From e08f59ffb8a324b96c0a64585198f98de1477372 Mon Sep 17 00:00:00 2001 From: Mathieu Magnin Date: Thu, 15 Mar 2018 11:43:02 +0100 Subject: [PATCH 1/7] [Fix #1500] Use urls.rb from this repository --- config/deploy.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/config/deploy.rb b/config/deploy.rb index fe5517566..fdd424f79 100644 --- a/config/deploy.rb +++ b/config/deploy.rb @@ -61,7 +61,6 @@ set :shared_paths, [ 'config/initializers/features.yml', "config/environments/#{rails_env}.rb", "config/initializers/token.rb", - "config/initializers/urls.rb", "config/initializers/super_admin.rb", "config/unicorn.rb", "config/initializers/raven.rb", From ab368d44a184ce0f7d49d06820f5383398f55b67 Mon Sep 17 00:00:00 2001 From: Mathieu Magnin Date: Thu, 15 Mar 2018 12:02:45 +0100 Subject: [PATCH 2/7] [Fix #1500] Add mandatory params to call api entreprise v2 --- app/lib/siade/api.rb | 24 +++++++++++++------- app/lib/siade/entreprise_adapter.rb | 5 ++-- app/lib/siade/etablissement_adapter.rb | 5 ++-- app/lib/siade/exercices_adapter.rb | 5 ++-- app/lib/siade/rna_adapter.rb | 5 ++-- app/services/siret_service.rb | 8 +++---- spec/features/users/complete_demande_spec.rb | 8 +++---- spec/features/users/dossier_creation_spec.rb | 8 +++---- spec/features/users/start_demande_spec.rb | 8 +++---- spec/lib/siade/api_spec.rb | 15 ++++++------ spec/lib/siade/entreprise_adapter_spec.rb | 7 +++--- spec/lib/siade/etablissement_adapter_spec.rb | 10 ++++---- spec/lib/siade/exercices_adapter_spec.rb | 3 ++- spec/lib/siade/rna_adapter_spec.rb | 3 ++- 14 files changed, 66 insertions(+), 48 deletions(-) diff --git a/app/lib/siade/api.rb b/app/lib/siade/api.rb index a007d2fc1..b74bdc1d7 100644 --- a/app/lib/siade/api.rb +++ b/app/lib/siade/api.rb @@ -6,24 +6,24 @@ class SIADE::API def initialize end - def self.entreprise(siren) + def self.entreprise(siren, procedure_id) endpoint = "/v2/entreprises/#{siren}" - call(base_url + endpoint) + call(base_url + endpoint, mandatory_params(siren, procedure_id)) end - def self.etablissement(siret) + def self.etablissement(siret, procedure_id) endpoint = "/v2/etablissements/#{siret}" - call(base_url + endpoint) + call(base_url + endpoint, mandatory_params(siret, procedure_id)) end - def self.exercices(siret) + def self.exercices(siret, procedure_id) endpoint = "/v2/exercices/#{siret}" - call(base_url + endpoint) + call(base_url + endpoint, mandatory_params(siret, procedure_id)) end - def self.rna(siret) + def self.rna(siret, procedure_id) endpoint = "/v2/associations/#{siret}" - call(base_url + endpoint) + call(base_url + endpoint, mandatory_params(siret, procedure_id)) end def self.call(url, params = {}) @@ -37,6 +37,14 @@ class SIADE::API ).get(params: params) end + def self.mandatory_params(siret_or_siren, procedure_id) + { + context: "demarches-simplifiees.fr", + recipient: siret_or_siren, + object: "procedure_id: #{procedure_id}" + } + end + def self.base_url SIADEURL end diff --git a/app/lib/siade/entreprise_adapter.rb b/app/lib/siade/entreprise_adapter.rb index b86833225..ef2f31946 100644 --- a/app/lib/siade/entreprise_adapter.rb +++ b/app/lib/siade/entreprise_adapter.rb @@ -1,10 +1,11 @@ class SIADE::EntrepriseAdapter - def initialize(siren) + def initialize(siren, procedure_id) @siren = siren + @procedure_id = procedure_id end def data_source - @data_source ||= JSON.parse(SIADE::API.entreprise(@siren), symbolize_names: true) + @data_source ||= JSON.parse(SIADE::API.entreprise(@siren, @procedure_id), symbolize_names: true) rescue @data_source = nil end diff --git a/app/lib/siade/etablissement_adapter.rb b/app/lib/siade/etablissement_adapter.rb index 80adf6650..d96b43c2b 100644 --- a/app/lib/siade/etablissement_adapter.rb +++ b/app/lib/siade/etablissement_adapter.rb @@ -1,10 +1,11 @@ class SIADE::EtablissementAdapter - def initialize(siret) + def