messages! %>
<div class="field">
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true %>
</div>
<% if devise_mapping.confirmable? && resource.pending_reconfirmation? %>
<div>Currently waiting confirmation for: <%= resource.unconfirmed_email %></div>
<% end %>
<div class="field">
<%= f.label :password %> <i>(leave blank if you don't want to change it)</i><br />
<%= f.password_field :password, autocomplete: "off" %>
</div>
<div class="field">
<%= f.label :password_confirmation %><br />
<%= f.password_field :password_confirmation, autocomplete: "off" %>
</div>
<div class="field">
<%= f.label :current_password %> <i>(we need your current password to confirm your changes)</i><br />
<%= f.password_field :current_password, autocomplete: "off" %>
</div>
<div class="actions">
<%= f.submit "Update" %>
</div>
<% end %>
<h3>Cancel my account</h3>
<p>Unhappy? <%= button_to "Cancel my account", registration_path(resource_name), data: { confirm: "Are you sure?" }, method: :delete %></p>
<%= link_to "Back", :back %>

View file

@ -0,0 +1,29 @@
<h2>Sign up</h2>
<%= form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f| %>
<%= devise_error_messages! %>
<div class="field">
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true %>
</div>
<div class="field">
<%= f.label :password %>
<% if @validatable %>
<em>(<%= @minimum_password_length %> characters minimum)</em>
<% end %><br />
<%= f.password_field :password, autocomplete: "off" %>
</div>
<div class="field">
<%= f.label :password_confirmation %><br />
<%= f.password_field :password_confirmation, autocomplete: "off" %>
</div>
<div class="actions">
<%= f.submit "Sign up" %>
</div>
<% end %>
<%= render "users/shared/links" %>

View file

@ -0,0 +1,19 @@
%h2#login_user Connexion
= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f|
.field
= f.label :email
%br
= f.email_field :email, autofocus: true
.field
= f.label :password
%br
= f.password_field :password, autocomplete: "off"
%br
/ - if devise_mapping.rememberable?
/ .field
/ = f.check_box :remember_me
/ = f.label :remember_me
.actions
= f.submit "Se connecter"
= render "users/shared/links"

View file

@ -0,0 +1,25 @@
<%- if controller_name != 'sessions' %>
<%= link_to "Log in", new_session_path(resource_name) %><br />
<% end -%>
<%- if devise_mapping.registerable? && controller_name != 'registrations' %>
<%= link_to "Sign up", new_registration_path(resource_name) %><br />
<% end -%>
<%- if devise_mapping.recoverable? && controller_name != 'passwords' && controller_name != 'registrations' %>
<%= link_to "Forgot your password?", new_password_path(resource_name) %><br />
<% end -%>
<%- if devise_mapping.confirmable? && controller_name != 'confirmations' %>
<%= link_to "Didn't receive confirmation instructions?", new_confirmation_path(resource_name) %><br />
<% end -%>
<%- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks' %>
<%= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name) %><br />
<% end -%>
<%- if devise_mapping.omniauthable? %>
<%- resource_class.omniauth_providers.each do |provider| %>
<%= link_to "Sign in with #{provider.to_s.titleize}", omniauth_authorize_path(resource_name, provider) %><br />
<% end -%>
<% end -%>

View file

@ -0,0 +1,16 @@
<h2>Resend unlock instructions</h2>
<%= form_for(resource, as: resource_name, url: unlock_path(resource_name), html: { method: :post }) do |f| %>
<%= devise_error_messages! %>
<div class="field">
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true %>
</div>
<div class="actions">
<%= f.submit "Resend unlock instructions" %>
</div>
<% end %>
<%= render "users/shared/links" %>

View file

@ -0,0 +1,2 @@
%h1 coucou

View file

@ -1,12 +1,17 @@
Rails.application.routes.draw do Rails.application.routes.draw do
devise_for :users, controllers: {
sessions: 'users/sessions'
}
devise_for :gestionnaires, controllers: { devise_for :gestionnaires, controllers: {
sessions: 'gestionnaires/sessions' sessions: 'gestionnaires/sessions'
}, skip: [:password, :registrations] }, skip: [:password, :registrations]
root 'start#index' root 'welcome#index'
get 'start' => 'start#index'
get 'start/index' get 'start/index'
get 'start/error_siret' get 'start/error_siret'
get 'start/error_login' get 'start/error_login'

