Merge branch 'dev'

This commit is contained in:
gregoirenovel 2018-03-28 10:24:59 +02:00
commit c20689c9cc
21 changed files with 271 additions and 70 deletions

View file

@ -46,6 +46,7 @@ gem 'openid_connect'
gem 'omniauth-github'
gem 'rest-client'
gem 'typhoeus'
gem 'clamav-client', require: 'clamav/client'

View file

@ -196,6 +196,8 @@ GEM
http_parser.rb (~> 0.6.0)
erubi (1.7.0)
erubis (2.7.0)
ethon (0.11.0)
ffi (>= 1.3.0)
eventmachine (1.2.5)
excon (0.60.0)
execjs (2.7.0)
@ -730,6 +732,8 @@ GEM
turbolinks (5.1.0)
turbolinks-source (~> 5.1)
turbolinks-source (5.1.0)
typhoeus (1.3.0)
ethon (>= 0.9.0)
tzinfo (1.2.5)
thread_safe (~> 0.1)
uglifier (4.1.7)
@ -854,6 +858,7 @@ DEPENDENCIES
therubyracer
timecop
turbolinks
typhoeus
uglifier (>= 1.3.0)
unicode_utils
unicorn

View file

@ -1,4 +1,6 @@
$(document).on('turbolinks:load', the_terms);
$(document)
.on('turbolinks:load', the_terms)
.on('turbolinks:load', handle_siret_form_errors);
function the_terms() {
var the_terms = $("#dossier_autorisation_donnees");
@ -41,3 +43,13 @@ function toggle_etape_1() {
$('.row.etape.etape_1 .etapes-menu #logos').toggle(100);
$('.row.etape.etape_1 .etapes-informations #description_procedure').toggle(100);
}
function handle_siret_form_errors() {
$(".form-inline[data-remote]").on("ajax:error", function(event) {
var input = $('#dossier-siret', event.target);
if (input.length) {
var invalid_siret = input.val();
error_form_siret(invalid_siret);
}
});
}

View file

@ -1,10 +1,5 @@
module Manager
class DemandesController < Manager::ApplicationController
PIPEDRIVE_PEOPLE_URL = 'https://api.pipedrive.com/v1/persons'
PIPEDRIVE_POSTE_ATTRIBUTE_ID = '33a790746f1713d712fe97bcce9ac1ca6374a4d6'
PIPEDRIVE_DEV_ID = '2748449'
PIPEDRIVE_CAMILLE_ID = '3189424'
def index
@pending_demandes = pending_demandes
end
@ -13,7 +8,12 @@ module Manager
administrateur = current_administration.invite_admin(create_administrateur_params[:email])
if administrateur.errors.empty?
change_person_owner(create_administrateur_params[:person_id], PIPEDRIVE_CAMILLE_ID)
PipedriveAcceptsDealsJob.perform_later(
create_administrateur_params[:person_id],
PipedriveService::PIPEDRIVE_CAMILLE_ID,
create_administrateur_params[:stage_id]
)
flash.notice = "Administrateur créé"
redirect_to manager_demandes_path
else
@ -23,18 +23,28 @@ module Manager
end
end
private
def refuse_administrateur
PipedriveRefusesDealsJob.perform_later(
refuse_administrateur_params[:person_id],
PipedriveService::PIPEDRIVE_CAMILLE_ID
)
def change_person_owner(person_id, owner_id)
url = PIPEDRIVE_PEOPLE_URL + "/#{person_id}?api_token=#{PIPEDRIVE_TOKEN}"
AdministrationMailer
.refuse_admin(refuse_administrateur_params[:email])
.deliver_later
params = { 'owner_id': owner_id }
RestClient.put(url, params.to_json, { content_type: :json })
flash.notice = "La demande de #{refuse_administrateur_params[:email]} va être refusée"
redirect_to manager_demandes_path
end
private
def create_administrateur_params
params.require(:administrateur).permit(:email, :person_id)
params.permit(:email, :person_id, :stage_id)
end
def refuse_administrateur_params
params.permit(:email, :person_id)
end
def pending_demandes
@ -46,29 +56,7 @@ module Manager
end
def demandes
@demandes ||= fetch_demandes
end
def fetch_demandes
params = {
start: 0,
limit: 500,
user_id: PIPEDRIVE_DEV_ID,
api_token: PIPEDRIVE_TOKEN
}
response = RestClient.get(PIPEDRIVE_PEOPLE_URL, { params: params })
json = JSON.parse(response.body)
json['data'].map do |datum|
{
person_id: datum['id'],
nom: datum['name'],
poste: datum[PIPEDRIVE_POSTE_ATTRIBUTE_ID],
email: datum.dig('email', 0, 'value'),
organisation: datum['org_name']
}
end
@demandes ||= PipedriveService.fetch_people_demandes
end
end
end