initialize(siret, procedure_id) @siret = siret + @procedure_id = procedure_id end def data_source - @data_source ||= JSON.parse(SIADE::API.etablissement(@siret), symbolize_names: true) + @data_source ||= JSON.parse(SIADE::API.etablissement(@siret, @procedure_id), symbolize_names: true) end def success? diff --git a/app/lib/siade/exercices_adapter.rb b/app/lib/siade/exercices_adapter.rb index db8193829..daa42d241 100644 --- a/app/lib/siade/exercices_adapter.rb +++ b/app/lib/siade/exercices_adapter.rb @@ -1,10 +1,11 @@ class SIADE::ExercicesAdapter - def initialize(siret) + def initialize(siret, procedure_id) @siret = siret + @procedure_id = procedure_id end def data_source - @data_source ||= JSON.parse(SIADE::API.exercices(@siret), symbolize_names: true) + @data_source ||= JSON.parse(SIADE::API.exercices(@siret, @procedure_id), symbolize_names: true) rescue @data_source = nil end diff --git a/app/lib/siade/rna_adapter.rb b/app/lib/siade/rna_adapter.rb index cfae4ec9f..78d9c25e6 100644 --- a/app/lib/siade/rna_adapter.rb +++ b/app/lib/siade/rna_adapter.rb @@ -1,10 +1,11 @@ class SIADE::RNAAdapter - def initialize(siret) + def initialize(siret, procedure_id) @siret = siret + @procedure_id = procedure_id end def data_source - @data_source ||= JSON.parse(SIADE::API.rna(@siret), symbolize_names: true) + @data_source ||= JSON.parse(SIADE::API.rna(@siret, @procedure_id), symbolize_names: true) end def to_params diff --git a/app/services/siret_service.rb b/app/services/siret_service.rb index f4df8856b..613f1c36c 100644 --- a/app/services/siret_service.rb +++ b/app/services/siret_service.rb @@ -1,11 +1,11 @@ class SIRETService def self.fetch(siret, dossier = nil) - etablissement = SIADE::EtablissementAdapter.new(siret) - entreprise = SIADE::EntrepriseAdapter.new(siren(siret)) + etablissement = SIADE::EtablissementAdapter.new(siret, dossier&.procedure_id) + entreprise = SIADE::EntrepriseAdapter.new(siren(siret), dossier&.procedure_id) if etablissement.success? && entreprise.success? - association = SIADE::RNAAdapter.new(siret) - exercices = SIADE::ExercicesAdapter.new(siret) + association = SIADE::RNAAdapter.new(siret, dossier&.procedure_id) + exercices = SIADE::ExercicesAdapter.new(siret, dossier&.procedure_id) params = etablissement.to_params .merge(entreprise.to_params.map { |k,v| ["entreprise_#{k}", v] }.to_h) diff --git a/spec/features/users/complete_demande_spec.rb b/spec/features/users/complete_demande_spec.rb index bd782c5a2..5d8391174 100644 --- a/spec/features/users/complete_demande_spec.rb +++ b/spec/features/users/complete_demande_spec.rb @@ -30,14 +30,14 @@ feature 'user path for dossier creation' do end context 'sets siret' do before do - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/etablissements/#{siret}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/etablissements\/#{siret}?.*token=/) .to_return(body: File.read('spec/support/files/etablissement.json', status: 200)) - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/entreprises/#{siren}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/entreprises\/#{siren}?.*token=/) .to_return(status: 200, body: File.read('spec/support/files/entreprise.json')) - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/exercices/#{siret}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/exercices\/#{siret}?.*token=/) .to_return(status: 200, body: File.read('spec/support/files/exercices.json')) - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/associations/#{siret}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/associations\/#{siret}?.