View file

@ -0,0 +1,42 @@
class CreateUsers < ActiveRecord::Migration
def change
create_table(:users) do |t|
## Database authenticatable
t.string :email, null: false, default: ""
t.string :encrypted_password, null: false, default: ""
## Recoverable
t.string :reset_password_token
t.datetime :reset_password_sent_at
## Rememberable
t.datetime :remember_created_at
## Trackable
t.integer :sign_in_count, default: 0, null: false
t.datetime :current_sign_in_at
t.datetime :last_sign_in_at
t.inet :current_sign_in_ip
t.inet :last_sign_in_ip
## Confirmable
# t.string :confirmation_token
# t.datetime :confirmed_at
# t.datetime :confirmation_sent_at
# t.string :unconfirmed_email # Only if using reconfirmable
## Lockable
# t.integer :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
# t.string :unlock_token # Only if unlock strategy is :email or :both
# t.datetime :locked_at
t.timestamps
end
add_index :users, :email, unique: true
add_index :users, :reset_password_token, unique: true
# add_index :users, :confirmation_token, unique: true
# add_index :users, :unlock_token, unique: true
end
end

View file

@ -11,7 +11,7 @@
# #
# It's strongly recommended that you check this file into your version control system. # It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20150922113504) do ActiveRecord::Schema.define(version: 20150922141232) do
# These are extensions that must be enabled in order to support this database # These are extensions that must be enabled in order to support this database
enable_extension "plpgsql" enable_extension "plpgsql"
@ -108,7 +108,7 @@ ActiveRecord::Schema.define(version: 20150922113504) do
t.integer "type_de_piece_justificative_id" t.integer "type_de_piece_justificative_id"
end end
add_index "pieces_justificatives", ["type_de_piece_justificative_id"], name: "index_pieces_justificatives_on_type_piece_jointe_id", using: :btree add_index "pieces_justificatives", ["type_de_piece_justificative_id"], name: "index_pieces_justificatives_on_type_de_piece_justificative_id", using: :btree
create_table "procedures", force: :cascade do |t| create_table "procedures", force: :cascade do |t|
t.string "libelle" t.string "libelle"
@ -130,6 +130,24 @@ ActiveRecord::Schema.define(version: 20150922113504) do
t.integer "procedure_id" t.integer "procedure_id"
end end
create_table "users", force: :cascade do |t|
t.string "email", default: "", null: false
t.string "encrypted_password", default: "", null: false
t.string "reset_password_token"
t.datetime "reset_password_sent_at"
t.datetime "remember_created_at"
t.integer "sign_in_count", default: 0, null: false
t.datetime "current_sign_in_at"
t.datetime "last_sign_in_at"
t.inet "current_sign_in_ip"
t.inet "last_sign_in_ip"
t.datetime "created_at"
t.datetime "updated_at"
end
add_index "users", ["email"], name: "index_users_on_email", unique: true, using: :btree
add_index "users", ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true, using: :btree
add_foreign_key "cerfas", "dossiers" add_foreign_key "cerfas", "dossiers"
add_foreign_key "commentaires", "dossiers" add_foreign_key "commentaires", "dossiers"
end end

