Sign user + gestionnaire in (OpenSimplif)
Hacks into users/sessions to sign in and sign out a gestionnaire and/or a user at the same time, as long as credentials are identical (same email, same password).
This commit is contained in:
parent
c0fd8c7290
commit
b87d6a77e1
2 changed files with 113 additions and 16 deletions
|
@ -22,27 +22,45 @@ class Users::SessionsController < Sessions::SessionsController
|
|||
|
||||
#POST /resource/sign_in
|
||||
def create
|
||||
super
|
||||
try_to_authenticate(User)
|
||||
try_to_authenticate(Gestionnaire)
|
||||
|
||||
current_user.update_attributes(loged_in_with_france_connect: '')
|
||||
if user_signed_in?
|
||||
current_user.update_attributes(loged_in_with_france_connect: '')
|
||||
end
|
||||
|
||||
if gestionnaire_signed_in?
|
||||
redirect_to backoffice_path
|
||||
elsif user_signed_in?
|
||||
redirect_to after_sign_in_path_for(:user)
|
||||
else
|
||||
new
|
||||
render :new, status: 401
|
||||
end
|
||||
end
|
||||
|
||||
# DELETE /resource/sign_out
|
||||
def destroy
|
||||
connected_with_france_connect = current_user.loged_in_with_france_connect
|
||||
current_user.update_attributes(loged_in_with_france_connect: '')
|
||||
|
||||
signed_out = (Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name))
|
||||
set_flash_message :notice, :signed_out if signed_out && is_flashing_format?
|
||||
yield if block_given?
|
||||
|
||||
if connected_with_france_connect == 'entreprise'
|
||||
redirect_to FRANCE_CONNECT.entreprise_logout_endpoint
|
||||
elsif connected_with_france_connect == 'particulier'
|
||||
redirect_to FRANCE_CONNECT.particulier_logout_endpoint
|
||||
else
|
||||
respond_to_on_destroy
|
||||
if gestionnaire_signed_in?
|
||||
sign_out :gestionnaire
|
||||
end
|
||||
|
||||
if user_signed_in?
|
||||
connected_with_france_connect = current_user.loged_in_with_france_connect
|
||||
current_user.update_attributes(loged_in_with_france_connect: '')
|
||||
|
||||
sign_out :user
|
||||
|
||||
if connected_with_france_connect == 'entreprise'
|
||||
redirect_to FRANCE_CONNECT.entreprise_logout_endpoint
|
||||
return
|
||||
elsif connected_with_france_connect == 'particulier'
|
||||
redirect_to FRANCE_CONNECT.particulier_logout_endpoint
|
||||
return
|
||||
end
|
||||
end
|
||||
|
||||
respond_to_on_destroy
|
||||
end
|
||||
|
||||
def no_procedure
|
||||
|
@ -62,4 +80,13 @@ class Users::SessionsController < Sessions::SessionsController
|
|||
|
||||
NumberService.to_number session["user_return_to"].split("?procedure_id=").second
|
||||
end
|
||||
|
||||
def try_to_authenticate(klass)
|
||||
if resource = klass.find_for_database_authentication(email: params[:user][:email])
|
||||
if resource.valid_password?(params[:user][:password])
|
||||
sign_in resource
|
||||
set_flash_message :notice, :signed_in
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -33,6 +33,41 @@ describe Users::SessionsController, type: :controller do
|
|||
|
||||
it { is_expected.to be_falsey }
|
||||
end
|
||||
|
||||
context "when associated gestionnaire" do
|
||||
let(:user) { create(:user, email: 'unique@plop.com', password: 'password') }
|
||||
let(:gestionnaire) { create(:gestionnaire, email: 'unique@plop.com', password: 'password') }
|
||||
|
||||
it 'signs user in' do
|
||||
post :create, user: { email: user.email, password: user.password }
|
||||
expect(@response.redirect?).to be(true)
|
||||
expect(subject.current_user).to eq(user)
|
||||
expect(subject.current_gestionnaire).to be(nil)
|
||||
expect(user.reload.loged_in_with_france_connect).to be(nil)
|
||||
end
|
||||
|
||||
it 'signs gestionnaire in' do
|
||||
post :create, user: { email: gestionnaire.email, password: gestionnaire.password }
|
||||
expect(@response.redirect?).to be(true)
|
||||
expect(subject.current_user).to be(nil)
|
||||
expect(subject.current_gestionnaire).to eq(gestionnaire)
|
||||
end
|
||||
|
||||
it 'signs user + gestionnaire in' do
|
||||
post :create, user: { email: user.email, password: gestionnaire.password }
|
||||
expect(@response.redirect?).to be(true)
|
||||
expect(subject.current_user).to eq(user)
|
||||
expect(subject.current_gestionnaire).to eq(gestionnaire)
|
||||
expect(user.reload.loged_in_with_france_connect).to be(nil)
|
||||
end
|
||||
|
||||
it 'fails to sign in with bad credentials' do
|
||||
post :create, user: { email: user.email, password: 'wrong_password' }
|
||||
expect(@response.unauthorized?).to be(true)
|
||||
expect(subject.current_user).to be(nil)
|
||||
expect(subject.current_gestionnaire).to be(nil)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe '.destroy' do
|
||||
|
@ -66,6 +101,41 @@ describe Users::SessionsController, type: :controller do
|
|||
expect(response).to redirect_to(root_path)
|
||||
end
|
||||
end
|
||||
|
||||
context "when associated gestionnaire" do
|
||||
let(:user) { create(:user, email: 'unique@plop.com', password: 'password') }
|
||||
let(:gestionnaire) { create(:gestionnaire, email: 'unique@plop.com', password: 'password') }
|
||||
|
||||
it 'signs user out' do
|
||||
sign_in user
|
||||
delete :destroy
|
||||
expect(@response.redirect?).to be(true)
|
||||
expect(subject.current_user).to be(nil)
|
||||
end
|
||||
|
||||
it 'signs gestionnaire out' do
|
||||
sign_in gestionnaire
|
||||
delete :destroy
|
||||
expect(@response.redirect?).to be(true)
|
||||
expect(subject.current_gestionnaire).to be(nil)
|
||||
end
|
||||
|
||||
it 'signs user + gestionnaire out' do
|
||||
sign_in user
|
||||
sign_in gestionnaire
|
||||
delete :destroy
|
||||
expect(@response.redirect?).to be(true)
|
||||
expect(subject.current_user).to be(nil)
|
||||
expect(subject.current_gestionnaire).to be(nil)
|
||||
end
|
||||
|
||||
it 'signs user out from france connect' do
|
||||
user.update_attributes(loged_in_with_france_connect: 'particulier')
|
||||
sign_in user
|
||||
delete :destroy
|
||||
expect(@response.headers["Location"]).to eq(FRANCE_CONNECT.particulier_logout_endpoint)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe '.new' do
|
||||
|
@ -106,4 +176,4 @@ describe Users::SessionsController, type: :controller do
|
|||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue