diff --git a/app/controllers/users/dossiers_controller.rb b/app/controllers/users/dossiers_controller.rb
index 29239156b..ecfa8e778 100644
--- a/app/controllers/users/dossiers_controller.rb
+++ b/app/controllers/users/dossiers_controller.rb
@@ -596,7 +596,7 @@ module Users
end
def forbidden!
- flash[:alert] = t('users.dossiers.no_access')
+ flash[:alert] = t('users.dossiers.no_access_html', email: current_user.email)
redirect_to root_path
end
diff --git a/config/locales/en.yml b/config/locales/en.yml
index 7e4bbc9cb..93bd75ff2 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -756,7 +756,7 @@ en:
users:
dossiers:
test_procedure: "This file is submitted on a test procedure. Any modification of the procedure by the administrator (addition of a field, publication of the procedure, etc.) will result in the removal of the file."
- no_access: "You do not have access to this file"
+ no_access_html: "You do not have access to this file.
Check that you were signed in as %{email} to fill this procedure.
If not, please log off"
no_longer_editable: "Your file can no longer be edited"
en_construction_submitted: "The modifications have already been submitted"
fill_identity:
diff --git a/config/locales/fr.yml b/config/locales/fr.yml
index 20ee01b63..7b28085f0 100644
--- a/config/locales/fr.yml
+++ b/config/locales/fr.yml
@@ -759,7 +759,7 @@ fr:
users:
dossiers:
test_procedure: "Ce dossier est déposé sur une démarche en test. Toute modification de la démarche par l’administrateur (ajout d’un champ, publication de la démarche...) entraînera sa suppression."
- no_access: "Vous n’avez pas accès à ce dossier"
+ no_access_html: "Vous n’avez pas accès à ce dossier.
Vérifiez que votre adresse email de connexion %{email} est bien celle utilisée pour remplir cette démarche.
Si ce n'est pas le cas, déconnectez-vous"
no_longer_editable: "Votre dossier ne peut plus être modifié"
en_construction_submitted: "Les modifications ont déjà été déposées"
fill_identity:
diff --git a/spec/controllers/users/dossiers_controller_spec.rb b/spec/controllers/users/dossiers_controller_spec.rb
index 5262898b0..49441e50b 100644
--- a/spec/controllers/users/dossiers_controller_spec.rb
+++ b/spec/controllers/users/dossiers_controller_spec.rb
@@ -25,7 +25,7 @@ describe Users::DossiersController, type: :controller do
before { @controller.send(ensure_authorized) }
it { expect(@controller).to have_received(:redirect_to).with(root_path) }
- it { expect(flash.alert).to eq("Vous n’avez pas accès à ce dossier") }
+ it { expect(flash.alert).to include("Vous n’avez pas accès à ce dossier") }
end
describe '#ensure_ownership!' do
@@ -35,28 +35,41 @@ describe Users::DossiersController, type: :controller do
before do
@controller.params = @controller.params.merge(dossier_id: asked_dossier.id)
- expect(@controller).to receive(:current_user).and_return(user)
allow(@controller).to receive(:redirect_to)
end
context 'when a user asks for their own dossier' do
+ before do
+ expect(@controller).to receive(:current_user).and_return(user)
+ end
+
let(:asked_dossier) { create(:dossier, user: user) }
it_behaves_like 'does not redirect nor flash'
end
context 'when a user asks for another dossier' do
+ before do
+ expect(@controller).to receive(:current_user).twice.and_return(user)
+ end
+
it_behaves_like 'redirects and flashes'
end
context 'when an invite asks for a dossier where they were invited' do
- before { create(:invite, dossier: asked_dossier, user: user) }
+ before do
+ expect(@controller).to receive(:current_user).twice.and_return(user)
+ create(:invite, dossier: asked_dossier, user: user)
+ end
it_behaves_like 'redirects and flashes'
end
context 'when an invite asks for another dossier' do
- before { create(:invite, dossier: create(:dossier), user: user) }
+ before do
+ expect(@controller).to receive(:current_user).twice.and_return(user)
+ create(:invite, dossier: create(:dossier), user: user)
+ end
it_behaves_like 'redirects and flashes'
end
@@ -69,28 +82,41 @@ describe Users::DossiersController, type: :controller do
before do
@controller.params = @controller.params.merge(dossier_id: asked_dossier.id)
- expect(@controller).to receive(:current_user).and_return(user)
allow(@controller).to receive(:redirect_to)
end
context 'when a user asks for their own dossier' do
+ before do
+ expect(@controller).to receive(:current_user).and_return(user)
+ end
+
let(:asked_dossier) { create(:dossier, user: user) }
it_behaves_like 'does not redirect nor flash'
end
context 'when a user asks for another dossier' do
+ before do
+ expect(@controller).to receive(:current_user).twice.and_return(user)
+ end
+
it_behaves_like 'redirects and flashes'
end
context 'when an invite asks for a dossier where they were invited' do
- before { create(:invite, dossier: asked_dossier, user: user) }
+ before do
+ expect(@controller).to receive(:current_user).and_return(user)
+ create(:invite, dossier: asked_dossier, user: user)
+ end
it_behaves_like 'does not redirect nor flash'
end
context 'when an invite asks for another dossier' do
- before { create(:invite, dossier: create(:dossier), user: user) }
+ before do
+ expect(@controller).to receive(:current_user).twice.and_return(user)
+ create(:invite, dossier: create(:dossier), user: user)
+ end
it_behaves_like 'redirects and flashes'
end
@@ -431,7 +457,7 @@ describe Users::DossiersController, type: :controller do
before { subject }
it { expect(response).to redirect_to(root_path) }
- it { expect(flash.alert).to eq("Vous n’avez pas accès à ce dossier") }
+ it { expect(flash.alert).to include("Vous n’avez pas accès à ce dossier") }
end
end