View file

@ -95,11 +95,11 @@ module NewUser
end
def dossier_with_champs
@dossier_with_champs ||= current_user.dossiers.includes(champs: :type_de_champ).find(params[:id])
@dossier_with_champs ||= current_user.dossiers.with_ordered_champs.find(params[:id])
end
def ensure_ownership!
if dossier.user != current_user
if dossier.user_id != current_user.id
flash[:alert] = "Vous n'avez pas accès à ce dossier"
redirect_to root_path
end

View file

@ -106,15 +106,11 @@ class Users::DossiersController < UsersController
update_current_user_siret!(siret)
etablissement_attributes = SIRETService.fetch(siret, @facade.dossier)
Rails.logger.info("etablissement_attributes for siret: #{siret}, present?: #{etablissement_attributes.present?}")
if etablissement_attributes.present?
etablissement_attributes = ActionController::Parameters.new(etablissement_attributes).permit!
etablissement = @facade.dossier.build_etablissement(etablissement_attributes)
if etablissement.save
Rails.logger.info("etablissement saved, siret: #{siret}, id: #{etablissement.id}")
else
Rails.logger.info("etablissement not saved, siret: #{siret}, errors: #{etablissement.errors.full_messages}")
if !etablissement.save
return errors_valid_siret
end
else
@ -128,9 +124,6 @@ class Users::DossiersController < UsersController
else
render '/dossiers/new_siret', formats: 'js'
end
rescue RestClient::ResourceNotFound, RestClient::BadRequest
errors_valid_siret
rescue ActiveRecord::RecordNotFound
flash.alert = t('errors.messages.dossier_not_found')
redirect_to url_for users_dossiers_path

View file

@ -0,0 +1,5 @@
class PipedriveAcceptsDealsJob < ApplicationJob
def perform(person_id, owner_id, stage_id)
PipedriveService.accept_deals_from_person(person_id, owner_id, stage_id)
end
end

View file

@ -0,0 +1,5 @@
class PipedriveRefusesDealsJob < ApplicationJob
def perform(person_id, owner_id)
PipedriveService.refuse_deals_from_person(person_id, owner_id)
end
end

View file

@ -8,6 +8,8 @@ class ApiEntreprise::API
EXERCICES_RESOURCE_NAME = "exercices"
RNA_RESOURCE_NAME = "associations"
TIMEOUT = 15
def initialize
end
@ -30,11 +32,17 @@ class ApiEntreprise::API
def self.call(resource_name, siret_or_siren, procedure_id)
url = url(resource_name, siret_or_siren)
params = params(siret_or_siren, procedure_id)
verify_ssl_mode = OpenSSL::SSL::VERIFY_NONE
result = RestClient::Resource.new(url, verify_ssl: verify_ssl_mode).get(params: params)
response = Typhoeus.get(url,
ssl_verifypeer: false,
params: params,
timeout: TIMEOUT)
JSON.parse(result, symbolize_names: true)
if response.success? && response.code != 206
JSON.parse(response.body, symbolize_names: true)
else
raise RestClient::ResourceNotFound
end
end
def self.url(resource_name, siret_or_siren)

View file

@ -11,11 +11,18 @@ class AdministrationMailer < ApplicationMailer
def invite_admin(admin, reset_password_token)
@reset_password_token = reset_password_token
@admin = admin
mail(to: admin.email,
subject: "demarches-simplifiees.fr - Activez votre compte administrateur",
reply_to: "contact@demarches-simplifiees.fr")
end
def refuse_admin(admin_email)
mail(to: admin_email,
subject: "demarches-simplifiees.fr - Votre demande de compte a été refusée",
reply_to: "contact@demarches-simplifiees.fr")
end
def dubious_procedures(procedures_and_type_de_champs)
@procedures_and_type_de_champs = procedures_and_type_de_champs
mail(to: 'equipe@demarches-simplifiees.fr',

