Merge pull request #5095 from betagouv/5086-afficher-attestation-sociale

[5086] instructeurs : affiche attestation sociale pour les procédures autorisées
This commit is contained in:
krichtof 2020-04-29 16:37:18 +02:00 committed by GitHub
commit 8130e1d2b5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
15 changed files with 148 additions and 2 deletions

View file

@ -42,6 +42,7 @@ gem 'groupdate'
gem 'haml-rails'
gem 'hashie'
gem 'jquery-rails' # Use jquery as the JavaScript library
gem 'jwt'
gem 'kaminari', '= 1.1.1' # Pagination
gem 'lograge'
gem 'logstash-event'

View file

@ -775,6 +775,7 @@ DEPENDENCIES
haml-rails
hashie
jquery-rails
jwt
kaminari (= 1.1.1)
launchy
letter_opener_web

View file

@ -112,7 +112,9 @@ module Users
return render_siret_error(t('errors.messages.siret_unknown'))
end
attestation_sociale_url = etablissement_attributes.delete(:entreprise_attestation_sociale_url)
etablissement = @dossier.build_etablissement(etablissement_attributes)
etablissement.upload_attestation_sociale(attestation_sociale_url) if attestation_sociale_url.present?
etablissement.save!
current_user.update!(siret: sanitized_siret)
@dossier.update!(autorisation_donnees: true)

View file

@ -5,6 +5,7 @@ class ApiEntreprise::API
RNA_RESOURCE_NAME = "associations"
EFFECTIFS_RESOURCE_NAME = "effectifs_mensuels_acoss_covid"
EFFECTIFS_ANNUELS_RESOURCE_NAME = "effectifs_annuels_acoss_covid"
ATTESTATION_SOCIALE_RESOURCE_NAME = "attestations_sociales_acoss"
TIMEOUT = 15
@ -39,6 +40,11 @@ class ApiEntreprise::API
call(EFFECTIFS_ANNUELS_RESOURCE_NAME, siren, procedure_id)
end
def self.attestation_sociale(siren, procedure_id)
procedure = Procedure.find(procedure_id)
call(ATTESTATION_SOCIALE_RESOURCE_NAME, siren, procedure_id) if procedure.api_entreprise_role?("attestations_sociales")
end
private
def self.call(resource_name, siret_or_siren, procedure_id)
@ -80,6 +86,6 @@ class ApiEntreprise::API
def self.token_for_procedure(procedure_id)
procedure = Procedure.find(procedure_id)
procedure.api_entreprise_token.presence || Rails.application.secrets.api_entreprise[:key]
procedure.api_entreprise_token
end
end

View file

@ -0,0 +1,22 @@
class ApiEntreprise::AttestationSocialeAdapter < ApiEntreprise::Adapter
def initialize(siren, procedure_id)
@siren = siren
@procedure_id = procedure_id
end
private
def get_resource
ApiEntreprise::API.attestation_sociale(@siren, @procedure_id)
end
def process_params
if data_source[:url].present?
{
entreprise_attestation_sociale_url: data_source[:url]
}
else
{}
end
end
end

View file

@ -4,6 +4,8 @@ class Etablissement < ApplicationRecord
has_one :champ, class_name: 'Champs::SiretChamp'
has_many :exercices, dependent: :destroy
has_one_attached :entreprise_attestation_sociale
accepts_nested_attributes_for :exercices
validates :siret, presence: true
@ -114,6 +116,19 @@ class Etablissement < ApplicationRecord
)
end
def upload_attestation_sociale(url)
filename = File.basename(URI.parse(url).path)
response = Typhoeus.get(url)
if response.success?
entreprise_attestation_sociale.attach(
io: StringIO.new(response.body),
filename: filename,
metadata: { virus_scan_result: ActiveStorage::VirusScanner::SAFE }
)
end
end
private
def dossier_id_for_export

View file

@ -547,6 +547,18 @@ class Procedure < ApplicationRecord
"Procedure;#{id}"
end
def api_entreprise_roles
JWT.decode(api_entreprise_token, nil, false)[0]["roles"] if api_entreprise_token.present?
end
def api_entreprise_role?(role)
api_entreprise_roles.include?(role)
end
def api_entreprise_token
self[:api_entreprise_token].presence || Rails.application.secrets.api_entreprise[:key]
end
private
def move_type_de_champ_attributes(types_de_champ, type_de_champ, new_index)

