can add a demarche
This commit is contained in:
simon lehericey
parent
928c12e065
commit
bc583e0fe2
3 changed files with 62 additions and 1 deletions
|
|
@ -55,6 +55,14 @@ module Administrateurs
|
|||
|
||||
h[:authorized_networks] = networks
|
||||
end
|
||||
|
||||
if procedure_to_add.present?
|
||||
to_add = current_administrateur
|
||||
.procedure_ids
|
||||
.intersection([procedure_to_add])
|
||||
|
||||
h[:allowed_procedure_ids] =
|
||||
(Array.wrap(@api_token.allowed_procedure_ids) + to_add).uniq
|
||||
end
|
||||
|
||||
if params[:name].present?
|
||||
|
|
@ -133,6 +141,10 @@ module Administrateurs
|
|||
params[:name]
|
||||
end
|
||||
|
||||
def procedure_to_add
|
||||
params[:procedure_to_add]&.to_i
|
||||
end
|
||||
|
||||
def write_access
|
||||
params[:access] == "read_write"
|
||||
end
|
||||
|
|
|
|||
|
|
@ -47,6 +47,29 @@
|
|||
- if @invalid_network_message.present?
|
||||
%p.fr-error-text= @invalid_network_message
|
||||
|
||||
= form_with url: admin_api_token_path(@api_token), method: :patch, html: { class: 'fr-mt-2w' } do |f|
|
||||
.fr-mb-4w
|
||||
- if @api_token.full_access?
|
||||
%p Votre jeton d'API a accès à toutes vos démarches.
|
||||
= hidden_field_tag :procedure_to_add, '[]'
|
||||
%button.fr-btn.fr-btn--secondary.fr-btn--sm Restreindre l'accès à certaines les démarches
|
||||
- else
|
||||
.fr-select-group
|
||||
%label.fr-label{ for: 'procedure_to_add' } Ajouter des démarches autorisées
|
||||
.flex
|
||||
= f.select :value,
|
||||
options_for_select(@libelle_id_procedures),
|
||||
{ include_blank: true },
|
||||
{ class: 'fr-select width-33',
|
||||
name: 'procedure_to_add'}
|
||||
|
||||
%button.fr-btn.fr-btn--secondary.fr-ml-1w Ajouter
|
||||
|
||||
%ul.fr-mb-4w
|
||||
- @api_token.procedures.each do |procedure|
|
||||
%li{ id: dom_id(procedure, :authorized) }
|
||||
= procedure.libelle
|
||||
|
||||
%ul.fr-btns-group.fr-btns-group--inline
|
||||
%li
|
||||
= link_to 'Revenir', profil_path, class: "fr-btn fr-btn--secondary"
|
||||
|
|
|
|||
|
|
@ -98,9 +98,10 @@ describe Administrateurs::APITokensController, type: :controller do
|
|||
|
||||
describe 'update' do
|
||||
let(:token) { APIToken.generate(admin).first }
|
||||
let(:params) { { name:, networks: } }
|
||||
let(:params) { { name:, networks:, procedure_to_add: } }
|
||||
let(:name) { 'new name' }
|
||||
let(:networks) { '118.218.200.200' }
|
||||
let(:procedure_to_add) { nil }
|
||||
|
||||
subject { patch :update, params: params.merge(id: token.id) }
|
||||
|
||||
|
|
@ -138,5 +139,30 @@ describe Administrateurs::APITokensController, type: :controller do
|
|||
expect(assigns(:invalid_network_message)).to eq("Vous ne pouvez pas supprimer les restrictions d'accès à l'API d'un jeton permanent.")
|
||||
end
|
||||
end
|
||||
|
||||
context 'with a legitime procedure to add' do
|
||||
let(:params) { { procedure_to_add: procedure.id } }
|
||||
|
||||
before { subject; token.reload }
|
||||
|
||||
it { expect(token.allowed_procedure_ids).to eq([procedure.id]) }
|
||||
end
|
||||
|
||||
context 'with a procedure to add not owned by the admin' do
|
||||
let(:another_procedure) { create(:procedure, administrateurs: [create(:administrateur)]) }
|
||||
let(:params) { { procedure_to_add: another_procedure.id } }
|
||||
|
||||
before { subject; token.reload }
|
||||
|
||||
it { expect(token.allowed_procedure_ids).to eq([]) }
|
||||
end
|
||||
|
||||
context 'with an empty procedure to add' do
|
||||
let(:params) { { procedure_to_add: '' } }
|
||||
|
||||
before { subject; token.reload }
|
||||
|
||||
it { expect(token.allowed_procedure_ids).to eq([]) }
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Reference in a new issue