View file

@ -60,6 +60,7 @@ class Dossier < ApplicationRecord
scope :en_cours, -> { not_archived.state_en_construction_ou_instruction }
scope :without_followers, -> { left_outer_joins(:follows).where(follows: { id: nil }) }
scope :followed_by, -> (gestionnaire) { joins(:follows).where(follows: { gestionnaire: gestionnaire }) }
scope :with_ordered_champs, -> { includes(champs: :type_de_champ).order('types_de_champ.order_place') }
accepts_nested_attributes_for :individual
@ -108,10 +109,6 @@ class Dossier < ApplicationRecord
champs.joins(', types_de_champ').where("champs.type_de_champ_id = types_de_champ.id AND types_de_champ.procedure_id = #{procedure.id}").order('order_place')
end
def ordered_champs_v2
champs.includes(:type_de_champ).order('types_de_champ.order_place')
end
def ordered_champs_private
# TODO: use the line below when the procedure preview does not leak champ with dossier_id == 0
# champs_private.includes(:type_de_champ).order('types_de_champ.order_place')

View file

@ -0,0 +1,102 @@
class PipedriveService
PIPEDRIVE_POSTE_ATTRIBUTE_ID = '33a790746f1713d712fe97bcce9ac1ca6374a4d6'
PIPEDRIVE_ROBOT_ID = '2748449'
PIPEDRIVE_CAMILLE_ID = '3189424'
PIPEDRIVE_ALL_NOT_DELETED_DEALS = 'all_not_deleted'
PIPEDRIVE_LOST_STATUS = "lost"
PIPEDRIVE_LOST_REASON = "refusé depuis DS"
PIPEDRIVE_ADMIN_CENTRAL_STOCK_STAGE_ID = 35
PIPEDRIVE_REGIONS_STOCK_STAGE_ID = 24
PIPEDRIVE_PREFECTURES_STOCK_STAGE_ID = 20
PIPEDRIVE_DEPARTEMENTS_STOCK_STAGE_ID = 30
PIPEDRIVE_COMMUNES_STOCK_STAGE_ID = 40
PIPEDRIVE_ORGANISMES_STOCK_STAGE_ID = 1
PIPEDRIVE_ORGANISMES_REFUSES_STOCK_STAGE_ID = 45
class << self
def accept_deals_from_person(person_id, owner_id, stage_id)
waiting_deal_ids = fetch_waiting_deal_ids(person_id)
waiting_deal_ids.each { |deal_id| update_deal_owner_and_stage(deal_id, owner_id, stage_id) }
update_person_owner(person_id, owner_id)
end
def refuse_deals_from_person(person_id, owner_id)
waiting_deal_ids = fetch_waiting_deal_ids(person_id)
waiting_deal_ids.each { |deal_id| refuse_deal(deal_id, owner_id) }
update_person_owner(person_id, owner_id)
end
def fetch_people_demandes
params = {
start: 0,
limit: 500,
user_id: PIPEDRIVE_ROBOT_ID,
api_token: PIPEDRIVE_TOKEN
}
response = RestClient.get(PIPEDRIVE_PEOPLE_URL, { params: params })
json = JSON.parse(response.body)
json['data'].map do |datum|
{
person_id: datum['id'],
nom: datum['name'],
poste: datum[PIPEDRIVE_POSTE_ATTRIBUTE_ID],
email: datum.dig('email', 0, 'value'),
organisation: datum['org_name']
}
end
end
private
def refuse_deal(deal_id, owner_id)
url = PIPEDRIVE_DEALS_URL + "/#{deal_id}?api_token=#{PIPEDRIVE_TOKEN}"
params = {
user_id: owner_id,
stage_id: PIPEDRIVE_ORGANISMES_REFUSES_STOCK_STAGE_ID,
status: PIPEDRIVE_LOST_STATUS,
lost_reason: PIPEDRIVE_LOST_REASON
}
RestClient.put(url, params.to_json, { content_type: :json })
end
def fetch_waiting_deal_ids(person_id)
url = [PIPEDRIVE_PEOPLE_URL, person_id, "deals"].join('/')
params = {
start: 0,
limit: 500,
status: PIPEDRIVE_ALL_NOT_DELETED_DEALS,
api_token: PIPEDRIVE_TOKEN
}
response = RestClient.get(url, params: params)
json = JSON.parse(response.body)
json['data'].map { |datum| datum['id'] }
end
def update_deal_owner_and_stage(deal_id, owner_id, stage_id)
url = PIPEDRIVE_DEALS_URL + "/#{deal_id}?api_token=#{PIPEDRIVE_TOKEN}"
params = { user_id: owner_id, stage_id: stage_id }
RestClient.put(url, params.to_json, { content_type: :json })
end
def update_person_owner(person_id, owner_id)
url = PIPEDRIVE_PEOPLE_URL + "/#{person_id}?api_token=#{PIPEDRIVE_TOKEN}"
params = { owner_id: owner_id }
RestClient.put(url, params.to_json, { content_type: :json })
end
end
end