View file

@ -1,6 +1,6 @@
require 'spec_helper' require 'spec_helper'
RSpec.describe StartController, type: :controller do describe StartController, type: :controller do
let!(:procedure) { create(:procedure) } let!(:procedure) { create(:procedure) }
describe 'GET #index' do describe 'GET #index' do
@ -10,68 +10,73 @@ RSpec.describe StartController, type: :controller do
context 'when params procedure_id is present' do context 'when params procedure_id is present' do
context 'when procedure_id is valid' do context 'when procedure_id is valid' do
it { expect(response).to have_http_status(:success) } context 'when user is logged in' do
before do
sign_in create(:user)
end end
subject { get :index, procedure_id: procedure }
it { expect(subject).to have_http_status(:success) }
context 'when procedure_id is not valid' do context 'when procedure_id is not valid' do
let(:procedure) { '' } let(:procedure) { '' }
it { expect(response).to have_http_status(404) } it { is_expected.to have_http_status(404) }
end end
end
context 'when params procedure_id is not present' do context 'when params procedure_id is not present' do
before do subject { get :index }
get :index it { is_expected.to have_http_status(404) }
end
end
context 'when user is not logged' do
it { expect(response).to have_http_status(302) }
end
end end
it { expect(response).to have_http_status(404) }
end end
end end
describe 'GET #index with bad SIRET' do # describe 'GET #index with bad SIRET' do
before do # before do
get :error_siret, procedure_id: procedure # get :error_siret, procedure_id: procedure
end # end
it 'returns http success and flash alert is present' do # it 'returns http success and flash alert is present' do
expect(response).to have_http_status(:success) # expect(response).to have_http_status(:success)
end # end
it 'la flash alert est présente' do # it 'la flash alert est présente' do
expect(flash[:alert]).to be_present # expect(flash[:alert]).to be_present
end # end
it 'la flash alert a un libellé correct' do # it 'la flash alert a un libellé correct' do
expect(flash[:alert]).to have_content('Ce SIRET n\'est pas valide') # expect(flash[:alert]).to have_content('Ce SIRET n\'est pas valide')
end # end
end # end
describe 'GET #index with bad LOGIN' do # describe 'GET #index with bad LOGIN' do
before do # before do
get :error_login # get :error_login
end # end
it 'returns http success and flash alert is present' do # it 'returns http success and flash alert is present' do
expect(response).to have_http_status(:success) # expect(response).to have_http_status(:success)
end # end
it 'la flash alert est présente' do # it 'la flash alert est présente' do
expect(flash[:alert]).to be_present # expect(flash[:alert]).to be_present
end # end
it 'la flash alert a un libellé correct' do # it 'la flash alert a un libellé correct' do
expect(flash[:alert]).to have_content('Ce compte n\'existe pas') # expect(flash[:alert]).to have_content('Ce compte n\'existe pas')
end # end
end # end
describe 'GET #index with bad DOSSIER' do # describe 'GET #index with bad DOSSIER' do
before do # before do
get :error_dossier # get :error_dossier
end # end
it 'returns http success and flash alert is present' do # it 'returns http success and flash alert is present' do
expect(response).to have_http_status(:success) # expect(response).to have_http_status(:success)
end # end
it 'la flash alert est présente' do # it 'la flash alert est présente' do
expect(flash[:alert]).to be_present # expect(flash[:alert]).to be_present
end # end
it 'la flash alert a un libellé correct' do # it 'la flash alert a un libellé correct' do
expect(flash[:alert]).to have_content('Ce dossier n\'existe pas') # expect(flash[:alert]).to have_content('Ce dossier n\'existe pas')
end # end
end # end
end end

7
spec/factories/user.rb Normal file
View file

@ -0,0 +1,7 @@
FactoryGirl.define do
sequence(:user_email) { |n| "plop#{n}@plop.com" }
factory :user do
email { generate(:user_email) }
password 'password'
end
end

View file

@ -0,0 +1,39 @@
require 'spec_helper'
feature 'user arrive on start page' do
let(:procedure) { create(:procedure) }
let(:user) { create(:user) }
let(:siret) { '42149333900020' }
let(:siren) { siret[0...9] }
context 'when user is not logged in' do
before do
visit start_path(procedure_id: procedure.id)
end
scenario 'he is redirected to login page' do
expect(page).to have_css('#login_user')
end
context 'when he enter login information' do
before do
page.find_by_id('user_email').set user.email
page.find_by_id('user_password').set user.password
page.click_on 'Se connecter'
end
scenario 'he is redirected to start page to enter a siret' do
expect(page).to have_css('#pro_section')
end
context 'when enter a siret' do
before do
stub_request(:get, "https://api-dev.apientreprise.fr/api/v1/etablissements/#{siret}?token=#{SIADETOKEN}")
.to_return(status: 200, body: File.read('spec/support/files/etablissement.json'))
stub_request(:get, "https://api-dev.apientreprise.fr/api/v1/entreprises/#{siren}?token=#{SIADETOKEN}")
.to_return(status: 200, body: File.read('spec/support/files/entreprise.json'))
page.find_by_id('siret').set siret
page.click_on 'Commencer'
end
scenario 'he is redirected to recap info entreprise page' do
expect(page).to have_css('#recap_info_entreprise')
end
end
end
end
end

18
spec/models/user_spec.rb Normal file
View file

@ -0,0 +1,18 @@
require 'rails_helper'
describe User, type: :model do
describe 'database columns' do
it { is_expected.to have_db_column(:email) }
it { is_expected.to have_db_column(:encrypted_password) }
it { is_expected.to have_db_column(:reset_password_token) }
it { is_expected.to have_db_column(:reset_password_sent_at) }
it { is_expected.to have_db_column(:remember_created_at) }
it { is_expected.to have_db_column(:sign_in_count) }
it { is_expected.to have_db_column(:current_sign_in_at) }
it { is_expected.to have_db_column(:last_sign_in_at) }
it { is_expected.to have_db_column(:current_sign_in_ip) }
it { is_expected.to have_db_column(:last_sign_in_ip) }
it { is_expected.to have_db_column(:created_at) }
it { is_expected.to have_db_column(:updated_at) }
end
end