From 806e5d5eed933d947a5e63de3ffda171b5b4f182 Mon Sep 17 00:00:00 2001 From: Christian Lautier <15379878+maatinito@users.noreply.github.com> Date: Thu, 12 Mar 2020 08:46:41 -1000 Subject: [PATCH 1/3] eIDAS level added to France Connect authorization call --- app/services/france_connect_service.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/services/france_connect_service.rb b/app/services/france_connect_service.rb index a0ba7fb04..4249c4710 100644 --- a/app/services/france_connect_service.rb +++ b/app/services/france_connect_service.rb @@ -5,7 +5,8 @@ class FranceConnectService client.authorization_uri( scope: [:profile, :email], state: SecureRandom.hex(16), - nonce: SecureRandom.hex(16) + nonce: SecureRandom.hex(16), + acr_values: 'eidas1' ) end From c707a21f97b879724aa1815150231171e020a64c Mon Sep 17 00:00:00 2001 From: Paul Chavard Date: Wed, 25 Mar 2020 18:08:32 +0100 Subject: [PATCH 2/3] Rename delete_and_keep_track -> discard_and_keep_track --- Gemfile.lock | 2 +- app/controllers/manager/dossiers_controller.rb | 10 +++++----- app/controllers/users/dossiers_controller.rb | 2 +- app/models/dossier.rb | 6 +++++- app/models/user.rb | 2 +- app/views/manager/dossiers/show.html.erb | 6 +++--- config/routes.rb | 2 +- spec/controllers/manager/dossiers_controller_spec.rb | 12 ++++++------ spec/models/dossier_spec.rb | 4 ++-- spec/models/user_spec.rb | 4 ++-- 10 files changed, 27 insertions(+), 23 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index d28ce5d8a..2e4aafdf1 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -189,7 +189,7 @@ GEM activejob (>= 5.0) devise (>= 4.0) diff-lcs (1.3) - discard (1.1.0) + discard (1.2.0) activerecord (>= 4.2, < 7) domain_name (0.5.20180417) unf (>= 0.0.5, < 1.0.0) diff --git a/app/controllers/manager/dossiers_controller.rb b/app/controllers/manager/dossiers_controller.rb index c4c076cd8..143dbf048 100644 --- a/app/controllers/manager/dossiers_controller.rb +++ b/app/controllers/manager/dossiers_controller.rb @@ -8,11 +8,11 @@ module Manager # this will be used to set the records shown on the `index` action. def scoped_resource if unfiltered_list? - # Don't display deleted dossiers in the unfiltered list… - Dossier + # Don't display discarded dossiers in the unfiltered list… + Dossier.kept else # … but allow them to be searched and displayed. - Dossier.unscope(:where) + Dossier.with_discarded end end @@ -20,9 +20,9 @@ module Manager # Custom actions # - def hide + def discard dossier = Dossier.find(params[:id]) - dossier.delete_and_keep_track!(current_administration, :manager_request) + dossier.discard_and_keep_track!(current_administration, :manager_request) logger.info("Le dossier #{dossier.id} est supprimé par #{current_administration.email}") flash[:notice] = "Le dossier #{dossier.id} a été supprimé." diff --git a/app/controllers/users/dossiers_controller.rb b/app/controllers/users/dossiers_controller.rb index f90716df6..48dc56f3d 100644 --- a/app/controllers/users/dossiers_controller.rb +++ b/app/controllers/users/dossiers_controller.rb @@ -209,7 +209,7 @@ module Users dossier = current_user.dossiers.includes(:user, procedure: :administrateurs).find(params[:id]) if dossier.can_be_deleted_by_user? - dossier.delete_and_keep_track!(current_user, :user_request) + dossier.discard_and_keep_track!(current_user, :user_request) flash.notice = 'Votre dossier a bien été supprimé.' redirect_to dossiers_path else diff --git a/app/models/dossier.rb b/app/models/dossier.rb index 56169df18..544acfd20 100644 --- a/app/models/dossier.rb +++ b/app/models/dossier.rb @@ -340,6 +340,10 @@ class Dossier < ApplicationRecord brouillon? || en_construction? end + def can_be_deleted_by_manager? + kept? && can_be_deleted_by_user? + end + def messagerie_available? !brouillon? && !archived end @@ -467,7 +471,7 @@ class Dossier < ApplicationRecord end end - def delete_and_keep_track!(author, reason) + def discard_and_keep_track!(author, reason) if keep_track_on_deletion? && en_construction? deleted_dossier = DeletedDossier.create_from_dossier(self, reason) diff --git a/app/models/user.rb b/app/models/user.rb index 0657a4b17..692f81b0d 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -120,7 +120,7 @@ class User < ApplicationRecord end dossiers.each do |dossier| - dossier.delete_and_keep_track!(administration, :user_removed) + dossier.discard_and_keep_track!