View file

@ -3,18 +3,32 @@
Bonjour,
%br
%br
Nous vous invitons à activer votre compte administrateur sur demarches-simplifiees.fr.
Je vous remercie de lintérêt que vous portez à notre outil de dématérialisation de démarches.
%br
%br
Pour le faire, merci de cliquer sur le lien suivant :
= link_to admin_activate_url(token: @reset_password_token), admin_activate_url(token: @reset_password_token)
Votre compte administrateur a été créé pour l'adresse email #{@admin.email}. Pour lactiver, je vous invite à cliquer sur le lien suivant :
= link_to(admin_activate_url(token: @reset_password_token), admin_activate_url(token: @reset_password_token))
%br
%br
Bonne journée,
Afin de vous accompagner dans la découverte de demarches-simplifiees.fr, je vous propose de mappeler pour faire un point sur vos besoins de dématérialisation.
%br
Vous pouvez me joindre au numéro suivant : 01 76 42 02 87.
%br
%br
L'équipe demarches-simplifiees.fr (anciennement Téléprocédures Simplifiées)
Je vous invite également à consulter notre site de documentation qui regroupe l'ensemble des informations relatives à demarches-simplifiees.fr ainsi que des tutoriels dutilisation :
= link_to('https://demarches-simplifiees.gitbook.io/demarches-simplifiees/', 'https://demarches-simplifiees.gitbook.io/demarches-simplifiees/')
%br
%br
Nous vous rappelons qu'en utilisant notre service, vous vous engagez à respecter nos
= link_to "conditions générales d'utilisation", CGU_URL
Cordialement,
%br
%br
Camille Garrigue
%br
%br
Équipe demarches-simplifiees.fr
%br
Téléphone (standard) : 01 76 42 02 87
%br
Incubateur de Services Numériques / beta.gouv.fr
%br
Services du Premier Ministre, 20 avenue de Ségur, 75007 Paris

View file

@ -0,0 +1,17 @@
- content_for(:title, 'Demande de création de compte refusée')
Bonjour,
%br
%br
Les comptes administrateurs sont destinés aux administrations publiques souhaitant mettre en place des démarches dématérialisées avec demarches-simplifiees.fr. Il ne semble pas que ce soit votre cas.
%br
%br
Pour les usagers qui souhaitent remplir une démarche, lentrée dans demarches-simplifiees.fr se fait via un lien fourni par ladministration responsable, sur son propre site web. Ce lien vous permettra de créer un compte et de remplir le formulaire dans la foulée.
%br
%br
Si par contre vous rencontrez des problèmes lors de l'utilisation de demarches-simplifiees.fr en tant qu'usager, merci d'expliciter le problème rencontré.
%br
%br
Cordialement,
%br
L'équipe demarches-simplifiees.fr

View file

@ -29,10 +29,30 @@
<%= demande[key] %>
</td>
<% end %>
<td class="cell-data cell-data--string">
<%= button_to('Créer',
manager_demandes_create_administrateur_path,
params: { administrateur: { email: demande[:email], person_id: demande[:person_id] } }) %>
<td class="cell-data cell-data--string" style="text-align: center;">
<%= form_tag(manager_demandes_create_administrateur_path) do -%>
<%= select_tag "stage_id",
options_for_select({
"administration centrale" => PipedriveService::PIPEDRIVE_ADMIN_CENTRAL_STOCK_STAGE_ID,
"région" => PipedriveService::PIPEDRIVE_REGIONS_STOCK_STAGE_ID,
"préfecture" => PipedriveService::PIPEDRIVE_PREFECTURES_STOCK_STAGE_ID,
"département" =>PipedriveService::PIPEDRIVE_DEPARTEMENTS_STOCK_STAGE_ID,
"commune" => PipedriveService::PIPEDRIVE_COMMUNES_STOCK_STAGE_ID,
"organisme" => PipedriveService::PIPEDRIVE_ORGANISMES_STOCK_STAGE_ID
}),
style: 'margin-bottom: 20px; width: inherit;' %>
<%= hidden_field_tag 'email', demande[:email] %>
<%= hidden_field_tag 'person_id', demande[:person_id] %>
<%= submit_tag 'Créer' %>
<% end -%>
</td>
<td class="cell-data cell-data--string" style="text-align: center;">
<%= button_to('Refuser',
manager_demandes_refuse_administrateur_path,
params: { person_id: demande[:person_id], email: demande[:email] },
style: 'background-color: #FFFFFF; color: #293f54; border: 1px solid #dfe0e1') %>
</td>
</tr>
<% end %>