*token=/) .to_return(status: 404, body: '') page.find_by_id('dossier-siret').set siret diff --git a/spec/features/users/dossier_creation_spec.rb b/spec/features/users/dossier_creation_spec.rb index 989822067..aed39137e 100644 --- a/spec/features/users/dossier_creation_spec.rb +++ b/spec/features/users/dossier_creation_spec.rb @@ -67,13 +67,13 @@ feature 'As a User I wanna create a dossier' do visit commencer_path(procedure_path: procedure_with_siret.path) expect(page).to have_current_path(users_dossier_path(procedure_with_siret.dossiers.last.id.to_s)) fill_in 'dossier-siret', with: siret - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/etablissements/#{siret}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/etablissements\/#{siret}?.*token=/) .to_return(status: 200, body: File.read('spec/support/files/etablissement.json')) - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/entreprises/#{siren}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/entreprises\/#{siren}?.*token=/) .to_return(status: 200, body: File.read('spec/support/files/entreprise.json')) - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/exercices/#{siret}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/exercices\/#{siret}?.*token=/) .to_return(status: 200, body: File.read('spec/support/files/exercices.json')) - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/associations/#{siret}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/associations\/#{siret}?.*token=/) .to_return(status: 404, body: '') page.find_by_id('dossier-siret').set siret page.find_by_id('submit-siret').click diff --git a/spec/features/users/start_demande_spec.rb b/spec/features/users/start_demande_spec.rb index c78e29cb0..e1f141928 100644 --- a/spec/features/users/start_demande_spec.rb +++ b/spec/features/users/start_demande_spec.rb @@ -26,13 +26,13 @@ feature 'user arrive on siret page' do end context 'when enter a siret', js: true do before do - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/etablissements/#{siret}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/etablissements\/#{siret}?.*token=/) .to_return(status: 200, body: File.read('spec/support/files/etablissement.json')) - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/entreprises/#{siren}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/entreprises\/#{siren}?.*token=/) .to_return(status: 200, body: File.read('spec/support/files/entreprise.json')) - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/exercices/#{siret}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/exercices\/#{siret}?.*token=/) .to_return(status: 200, body: File.read('spec/support/files/exercices.json')) - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/associations/#{siret}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/associations\/#{siret}?.*token=/) .to_return(status: 404, body: '') page.find_by_id('dossier-siret').set siret diff --git a/spec/lib/siade/api_spec.rb b/spec/lib/siade/api_spec.rb index ab9732265..ed91c998d 100644 --- a/spec/lib/siade/api_spec.rb +++ b/spec/lib/siade/api_spec.rb @@ -1,10 +1,11 @@ require 'spec_helper' describe SIADE::API do + let(:procedure_id) { 12 } describe '.entreprise' do - subject { described_class.entreprise(siren) } + subject { described_class.entreprise(siren, procedure_id) } before do - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/entreprises/#{siren}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/entreprises\/#{siren}?.*token=/) .to_return(status: status, body: body) end context 'when siren does not exist' do @@ -28,9 +29,9 @@ describe SIADE::API do end describe '.etablissement' do - subject { described_class.etablissement(siret) } + subject { described_class.etablissement(siret, procedure_id) } before do - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/etablissements/#{siret}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/etablissements\/#{siret}?.