Sign user + gestionnaire in (OpenSimplif)
Hacks into users/sessions to sign in and sign out a gestionnaire and/or a user at the same time, as long as credentials are identical (same email, same password).
This commit is contained in:
parent
c0fd8c7290
commit
b87d6a77e1
2 changed files with 113 additions and 16 deletions
|
@ -22,29 +22,47 @@ class Users::SessionsController < Sessions::SessionsController
|
||||||
|
|
||||||
#POST /resource/sign_in
|
#POST /resource/sign_in
|
||||||
def create
|
def create
|
||||||
super
|
try_to_authenticate(User)
|
||||||
|
try_to_authenticate(Gestionnaire)
|
||||||
|
|
||||||
|
if user_signed_in?
|
||||||
current_user.update_attributes(loged_in_with_france_connect: '')
|
current_user.update_attributes(loged_in_with_france_connect: '')
|
||||||
end
|
end
|
||||||
|
|
||||||
|
if gestionnaire_signed_in?
|
||||||
|
redirect_to backoffice_path
|
||||||
|
elsif user_signed_in?
|
||||||
|
redirect_to after_sign_in_path_for(:user)
|
||||||
|
else
|
||||||
|
new
|
||||||
|
render :new, status: 401
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
# DELETE /resource/sign_out
|
# DELETE /resource/sign_out
|
||||||
def destroy
|
def destroy
|
||||||
|
if gestionnaire_signed_in?
|
||||||
|
sign_out :gestionnaire
|
||||||
|
end
|
||||||
|
|
||||||
|
if user_signed_in?
|
||||||
connected_with_france_connect = current_user.loged_in_with_france_connect
|
connected_with_france_connect = current_user.loged_in_with_france_connect
|
||||||
current_user.update_attributes(loged_in_with_france_connect: '')
|
current_user.update_attributes(loged_in_with_france_connect: '')
|
||||||
|
|
||||||
signed_out = (Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name))
|
sign_out :user
|
||||||
set_flash_message :notice, :signed_out if signed_out && is_flashing_format?
|
|
||||||
yield if block_given?
|
|
||||||
|
|
||||||
if connected_with_france_connect == 'entreprise'
|
if connected_with_france_connect == 'entreprise'
|
||||||
redirect_to FRANCE_CONNECT.entreprise_logout_endpoint
|
redirect_to FRANCE_CONNECT.entreprise_logout_endpoint
|
||||||
|
return
|
||||||
elsif connected_with_france_connect == 'particulier'
|
elsif connected_with_france_connect == 'particulier'
|
||||||
redirect_to FRANCE_CONNECT.particulier_logout_endpoint
|
redirect_to FRANCE_CONNECT.particulier_logout_endpoint
|
||||||
else
|
return
|
||||||
respond_to_on_destroy
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
respond_to_on_destroy
|
||||||
|
end
|
||||||
|
|
||||||
def no_procedure
|
def no_procedure
|
||||||
session['user_return_to'] = nil
|
session['user_return_to'] = nil
|
||||||
redirect_to new_user_session_path
|
redirect_to new_user_session_path
|
||||||
|
@ -62,4 +80,13 @@ class Users::SessionsController < Sessions::SessionsController
|
||||||
|
|
||||||
NumberService.to_number session["user_return_to"].split("?procedure_id=").second
|
NumberService.to_number session["user_return_to"].split("?procedure_id=").second
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def try_to_authenticate(klass)
|
||||||
|
if resource = klass.find_for_database_authentication(email: params[:user][:email])
|
||||||
|
if resource.valid_password?(params[:user][:password])
|
||||||
|
sign_in resource
|
||||||
|
set_flash_message :notice, :signed_in
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -33,6 +33,41 @@ describe Users::SessionsController, type: :controller do
|
||||||
|
|
||||||
it { is_expected.to be_falsey }
|
it { is_expected.to be_falsey }
|
||||||
end
|
end
|
||||||
|
|
||||||
|
context "when associated gestionnaire" do
|
||||||
|
let(:user) { create(:user, email: 'unique@plop.com', password: 'password') }
|
||||||
|
let(:gestionnaire) { create(:gestionnaire, email: 'unique@plop.com', password: 'password') }
|
||||||
|
|
||||||
|
it 'signs user in' do
|
||||||
|
post :create, user: { email: user.email, password: user.password }
|
||||||
|
expect(@response.redirect?).to be(true)
|
||||||
|
expect(subject.current_user).to eq(user)
|
||||||
|
expect(subject.current_gestionnaire).to be(nil)
|
||||||
|
expect(user.reload.loged_in_with_france_connect).to be(nil)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'signs gestionnaire in' do
|
||||||
|
post :create, user: { email: gestionnaire.email, password: gestionnaire.password }
|
||||||
|
expect(@response.redirect?).to be(true)
|
||||||
|
expect(subject.current_user).to be(nil)
|
||||||
|
expect(subject.current_gestionnaire).to eq(gestionnaire)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'signs user + gestionnaire in' do
|
||||||
|
post :create, user: { email: user.email, password: gestionnaire.password }
|
||||||
|
expect(@response.redirect?).to be(true)
|
||||||
|
expect(subject.current_user).to eq(user)
|
||||||
|
expect(subject.current_gestionnaire).to eq(gestionnaire)
|
||||||
|
expect(user.reload.loged_in_with_france_connect).to be(nil)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'fails to sign in with bad credentials' do
|
||||||
|
post :create, user: { email: user.email, password: 'wrong_password' }
|
||||||
|
expect(@response.unauthorized?).to be(true)
|
||||||
|
expect(subject.current_user).to be(nil)
|
||||||
|
expect(subject.current_gestionnaire).to be(nil)
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe '.destroy' do
|
describe '.destroy' do
|
||||||
|
@ -66,6 +101,41 @@ describe Users::SessionsController, type: :controller do
|
||||||
expect(response).to redirect_to(root_path)
|
expect(response).to redirect_to(root_path)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
context "when associated gestionnaire" do
|
||||||
|
let(:user) { create(:user, email: 'unique@plop.com', password: 'password') }
|
||||||
|
let(:gestionnaire) { create(:gestionnaire, email: 'unique@plop.com', password: 'password') }
|
||||||
|
|
||||||
|
it 'signs user out' do
|
||||||
|
sign_in user
|
||||||
|
delete :destroy
|
||||||
|
expect(@response.redirect?).to be(true)
|
||||||
|
expect(subject.current_user).to be(nil)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'signs gestionnaire out' do
|
||||||
|
sign_in gestionnaire
|
||||||
|
delete :destroy
|
||||||
|
expect(@response.redirect?).to be(true)
|
||||||
|
expect(subject.current_gestionnaire).to be(nil)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'signs user + gestionnaire out' do
|
||||||
|
sign_in user
|
||||||
|
sign_in gestionnaire
|
||||||
|
delete :destroy
|
||||||
|
expect(@response.redirect?).to be(true)
|
||||||
|
expect(subject.current_user).to be(nil)
|
||||||
|
expect(subject.current_gestionnaire).to be(nil)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'signs user out from france connect' do
|
||||||
|
user.update_attributes(loged_in_with_france_connect: 'particulier')
|
||||||
|
sign_in user
|
||||||
|
delete :destroy
|
||||||
|
expect(@response.headers["Location"]).to eq(FRANCE_CONNECT.particulier_logout_endpoint)
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe '.new' do
|
describe '.new' do
|
||||||
|
|
Loading…
Reference in a new issue