View file

@ -7,7 +7,7 @@
%p.thanks Les champs avec une asterisque (*) sont obligatoires.
= form_for @dossier, html: { class: 'form', multipart: true } do |f|
= f.fields_for :champs, @dossier.ordered_champs_v2 do |champ_form|
= f.fields_for :champs, @dossier.champs do |champ_form|
- champ = champ_form.object
= render partial: "shared/dossiers/editable_champs/editable_champ",
locals: { champ: champ, form: champ_form }

View file

@ -3,3 +3,7 @@ if Rails.env.production?
else
API_ENTREPRISE_URL = 'https://staging.entreprise.api.gouv.fr/v2'
end
PIPEDRIVE_API_URL = 'https://api.pipedrive.com/v1/'
PIPEDRIVE_PEOPLE_URL = URI.join(PIPEDRIVE_API_URL, 'persons').to_s
PIPEDRIVE_DEALS_URL = URI.join(PIPEDRIVE_API_URL, 'deals').to_s

View file

@ -12,6 +12,7 @@ Rails.application.routes.draw do
resources :demandes, only: [:index]
post 'demandes/create_administrateur'
post 'demandes/refuse_administrateur'
authenticate :administration do
match "/delayed_job" => DelayedJobWeb, :anchor => false, :via => [:get, :post]

View file

@ -7,8 +7,9 @@ RSpec.describe FindDubiousProceduresJob, type: :job do
let(:allowed_tdc) { create(:type_de_champ, libelle: 'fournir') }
before do
allow(AdministrationMailer).to receive(:dubious_procedures)
.and_return(mailer_double)
allow(AdministrationMailer).to receive(:dubious_procedures) do |arg|
@dubious_procedures_args = arg
end.and_return(mailer_double)
procedure.types_de_champ << tdcs
FindDubiousProceduresJob.new.perform
@ -25,8 +26,10 @@ RSpec.describe FindDubiousProceduresJob, type: :job do
let(:tdcs) { forbidden_tdcs + [allowed_tdc] }
it 'mails tech about the dubious procedure' do
expect(AdministrationMailer).to have_received(:dubious_procedures)
.with([[procedure, forbidden_tdcs]])
receive_procedure, receive_forbidden_tdcs = @dubious_procedures_args[0]
expect(receive_procedure).to eq(procedure)
expect(receive_forbidden_tdcs).to match(forbidden_tdcs)
end
context 'and a whitelisted procedure' do

View file

@ -10,4 +10,8 @@ class AdministrationMailerPreview < ActionMailer::Preview
def invite_admin
AdministrationMailer.invite_admin(Administrateur.last, "12345678")
end
def refuse_admin
AdministrationMailer.refuse_admin('bad_admin@pipo.com')
end
end

View file

@ -10,6 +10,21 @@ describe Dossier do
it { expect(Dossier.without_followers.to_a).to eq([dossier2]) }
end
describe 'with_ordered_champs' do
let(:procedure) { create(:procedure) }
let(:dossier) { Dossier.create(user: create(:user), procedure: procedure) }
before do
create(:type_de_champ, libelle: 'l1', order_place: 1, procedure: procedure)
create(:type_de_champ, libelle: 'l3', order_place: 3, procedure: procedure)
create(:type_de_champ, libelle: 'l2', order_place: 2, procedure: procedure)
end
it do
expect(Dossier.with_ordered_champs.find(dossier.id).champs.map(&:libelle)).to match(%w(l1 l2 l3))
end
end
describe 'methods' do
let(:dossier) { create(:dossier, :with_entreprise, user: user) }