fix(pj_template): private proxy template url so their links are non expirable
Closes #7920
This commit is contained in:
parent
6f5cd5a2ad
commit
b9d6397a9b
8 changed files with 52 additions and 5 deletions
|
@ -5,12 +5,19 @@ class Dsfr::DownloadComponent < ApplicationComponent
|
||||||
attr_reader :html_class
|
attr_reader :html_class
|
||||||
attr_reader :name
|
attr_reader :name
|
||||||
|
|
||||||
def initialize(attachment:, name: nil)
|
def initialize(attachment:, name: nil, url: nil)
|
||||||
@attachment = attachment
|
@attachment = attachment
|
||||||
@name = name || attachment.filename.to_s
|
@name = name || attachment.filename.to_s
|
||||||
|
@url = url
|
||||||
end
|
end
|
||||||
|
|
||||||
def title
|
def title
|
||||||
t(".title", filename: attachment.filename.to_s)
|
t(".title", filename: attachment.filename.to_s)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def url
|
||||||
|
return @url if @url.present?
|
||||||
|
|
||||||
|
helpers.url_for(@attachment.blob)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
.fr-download
|
.fr-download
|
||||||
%p
|
%p
|
||||||
= link_to url_for(attachment.blob), download: "", class: "fr-download__link", title: title do
|
= link_to url, download: "", class: "fr-download__link", title: title do
|
||||||
= name
|
= name
|
||||||
%span.fr-download__detail
|
%span.fr-download__detail
|
||||||
= helpers.download_details(attachment)
|
= helpers.download_details(attachment)
|
||||||
|
|
|
@ -4,4 +4,4 @@
|
||||||
= render Attachment::MultipleComponent.new(champ: @champ, attached_file: @champ.piece_justificative_file, form_object_name: @form.object_name, user_can_destroy:, user_can_download:, max:) do |c|
|
= render Attachment::MultipleComponent.new(champ: @champ, attached_file: @champ.piece_justificative_file, form_object_name: @form.object_name, user_can_destroy:, user_can_download:, max:) do |c|
|
||||||
- if @champ.type_de_champ.piece_justificative_template&.attached?
|
- if @champ.type_de_champ.piece_justificative_template&.attached?
|
||||||
- c.with_template do
|
- c.with_template do
|
||||||
= render partial: "shared/piece_justificative_template", locals: { attachment: @champ.type_de_champ.piece_justificative_template }
|
= render partial: "shared/piece_justificative_template", locals: { champ: @champ }
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
- user_can_destroy = !@champ.mandatory? || @champ.dossier.brouillon?
|
- user_can_destroy = !@champ.mandatory? || @champ.dossier.brouillon?
|
||||||
|
|
||||||
- if @champ.type_de_champ.piece_justificative_template&.attached?
|
- if @champ.type_de_champ.piece_justificative_template&.attached?
|
||||||
= render partial: "shared/piece_justificative_template", locals: { attachment: @champ.type_de_champ.piece_justificative_template }
|
= render partial: "shared/piece_justificative_template", locals: { champ: @champ }
|
||||||
= render Attachment::EditComponent.new(champ: @form.object, attached_file: @champ.piece_justificative_file, attachment: @champ.piece_justificative_file[0], form_object_name: @form.object_name, user_can_destroy:)
|
= render Attachment::EditComponent.new(champ: @form.object, attached_file: @champ.piece_justificative_file, attachment: @champ.piece_justificative_file[0], form_object_name: @form.object_name, user_can_destroy:)
|
||||||
|
|
|
@ -17,6 +17,10 @@ class Champs::PieceJustificativeController < ApplicationController
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def template
|
||||||
|
redirect_to @champ.type_de_champ.piece_justificative_template.blob
|
||||||
|
end
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
def set_champ
|
def set_champ
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
= render Dsfr::DownloadComponent.new(attachment: attachment, name: "Modèle à télécharger") do |c|
|
= render Dsfr::DownloadComponent.new(attachment: champ.type_de_champ.piece_justificative_template, url: champs_piece_justificative_template_path(champ), name: "Modèle à télécharger") do |c|
|
||||||
- if administrateur_signed_in?
|
- if administrateur_signed_in?
|
||||||
- c.with_right do
|
- c.with_right do
|
||||||
%span.fr-ml-2w.fr-text--xs.fr-text-mention--grey.visible-on-previous-hover
|
%span.fr-ml-2w.fr-text--xs.fr-text-mention--grey.visible-on-previous-hover
|
||||||
|
|
|
@ -168,6 +168,7 @@ Rails.application.routes.draw do
|
||||||
|
|
||||||
get ':champ_id/piece_justificative', to: 'piece_justificative#show', as: :piece_justificative
|
get ':champ_id/piece_justificative', to: 'piece_justificative#show', as: :piece_justificative
|
||||||
put ':champ_id/piece_justificative', to: 'piece_justificative#update', as: :attach_piece_justificative
|
put ':champ_id/piece_justificative', to: 'piece_justificative#update', as: :attach_piece_justificative
|
||||||
|
get ':champ_id/piece_justificative/template', to: 'piece_justificative#template', as: :piece_justificative_template
|
||||||
end
|
end
|
||||||
|
|
||||||
resources :attachments, only: [:show, :destroy]
|
resources :attachments, only: [:show, :destroy]
|
||||||
|
|
|
@ -66,4 +66,39 @@ describe Champs::PieceJustificativeController, type: :controller do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe '#template' do
|
||||||
|
before { Timecop.freeze }
|
||||||
|
after { Timecop.return }
|
||||||
|
|
||||||
|
subject do
|
||||||
|
get :template, params: {
|
||||||
|
champ_id: champ.id
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
|
context "user signed in" do
|
||||||
|
before { sign_in user }
|
||||||
|
|
||||||
|
it 'redirects to the template' do
|
||||||
|
subject
|
||||||
|
expect(response).to redirect_to(champ.type_de_champ.piece_justificative_template.blob)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context "another user signed in" do
|
||||||
|
before { sign_in create(:user) }
|
||||||
|
|
||||||
|
it "should not share template url" do
|
||||||
|
expect { subject }.to raise_error(ActiveRecord::RecordNotFound)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context "user anonymous" do
|
||||||
|
it 'does not redirect to the template' do
|
||||||
|
subject
|
||||||
|
expect(response).to redirect_to(new_user_session_path)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue