Sync credentials between user, gestionnaire and administrateur account

app/models/administrateur.rb

@@ -6,6 +6,7 @@ class Administrateur < ActiveRecord::Base
   has_many :procedures
 
   before_save :ensure_api_token
+  after_update :sync_credentials, if: -> { Features.unified_login }
 
   def ensure_api_token
     if api_token.nil?
@@ -25,4 +26,11 @@ class Administrateur < ActiveRecord::Base
       break token unless Administrateur.find_by(api_token: token)
     end
   end
+
+  def sync_credentials
+    if email_changed? || encrypted_password_changed?
+      return SyncCredentialsService.new(Administrateur, email_was, email, encrypted_password).change_credentials!
+    end
+    true
+  end
 end

app/models/gestionnaire.rb

@@ -88,12 +88,7 @@ class Gestionnaire < ActiveRecord::Base
 
   def sync_credentials
     if email_changed? || encrypted_password_changed?
-      user = User.find_by(email: email_was)
-      if user
-        return user.update_columns(
-          email: email,
-          encrypted_password: encrypted_password)
-      end
+      return SyncCredentialsService.new(Gestionnaire, email_was, email, encrypted_password).change_credentials!
     end
     true
   end

app/models/user.rb

@@ -39,12 +39,7 @@ class User < ActiveRecord::Base
 
   def sync_credentials
     if email_changed? || encrypted_password_changed?
-      gestionnaire = Gestionnaire.find_by(email: email_was)
-      if gestionnaire
-        return gestionnaire.update_columns(
-          email: email,
-          encrypted_password: encrypted_password)
-      end
+      return SyncCredentialsService.new(User, email_was, email, encrypted_password).change_credentials!
     end
     true
   end

app/services/sync_credentials_service.rb

@@ -0,0 +1,38 @@
+class SyncCredentialsService
+
+  def initialize klass, email_was, email, encrypted_password
+    @klass = klass
+    @email_was = email_was
+    @email = email
+    @encrypted_password = encrypted_password
+  end
+
+  def change_credentials!
+    unless @klass == User
+      user = User.find_by(email: @email_was)
+      if user
+        return user.update_columns(
+            email: @email,
+            encrypted_password: @encrypted_password)
+      end
+    end
+
+    unless @klass == Gestionnaire
+      gestionnaire = Gestionnaire.find_by(email: @email_was)
+      if gestionnaire
+        return gestionnaire.update_columns(
+            email: @email,
+            encrypted_password: @encrypted_password)
+      end
+    end
+
+    unless @klass == Administrateur
+      administrateur = Administrateur.find_by(email: @email_was)
+      if administrateur
+        return administrateur.update_columns(
+            email: @email,
+            encrypted_password: @encrypted_password)
+      end
+    end
+  end
+end

spec/models/administrateur_spec.rb

@@ -42,4 +42,30 @@ describe Administrateur, type: :model do
       expect(admin_1.api_token).to eq(new_token)
     end
   end
+
+  context 'unified login' do
+    before { allow(Features).to receive(:unified_login).and_return(true) }
+
+    it 'syncs credentials to associated user' do
+      administrateur = create(:administrateur)
+      user = create(:user, email: administrateur.email)
+
+      administrateur.update_attributes(email: 'whoami@plop.com', password: 'super secret')
+
+      user.reload
+      expect(user.email).to eq('whoami@plop.com')
+      expect(user.valid_password?('super secret')).to be(true)
+    end
+
+    it 'syncs credentials to associated administrateur' do
+      administrateur = create(:administrateur)
+      gestionnaire = create(:gestionnaire, email: administrateur.email)
+
+      administrateur.update_attributes(email: 'whoami@plop.com', password: 'super secret')
+
+      gestionnaire.reload
+      expect(gestionnaire.email).to eq('whoami@plop.com')
+      expect(gestionnaire.valid_password?('super secret')).to be(true)
+    end
+  end
 end

spec/models/gestionnaire_spec.rb

@@ -198,5 +198,16 @@ describe Gestionnaire, type: :model do
       expect(user.email).to eq('whoami@plop.com')
       expect(user.valid_password?('super secret')).to be(true)
     end
+
+    it 'syncs credentials to associated administrateur' do
+      gestionnaire = create(:gestionnaire)
+      admin = create(:administrateur, email: gestionnaire.email)
+
+      gestionnaire.update_attributes(email: 'whoami@plop.com', password: 'super secret')
+
+      admin.reload
+      expect(admin.email).to eq('whoami@plop.com')
+      expect(admin.valid_password?('super secret')).to be(true)
+    end
   end
 end

spec/models/user_spec.rb

@@ -86,5 +86,16 @@ describe User, type: :model do
       expect(gestionnaire.email).to eq('whoami@plop.com')
       expect(gestionnaire.valid_password?('super secret')).to be(true)
     end
+
+    it 'syncs credentials to associated administrateur' do
+      user = create(:user)
+      admin = create(:administrateur, email: user.email)
+
+      user.update_attributes(email: 'whoami@plop.com', password: 'super secret')
+
+      admin.reload
+      expect(admin.email).to eq('whoami@plop.com')
+      expect(admin.valid_password?('super secret')).to be(true)
+    end
   end
 end