a procedure has an encrypted api_particulier_token

Co-authored-by: François VANTOMME <akarzim@gmail.com>
This commit is contained in:
simon lehericey 2021-07-16 17:03:58 +02:00
parent 66c35fdffe
commit b29bae4707
4 changed files with 28 additions and 8 deletions

View file

@ -18,6 +18,7 @@
# duree_conservation_dossiers_dans_ds :integer
# duree_conservation_dossiers_hors_ds :integer
# durees_conservation_required :boolean default(TRUE)
# encrypted_api_particulier_token :string
# euro_flag :boolean default(FALSE)
# experts_require_administrateur_invitation :boolean default(FALSE)
# for_individual :boolean default(FALSE)
@ -47,6 +48,7 @@
class Procedure < ApplicationRecord
include ProcedureStatsConcern
include EncryptableConcern
include Discard::Model
self.discard_column = :hidden_at
@ -56,6 +58,9 @@ class Procedure < ApplicationRecord
MAX_DUREE_CONSERVATION_EXPORT = 3.hours
MIN_WEIGHT = 350000
attr_encrypted :api_particulier_token
has_many :revisions, -> { order(:id) }, class_name: 'ProcedureRevision', inverse_of: :procedure
belongs_to :draft_revision, class_name: 'ProcedureRevision', optional: false
belongs_to :published_revision, class_name: 'ProcedureRevision', optional: true
@ -262,6 +267,7 @@ class Procedure < ApplicationRecord
if: -> { new_record? || created_at > Date.new(2020, 11, 13) }
validates :api_entreprise_token, jwt_token: true, allow_blank: true
validates :api_particulier_token, format: { with: /\A[A-Za-z0-9\-_=.]{15,}\z/, message: "n'est pas un jeton valide" }, allow_blank: true
before_save :update_juridique_required
after_initialize :ensure_path_exists
@ -440,6 +446,7 @@ class Procedure < ApplicationRecord
if is_different_admin
procedure.administrateurs = [admin]
procedure.api_entreprise_token = nil
procedure.encrypted_api_particulier_token = nil
else
procedure.administrateurs = administrateurs
end

View file

@ -0,0 +1,5 @@
class AddEncryptedAPIParticulierTokenToProcedures < ActiveRecord::Migration[6.0]
def change
add_column :procedures, :encrypted_api_particulier_token, :string
end
end

View file

@ -599,6 +599,7 @@ ActiveRecord::Schema.define(version: 2021_07_27_172504) do
t.bigint "draft_revision_id"
t.bigint "published_revision_id"
t.boolean "allow_expert_review", default: true, null: false
t.string "encrypted_api_particulier_token"
t.boolean "experts_require_administrateur_invitation", default: false
t.index ["declarative_with_state"], name: "index_procedures_on_declarative_with_state"
t.index ["draft_revision_id"], name: "index_procedures_on_draft_revision_id"

View file

@ -206,18 +206,25 @@ describe Procedure do
end
end
context 'api_entreprise_token' do
let(:valid_token) { "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c" }
let(:invalid_token) { 'plouf' }
it { is_expected.to allow_value(valid_token).for(:api_entreprise_token) }
it { is_expected.not_to allow_value(invalid_token).for(:api_entreprise_token) }
context 'when juridique_required is false' do
let(:procedure) { build(:procedure, juridique_required: false, cadre_juridique: nil) }
it { expect(procedure.valid?).to eq(true) }
end
end
context 'when juridique_required is false' do
let(:procedure) { build(:procedure, juridique_required: false, cadre_juridique: nil) }
context 'api_entreprise_token' do
let(:valid_token) { "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c" }
let(:invalid_token) { 'plouf' }
it { is_expected.to allow_value(valid_token).for(:api_entreprise_token) }
it { is_expected.not_to allow_value(invalid_token).for(:api_entreprise_token) }
end
it { expect(procedure.valid?).to eq(true) }
context 'api_particulier_token' do
let(:valid_token) { "3841b13fa8032ed3c31d160d3437a76a" }
let(:invalid_token) { 'jet0n 1nvalide' }
it { is_expected.to allow_value(valid_token).for(:api_particulier_token) }
it { is_expected.not_to allow_value(invalid_token).for(:api_particulier_token) }
end
context 'monavis' do