*token=/) .to_return(status: status, body: body) end @@ -62,7 +63,7 @@ describe SIADE::API do end context 'when siret does not exist' do - subject { described_class.exercices(siret) } + subject { described_class.exercices(siret, procedure_id) } let(:siret) { '11111111111111' } let(:status) { 404 } @@ -74,7 +75,7 @@ describe SIADE::API do end context 'when siret exists' do - subject { described_class.exercices(siret) } + subject { described_class.exercices(siret, procedure_id) } let(:siret) { '41816609600051' } let(:status) { 200 } @@ -92,7 +93,7 @@ describe SIADE::API do .to_return(status: status, body: body) end - subject { described_class.rna(siren) } + subject { described_class.rna(siren, procedure_id) } context 'when siren does not exist' do let(:siren) { '111111111' } diff --git a/spec/lib/siade/entreprise_adapter_spec.rb b/spec/lib/siade/entreprise_adapter_spec.rb index 161aac0a2..c1248c5b5 100644 --- a/spec/lib/siade/entreprise_adapter_spec.rb +++ b/spec/lib/siade/entreprise_adapter_spec.rb @@ -2,11 +2,12 @@ require 'spec_helper' describe SIADE::EntrepriseAdapter do let(:siren) { '418166096' } - let(:adapter) { described_class.new(siren) } + let(:procedure_id) { 22 } + let(:adapter) { described_class.new(siren, procedure_id) } subject { adapter.to_params } before do - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/entreprises/#{siren}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/entreprises\/#{siren}?.*token=/) .to_return(body: File.read('spec/support/files/entreprise.json', status: 200)) end @@ -69,7 +70,7 @@ describe SIADE::EntrepriseAdapter do end context 'Mandataire sociaux' do - subject { described_class.new(siren).to_params[:mandataires_sociaux] } + subject { described_class.new(siren, procedure_id).to_params[:mandataires_sociaux] } it '#to_params class est une Hash ?' do expect(subject).to be_an_instance_of(Array) diff --git a/spec/lib/siade/etablissement_adapter_spec.rb b/spec/lib/siade/etablissement_adapter_spec.rb index 4a328aa03..d078fbeb9 100644 --- a/spec/lib/siade/etablissement_adapter_spec.rb +++ b/spec/lib/siade/etablissement_adapter_spec.rb @@ -1,12 +1,14 @@ require 'spec_helper' describe SIADE::EtablissementAdapter do + let(:procedure_id) { 33 } + context 'SIRET valide' do let(:siret) { '41816609600051' } - subject { described_class.new(siret).to_params } + subject { described_class.new(siret, procedure_id).to_params } before do - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/etablissements/#{siret}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/etablissements\/#{siret}?.*token=/) .to_return(body: File.read('spec/support/files/etablissement.json', status: 200)) end @@ -70,10 +72,10 @@ describe SIADE::EtablissementAdapter do context 'when siret is not found' do let(:bad_siret) { 11_111_111_111_111 } - subject { described_class.new(bad_siret).to_params } + subject { described_class.new(bad_siret, 12).to_params } before do - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/etablissements/#{bad_siret}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/etablissements\/#{bad_siret}?.*token=/) .to_return(body: 'Fake body', status: 404) end diff --git a/spec/lib/siade/exercices_adapter_spec.rb b/spec/lib/siade/exercices_adapter_spec.rb index 10a244faf..303650322 100644 --- a/spec/lib/siade/exercices_adapter_spec.rb +++ b/spec/lib/siade/exercices_adapter_spec.rb @@ -2,7 +2,8 @@ require 'spec_helper' describe SIADE::ExercicesAdapter do let(:siret) { '41816609600051' } - subject { described_class.new(siret).to_params } + let(:procedure_id) { 11 } + subject { described_class.new(siret, procedure_id).to_params } before do stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/exercices\/.