feat(api): add invalid ip addr error

app/controllers/api_tokens_controller.rb

@@ -19,6 +19,10 @@ class APITokensController < ApplicationController
   end
 
   def create
+    if params[:networkFiltering] == "customNetworks" && invalid_network?
+      return redirect_to securite_api_tokens_path(all_params.merge(invalidNetwork: true))
+    end
+
     @api_token, @packed_token = APIToken.generate(current_administrateur)
 
     @api_token.update!(name:, write_access:,
@@ -33,6 +37,11 @@ class APITokensController < ApplicationController
 
   private
 
+  def all_params
+    [:name, :access, :target, :targets, :networkFiltering, :networks, :lifetime, :customLifetime]
+      .index_with { |param| params[param] }
+  end
+
   def authorized_networks
     if params[:networkFiltering] == "customNetworks"
       networks
@@ -41,6 +50,19 @@ class APITokensController < ApplicationController
     end
   end
 
+  def invalid_network?
+    params[:networks]
+      .split
+      .any? do
+        begin
+          IPAddr.new(_1)
+          false
+        rescue
+          true
+        end
+      end
+  end
+
   def networks
     params[:networks]
       .split

app/javascript/controllers/api_token_securite_controller.ts

@@ -17,6 +17,10 @@ export class ApiTokenSecuriteController extends ApplicationController {
   declare readonly customLifetimeInputTarget: HTMLInputElement;
   declare readonly networksTarget: HTMLInputElement;
 
+  connect() {
+    this.setContinueButtonState();
+  }
+
   showNetworkFiltering() {
     this.networkFilteringTarget.classList.remove('hidden');
     this.setContinueButtonState();

app/views/api_tokens/securite.html.haml

@@ -30,35 +30,47 @@
       target: :networkFiltering,
       buttons: [ { label: 'Je veux spécifier les réseaux autorisées à utiliser mon jeton',
         value: :customNetworks,
+        checked: params[:networkFiltering] == 'customNetworks',
         'data-action': 'click->api-token-securite#showNetworkFiltering' },
         { label: 'Mon jeton peut être utilisé depuis nʼimporte quelle adresse IP dans le monde',
         hint: 'dangereux',
         value: :none,
+        checked: params[:networkFiltering] == 'none',
         'data-action': 'click->api-token-securite#hideNetworkFiltering' }]) do
       Filtrage réseau :
 
-    .fr-input-group.fr-mb-4w.hidden{ 'data-api-token-securite-target': 'networkFiltering' }
+    .fr-input-group.fr-mb-4w{
+      'data-api-token-securite-target': 'networkFiltering',
+      class: class_names('hidden': params[:networkFiltering] == 'none' || params[:networkFiltering].blank?, 'fr-input-group--error': params[:invalidNetwork].present?) }
       = f.label :name, class: 'fr-label' do
         Entrez les adresses IP autorisées
         %span.fr-hint-text adresses réseaux séparées par des espaces. Ex: 176.31.79.200 192.168.33.0/24 2001:41d0:304:400::52f/128
       = f.text_field :networks,
-        class: 'fr-input',
+        class: class_names('fr-input': true, 'fr-input--error': params[:invalidNetwork].present?),
         autocomplete: 'off',
         autocapitalize: 'off',
         autocorrect: 'off',
         spellcheck: false,
-        'data-action': 'input->api-token-securite#setContinueButtonState'
+        value: params[:networks],
+        'data-action': 'input->api-token-securite#setContinueButtonState',
+        'data-api-token-securite-target': 'networks'
+
+      - if params[:invalidNetwork].present?
+        %p.fr-error-text Vous devez entrer des adresses IPv4 ou IPv6 valides
 
     = render Dsfr::RadioButtonListComponent.new(form: f,
       target: :lifetime,
       buttons: [ { label: '1 semaine',
         value: :oneWeek,
+        checked: params[:lifetime] == 'oneWeek',
         'data-action': 'click->api-token-securite#hideCustomLifetime' },
         { label: 'durée personnalisée inférieure à 1 an',
         value: :custom,
+        checked: params[:lifetime] == 'custom',
         'data-action': 'click->api-token-securite#showCustomLifetime'},
         { label: 'Infini (le filtrage réseau doit être activé)',
         value: :infinite,
+        checked: params[:lifetime] == 'infinite',
         disabled: true,
         'data-api-token-securite-target': 'infiniteLifetime',
         'data-action': 'click->api-token-securite#hideCustomLifetime' }]) do

spec/controllers/api_tokens_controller_spec.rb

@@ -51,14 +51,13 @@ describe APITokensController, type: :controller do
       let(:params) { default_params.merge(networkFiltering: 'customNetworks', networks:) }
 
       it do
-        expect(token.authorized_networks).to be_blank
-        expect(token.expires_at).to eq(1.week.from_now.to_date)
+        expect(token).to be_nil
       end
     end
 
     context 'with network filtering' do
-      let(:networks) { '192.168.1.23/32 2001:41d0:304:400::52f/128 bad' }
-      let(:params) { default_params.merge(restriction: 'customNetworks', networks: ) }
+      let(:networks) { '192.168.1.23/32 2001:41d0:304:400::52f/128' }
+      let(:params) { default_params.merge(networkFiltering: 'customNetworks', networks:) }
 
       it {
   expect(token.authorized_networks).to eq([