View file

@ -35,6 +35,12 @@ class ApiEntrepriseService
rescue ApiEntreprise::API::RequestFailed
end
begin
attestation_sociale_params = ApiEntreprise::AttestationSocialeAdapter.new(entreprise_params[:entreprise_siren], procedure_id).to_params
etablissement_params.merge!(attestation_sociale_params)
rescue ApiEntreprise::API::RequestFailed
end
etablissement_params.merge(entreprise_params)
end
end

View file

@ -67,6 +67,10 @@
- elsif etablissement.exercices.present?
= t('activemodel.models.exercices_summary', count: etablissement.exercices.count)
- if etablissement.entreprise_attestation_sociale.attached?
%tr
%th.libelle Attestation sociale
%td= link_to "Consulter l'attestation", url_for(etablissement.entreprise_attestation_sociale)
- if etablissement.association?
%tr
%th.libelle Numéro RNA :

View file

@ -221,6 +221,9 @@ describe Users::DossiersController, type: :controller do
let(:api_association_status) { 200 }
let(:api_association_body) { File.read('spec/fixtures/files/api_entreprise/associations.json') }
let(:api_entreprise_attestation_sociale_status) { 200 }
let(:api_entreprise_attestation_sociale_body) { File.read('spec/fixtures/files/api_entreprise/attestation_sociale.json') }
def stub_api_entreprise_requests
stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/etablissements\/#{siret}?.*token=/)
.to_return(status: api_etablissement_status, body: api_etablissement_body)
@ -234,11 +237,16 @@ describe Users::DossiersController, type: :controller do
.to_return(body: api_entreprise_effectifs_mensuels_body, status: api_entreprise_effectifs_mensuels_status)
stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/effectifs_annuels_acoss_covid\/#{siren}?.*token=/)
.to_return(body: api_entreprise_effectifs_annuels_body, status: api_entreprise_effectifs_annuels_status)
stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/attestations_sociales_acoss\/#{siren}?.*token=/)
.to_return(body: api_entreprise_attestation_sociale_body, status: api_entreprise_attestation_sociale_status)
stub_request(:get, "https://storage.entreprise.api.gouv.fr/siade/1569156881-f749d75e2bfd443316e2e02d59015f-attestation_vigilance_acoss.pdf")
.to_return(body: "body attestation", status: 200)
end
before do
sign_in(user)
stub_api_entreprise_requests
allow_any_instance_of(Procedure).to receive(:api_entreprise_roles).and_return(["entreprises", "attestations_sociales"])
end
before { Timecop.freeze(Time.zone.local(2020, 3, 14)) }
after { Timecop.return }
@ -334,6 +342,7 @@ describe Users::DossiersController, type: :controller do
expect(dossier.etablissement.association?).to be(true)
expect(dossier.etablissement.entreprise_effectif_mensuel).to be_present
expect(dossier.etablissement.entreprise_effectif_annuel).to be_present
expect(dossier.etablissement.entreprise_attestation_sociale).to be_attached
end
end
end

View file

@ -78,6 +78,7 @@ feature 'Creating a new dossier:' do
.to_return(status: 404, body: '')
stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/effectifs_annuels_acoss_covid\/#{siren}?.*token=/)
.to_return(status: 404, body: '')
allow_any_instance_of(Procedure).to receive(:api_entreprise_roles).and_return([])
end
before { Timecop.freeze(Time.zone.local(2020, 3, 14)) }
after { Timecop.return }

View file

@ -0,0 +1,4 @@
{
"url":
"https://storage.entreprise.api.gouv.fr/siade/1569156881-f749d75e2bfd443316e2e02d59015f-attestation_vigilance_acoss.pdf"
}

