clean: log current_user in api v2, when not using token_v3

2023-03-15 21:46:34 +01:00 · 2023-03-15 21:46:34 +01:00 · 8b5d493f12
commit 8b5d493f12
parent 7a6658700e
3 changed files with 14 additions and 2 deletions
--- a/app/controllers/api/v2/graphql_controller.rb
+++ b/app/controllers/api/v2/graphql_controller.rb
@ -19,6 +19,12 @@ class API::V2::GraphqlController < API::V2::BaseController
  private

  def append_info_to_payload(payload)
+    # if on the graphql playground, authenticate via devise
+    # if authenticate by a v2 or v3 token
+    # @current_user is set by `api_v2_base_controller.authenticate_administrateur_from_token`
+    # else it is set on `context.authorized_demarche`
+    @current_user ||= Current.user
+
    super

    payload.merge!({
--- a/app/graphql/api/v2/context.rb
+++ b/app/graphql/api/v2/context.rb
@ -62,7 +62,13 @@ class API::V2::Context < GraphQL::Query::Context
    if self[:procedure_ids].present?
      self[:procedure_ids].include?(demarche.id)
    elsif self[:token].present?
-      APIToken.find_and_verify(self[:token], demarche.administrateurs).present?
+      token = APIToken.find_and_verify(self[:token], demarche.administrateurs)
+      if token.present?
+        Current.user = token.administrateur.user
+        true
+      else
+        false
+      end
    else
      false
    end
--- a/app/models/current.rb
+++ b/app/models/current.rb
@ -1,3 +1,3 @@
 class Current < ActiveSupport::CurrentAttributes
-  attribute :request_id
+  attribute :user, :request_id
 end