*token=/) diff --git a/spec/lib/siade/rna_adapter_spec.rb b/spec/lib/siade/rna_adapter_spec.rb index dda9c8275..835280433 100644 --- a/spec/lib/siade/rna_adapter_spec.rb +++ b/spec/lib/siade/rna_adapter_spec.rb @@ -2,9 +2,10 @@ require 'spec_helper' describe SIADE::RNAAdapter do let(:siret) { '50480511000013' } + let(:procedure_id) { 22 } let(:body) { File.read('spec/support/files/rna.json') } let(:status) { 200 } - let(:adapter) { described_class.new(siret) } + let(:adapter) { described_class.new(siret, procedure_id) } subject { adapter.to_params } From 29f35f29a9fbe1a8cba461481ab4616b68207fc4 Mon Sep 17 00:00:00 2001 From: gregoirenovel Date: Thu, 15 Mar 2018 15:01:06 +0100 Subject: [PATCH 3/7] [Fix #1628] Change phone number --- app/views/layouts/_new_header.haml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/layouts/_new_header.haml b/app/views/layouts/_new_header.haml index d081195e5..01a230c03 100644 --- a/app/views/layouts/_new_header.haml +++ b/app/views/layouts/_new_header.haml @@ -26,7 +26,7 @@ .contact-details Vous avez besoin d’aide ? Contactez-nous : %br - – par téléphone : 09 72 62 57 12 + – par téléphone : 01 76 42 02 87 %br – par email : contact@demarches-simplifiees.fr From 87d19480236c1ba58e7868bc2c4653a80a9d78ed Mon Sep 17 00:00:00 2001 From: Paul Chavard Date: Thu, 8 Mar 2018 17:41:54 +0100 Subject: [PATCH 4/7] Add token authentication to API --- app/controllers/api/v1/dossiers_controller.rb | 2 -- .../api/v1/procedures_controller.rb | 1 - app/controllers/api_controller.rb | 26 +++++++++++++++++-- .../api/v1/dossiers_controller_spec.rb | 15 +++++++++++ 4 files changed, 39 insertions(+), 5 deletions(-) diff --git a/app/controllers/api/v1/dossiers_controller.rb b/app/controllers/api/v1/dossiers_controller.rb index 5303f2f68..4ecf8fcb4 100644 --- a/app/controllers/api/v1/dossiers_controller.rb +++ b/app/controllers/api/v1/dossiers_controller.rb @@ -1,7 +1,6 @@ class API::V1::DossiersController < APIController api :GET, '/procedures/:procedure_id/dossiers/', 'Liste de tous les dossiers d\'une procédure' param :procedure_id, Integer, desc: "L'identifiant de la procédure", required: true - param :token, String, desc: "Token administrateur", required: true error code: 401, desc: "Non authorisé" error code: 404, desc: "Procédure inconnue" @@ -17,7 +16,6 @@ class API::V1::DossiersController < APIController api :GET, '/procedures/:procedure_id/dossiers/:id', 'Informations du dossier d\'une procédure' param :procedure_id, Integer, desc: "L'identifiant de la procédure", required: true param :dossier_id, Integer, desc: "L'identifiant du dossier", required: true - param :token, String, desc: "Token administrateur", required: true error code: 401, desc: "Non authorisé" error code: 404, desc: "Procédure ou dossier inconnu" diff --git a/app/controllers/api/v1/procedures_controller.rb b/app/controllers/api/v1/procedures_controller.rb index efdca6fa3..a51e2cd97 100644 --- a/app/controllers/api/v1/procedures_controller.rb +++ b/app/controllers/api/v1/procedures_controller.rb @@ -1,7 +1,6 @@ class API::V1::ProceduresController < APIController api :GET, '/procedures/:id', 'Informations concernant une procédure' param :id, Integer, desc: "L'identifiant de la procédure", required: true - param :token, String, desc: "Token administrateur", required: true error code: 401, desc: "Non authorisé" error code: 404, desc: "Procédure inconnue" diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb index 3f561fb23..8e30824e2 100644 --- a/app/controllers/api_controller.rb +++ b/app/controllers/api_controller.rb @@ -2,8 +2,20 @@ class APIController < ApplicationController before_action :authenticate_user before_action :default_format_json + resource_description do + description <<-EOS + L'authentification de l'API se fait via un header HTTP : + + ``` + Authorization: Bearer <Token administrateur> + ``` + EOS + end + def authenticate_user - render json: {}, status: 401 if !valid_token? + if !valid_token? + request_http_token_authentication + end end protected @@ -13,7 +25,17 @@ class APIController < ApplicationController end def current_administrateur - @administrateur ||= Administrateur.find_by(api_token: params[:token]) + @administrateur ||= (authenticate_with_bearer_token || authenticate_with_param_token) + end + + def authenticate_with_bearer_token + authenticate_with_http_token do |token, options| + Administrateur.find_by(api_token: token) + end + end + + def authenticate_with_param_token + Administrateur.find_by(api_token: params[:token]) end def default_format_json diff --git a/spec/controllers/api/v1/dossiers_controller_spec.rb b/spec/controllers/api/v1/dossiers_controller_spec.rb index 3cd4e4f35..d27c49e04 100644 --- a/spec/controllers/api/v1/dossiers_controller_spec.rb +++ b/spec/controllers/api/v1/dossiers_controller_spec.rb @@ -7,6 +7,21 @@ describe API::V1::DossiersController do it { expect(described_class).to be < APIController } + describe 'GET index (with bearer token)' do + let(:authorization_header) { ActionController::HttpAuthentication::Token.encode_credentials(admin.api_token) } + let(:retour) do + request.env['HTTP_AUTHORIZATION'] = authorization_header + get :index, params: { procedure_id: procedure_id } + end + + subject { retour } + + context 'when procedure is not found' do + let(:procedure_id) { 99_999_999 } + it { expect(subject.code).to eq('404') } + end + end + describe 'GET index' do let(:retour) { get :index, params: { token: admin.api_token, procedure_id: procedure_id } } From e4f07dbae67f5b6ab59f2a1e77e6826d6408f094 Mon Sep 17 00:00:00 2001 From: Paul Chavard Date: Thu, 8 Mar 2018 17:42:12 +0100 Subject: [PATCH 5/7] Document pagination params in api and allow to set `per_page` limit --- app/controllers/api/v1/dossiers_controller.rb | 6 +++++- spec/controllers/api/v1/dossiers_controller_spec.rb | 2 +- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/app/controllers/api/v1/dossiers_controller.rb b/app/controllers/api/v1/dossiers_controller.rb index 4ecf8fcb4..e4a09dc02 100644 --- a/app/controllers/api/v1/dossiers_controller.rb +++ b/app/controllers/api/v1/dossiers_controller.rb @@ -1,6 +1,10 @@ class API::V1::DossiersController < APIController + DEFAULT_PAGE_SIZE = 100 + api :GET, '/procedures/:procedure_id/dossiers/', 'Liste de tous les dossiers d\'une procédure' param :procedure_id, Integer, desc: "L'identifiant de la procédure", required: true + param :page, String, desc: "Numéro de la page", required: false + param :resultats_par_page, String, desc: "Nombre de résultats par page (#{DEFAULT_PAGE_SIZE} par défaut, maximum 1 000)", required: false error code: 401, desc: "Non authorisé" error code: 404, desc: "Procédure inconnue" @@ -39,6 +43,6 @@ class API::V1::DossiersController < APIController end def per_page # inherited value from will_paginate - 12 + [params[:resultats_par_page] || DEFAULT_PAGE_SIZE, 1000].min end end diff --git a/spec/controllers/api/v1/dossiers_controller_spec.rb b/spec/controllers/api/v1/dossiers_controller_spec.rb index d27c49e04..a0388a4b8 100644 --- a/spec/controllers/api/v1/dossiers_controller_spec.rb +++ b/spec/controllers/api/v1/dossiers_controller_spec.rb @@ -56,7 +56,7 @@ describe API::V1::DossiersController do it { is_expected.to have_key(:page) } it { expect(subject[:page]).to eq(1) } it { is_expected.to have_key(:resultats_par_page) } - it { expect(subject[:resultats_par_page]).to eq(12) } + it { expect(subject[:resultats_par_page]).to eq(described_class.const_get(:DEFAULT_PAGE_SIZE)) } it { is_expected.to have_key(:nombre_de_page) } it { expect(subject[:nombre_de_page]).to eq(1) } end From 2441d21f4bfc1805efeb6fb898af13694e65e2a6 Mon Sep 17 00:00:00 2001 From: Mathieu Magnin Date: Thu, 15 Mar 2018 18:07:40 +0100 Subject: [PATCH 6/7] Fix siade tests --- spec/controllers/users/dossiers_controller_spec.rb | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/spec/controllers/users/dossiers_controller_spec.rb b/spec/controllers/users/dossiers_controller_spec.rb index 7da275a7c..9c7d21787 100644 --- a/spec/controllers/users/dossiers_controller_spec.rb +++ b/spec/controllers/users/dossiers_controller_spec.rb @@ -178,19 +178,19 @@ describe Users::DossiersController, type: :controller do let(:user) { create(:user) } before do - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/etablissements/#{siret_not_found}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/etablissements\/#{siret_not_found}?.