View file

@ -158,4 +158,31 @@ describe ApiEntreprise::API do
it { expect(subject).to eq(JSON.parse(body, symbolize_names: true)) }
end
end
describe '.attestation_sociale' do
let(:procedure) { create(:procedure, api_entreprise_token: token) }
let(:siren) { '418166096' }
let(:status) { 200 }
let(:body) { File.read('spec/fixtures/files/api_entreprise/attestation_sociale.json') }
before do
allow_any_instance_of(Procedure).to receive(:api_entreprise_roles).and_return(roles)
stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/attestations_sociales_acoss\/#{siren}?.*token=/)
.to_return(body: body, status: status)
end
subject { described_class.attestation_sociale(siren, procedure.id) }
context 'when token not authorized' do
let(:roles) { ["entreprises"] }
it { expect(subject).to eq(nil) }
end
context 'when token is authorized' do
let(:roles) { ["attestations_sociales"] }
it { expect(subject).to eq(JSON.parse(body, symbolize_names: true)) }
end
end
end

View file

@ -0,0 +1,25 @@
describe ApiEntreprise::AttestationSocialeAdapter do
let(:siren) { '418166096' }
let(:procedure) { create(:procedure) }
let(:adapter) { described_class.new(siren, procedure.id) }
subject { adapter.to_params }
before do
stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/attestations_sociales_acoss\/#{siren}?.*token=/)
.to_return(body: body, status: status)
allow_any_instance_of(Procedure).to receive(:api_entreprise_roles).and_return(["attestations_sociales"])
end
context "when the SIREN is valid" do
let(:body) { File.read('spec/fixtures/files/api_entreprise/attestation_sociale.json') }
let(:status) { 200 }
it '#to_params class est une Hash ?' do
expect(subject).to be_an_instance_of(Hash)
end
it "renvoie l'url de l'attestation sociale" do
expect(subject[:entreprise_attestation_sociale_url]).to eq("https://storage.entreprise.api.gouv.fr/siade/1569156881-f749d75e2bfd443316e2e02d59015f-attestation_vigilance_acoss.pdf")
end
end
end

View file

@ -13,6 +13,8 @@ describe ApiEntrepriseService do
.to_return(body: effectifs_mensuels_body, status: effectifs_mensuels_status)
stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/effectifs_annuels_acoss_covid\/#{siren}?.*token=/)
.to_return(body: effectifs_annuels_body, status: effectifs_annuels_status)
stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/attestations_sociales_acoss\/#{siren}?.*token=/)
.to_return(body: attestation_sociale_body, status: attestation_sociale_status)
end
before { Timecop.freeze(Time.zone.local(2020, 3, 14)) }
@ -38,15 +40,23 @@ describe ApiEntrepriseService do
let(:effectifs_annuels_body) { File.read('spec/fixtures/files/api_entreprise/effectifs_annuels.json') }
let(:effectif_annuel) { 100.5 }
let(:attestation_sociale_status) { 200 }
let(:attestation_sociale_body) { File.read('spec/fixtures/files/api_entreprise/attestation_sociale.json') }
let(:attestation_sociale_url) { "https://storage.entreprise.api.gouv.fr/siade/1569156881-f749d75e2bfd443316e2e02d59015f-attestation_vigilance_acoss.pdf" }
let(:exercices_status) { 200 }
let(:exercices_body) { File.read('spec/fixtures/files/api_entreprise/exercices.json') }
let(:associations_status) { 200 }
let(:associations_body) { File.read('spec/fixtures/files/api_entreprise/associations.json') }
let(:procedure) { create(:procedure) }
let(:procedure) { create(:procedure, api_entreprise_token: 'un-jeton') }
let(:result) { ApiEntrepriseService.get_etablissement_params_for_siret(siret, procedure.id) }
before do
allow_any_instance_of(Procedure).to receive(:api_entreprise_roles).and_return(["attestations_sociales"])
end
context 'when service is up' do
it 'should fetch etablissement params' do
expect(result[:entreprise_siren]).to eq(siren)
@ -55,6 +65,7 @@ describe ApiEntrepriseService do
expect(result[:exercices_attributes]).to_not be_empty
expect(result[:entreprise_effectif_mensuel]).to eq(effectif_mensuel)
expect(result[:entreprise_effectif_annuel]).to eq(effectif_annuel)
expect(result[:entreprise_attestation_sociale_url]).to eq(attestation_sociale_url)
end
end