*token=/) .to_return(status: 404, body: 'fake body') - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/etablissements/#{siret}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/etablissements\/#{siret}?.*token=/) .to_return(status: status_entreprise_call, body: File.read('spec/support/files/etablissement.json')) - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/entreprises/#{siren}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/entreprises\/#{siren}?.*token=/) .to_return(status: status_entreprise_call, body: File.read('spec/support/files/entreprise.json')) - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/exercices/#{siret}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/exercices\/#{siret}?.*token=/) .to_return(status: exercices_status, body: exercices_body) - stub_request(:get, "https://staging.entreprise.api.gouv.fr/v2/associations/#{siret}?token=#{SIADETOKEN}") + stub_request(:get, /https:\/\/staging.entreprise.api.gouv.fr\/v2\/associations\/#{siret}?.*token=/) .to_return(status: rna_status, body: rna_body) dossier From d60765880f788d6af932fc3c6f81f1928b07f95e Mon Sep 17 00:00:00 2001 From: Frederic Merizen Date: Fri, 16 Mar 2018 10:10:43 +0100 Subject: [PATCH 7/7] Fix authentication token description --- app/controllers/api/v1/dossiers_controller.rb | 4 ++++ .../api/v1/procedures_controller.rb | 4 ++++ app/controllers/api_controller.rb | 18 ++++++++---------- 3 files changed, 16 insertions(+), 10 deletions(-) diff --git a/app/controllers/api/v1/dossiers_controller.rb b/app/controllers/api/v1/dossiers_controller.rb index e4a09dc02..b275f41b2 100644 --- a/app/controllers/api/v1/dossiers_controller.rb +++ b/app/controllers/api/v1/dossiers_controller.rb @@ -1,6 +1,10 @@ class API::V1::DossiersController < APIController DEFAULT_PAGE_SIZE = 100 + resource_description do + description AUTHENTICATION_TOKEN_DESCRIPTION + end + api :GET, '/procedures/:procedure_id/dossiers/', 'Liste de tous les dossiers d\'une procédure' param :procedure_id, Integer, desc: "L'identifiant de la procédure", required: true param :page, String, desc: "Numéro de la page", required: false diff --git a/app/controllers/api/v1/procedures_controller.rb b/app/controllers/api/v1/procedures_controller.rb index a51e2cd97..f983b9d21 100644 --- a/app/controllers/api/v1/procedures_controller.rb +++ b/app/controllers/api/v1/procedures_controller.rb @@ -1,4 +1,8 @@ class API::V1::ProceduresController < APIController + resource_description do + description AUTHENTICATION_TOKEN_DESCRIPTION + end + api :GET, '/procedures/:id', 'Informations concernant une procédure' param :id, Integer, desc: "L'identifiant de la procédure", required: true error code: 401, desc: "Non authorisé" diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb index 8e30824e2..d1ab966a5 100644 --- a/app/controllers/api_controller.rb +++ b/app/controllers/api_controller.rb @@ -1,17 +1,15 @@ class APIController < ApplicationController + AUTHENTICATION_TOKEN_DESCRIPTION = <<-EOS + L'authentification de l'API se fait via un header HTTP : + + ``` + Authorization: Bearer <Token administrateur> + ``` + EOS + before_action :authenticate_user before_action :default_format_json - resource_description do - description <<-EOS - L'authentification de l'API se fait via un header HTTP : - - ``` - Authorization: Bearer <Token administrateur> - ``` - EOS - end - def authenticate_user if !valid_token? request_http_token_authentication