(administration, :user_removed) end dossiers.with_discarded.destroy_all destroy! diff --git a/app/views/manager/dossiers/show.html.erb b/app/views/manager/dossiers/show.html.erb index b8a1ec640..140497f4c 100644 --- a/app/views/manager/dossiers/show.html.erb +++ b/app/views/manager/dossiers/show.html.erb @@ -22,7 +22,7 @@ as well as a link to its edit page. diff --git a/config/routes.rb b/config/routes.rb index e3c7f3552..c3cb95419 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -15,7 +15,7 @@ Rails.application.routes.draw do end resources :dossiers, only: [:index, :show] do - post 'hide', on: :member + post 'discard', on: :member post 'repasser_en_instruction', on: :member end diff --git a/spec/controllers/manager/dossiers_controller_spec.rb b/spec/controllers/manager/dossiers_controller_spec.rb index cc835e6d6..c64100a22 100644 --- a/spec/controllers/manager/dossiers_controller_spec.rb +++ b/spec/controllers/manager/dossiers_controller_spec.rb @@ -1,20 +1,20 @@ describe Manager::DossiersController, type: :controller do - describe '#hide' do + describe '#discard' do let(:administration) { create :administration } - let!(:dossier) { create(:dossier) } + let(:dossier) { create(:dossier) } before do sign_in administration - post :hide, params: { id: dossier.id } + post :discard, params: { id: dossier.id } dossier.reload end - it { expect(dossier.hidden_at).not_to be_nil } + it { expect(dossier.discarded?).to be_truthy } end describe '#repasser_en_instruction' do let(:administration) { create :administration } - let!(:dossier) { create(:dossier, :accepte) } + let(:dossier) { create(:dossier, :accepte) } before do sign_in administration @@ -22,6 +22,6 @@ describe Manager::DossiersController, type: :controller do dossier.reload end - it { expect(dossier.en_instruction?).to be true } + it { expect(dossier.en_instruction?).to be_truthy } end end diff --git a/spec/models/dossier_spec.rb b/spec/models/dossier_spec.rb index aeb1ff777..a003a56bc 100644 --- a/spec/models/dossier_spec.rb +++ b/spec/models/dossier_spec.rb @@ -670,7 +670,7 @@ describe Dossier do end end - describe "#delete_and_keep_track!" do + describe "#discard_and_keep_track!" do let(:dossier) { create(:dossier, :en_construction) } let(:deleted_dossier) { DeletedDossier.find_by(dossier_id: dossier.id) } let(:last_operation) { dossier.dossier_operation_logs.last } @@ -681,7 +681,7 @@ describe Dossier do allow(DossierMailer).to receive(:notify_deletion_to_administration).and_return(double(deliver_later: nil)) end - subject! { dossier.delete_and_keep_track!(dossier.user, reason) } + subject! { dossier.discard_and_keep_track!(dossier.user, reason) } context 'brouillon' do let(:dossier) { create(:dossier) } diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index 7c6af4d69..084d2a6e0 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -278,7 +278,7 @@ describe User, type: :model do end it "keep track of dossiers and delete user" do - dossier_cache.delete_and_keep_track!(administration, :user_request) + dossier_cache.discard_and_keep_track!(administration, :user_request) user.delete_and_keep_track_dossiers(administration) expect(DeletedDossier.find_by(dossier_id: dossier_en_construction)).to be_present @@ -287,7 +287,7 @@ describe User, type: :model do end it "doesn't destroy dossiers of another user" do - dossier_cache.delete_and_keep_track!(administration, :user_request) + dossier_cache.discard_and_keep_track!(administration, :user_request) user.delete_and_keep_track_dossiers(administration) expect(Dossier.find_by(id: dossier_from_another_user.id)).to be_present From c763679b545f6c0beefba8d21da449ba21cdaf04 Mon Sep 17 00:00:00 2001 From: Paul Chavard Date: Thu, 26 Mar 2020 16:17:07 +0100 Subject: [PATCH 3/3] Remove non-existant columns from manager dashboards --- app/dashboards/administrateur_dashboard.rb | 2 -- app/dashboards/instructeur_dashboard.rb | 2 -- app/models/administrateur.rb | 4 ++++ app/models/instructeur.rb | 4 ++++ .../administrateurs_controller_spec.rb | 20 +++++++++++++------ .../manager/instructeurs_controller_spec.rb | 14 +++++++++++-- .../manager/users_controller_spec.rb | 14 +++++++++++++ 7 files changed, 48 insertions(+), 12 deletions(-) diff --git a/app/dashboards/administrateur_dashboard.rb b/app/dashboards/administrateur_dashboard.rb index ba6f91072..ead5ef9f7 100644 --- a/app/dashboards/administrateur_dashboard.rb +++ b/app/dashboards/administrateur_dashboard.rb @@ -14,7 +14,6 @@ class AdministrateurDashboard < Administrate::BaseDashboard updated_at: Field::DateTime, procedures: Field::HasMany.with_options(limit: 20), registration_state: Field::String.with_options(searchable: false), - current_sign_in_at: Field::DateTime, features: FeaturesField, email: Field::Email.with_options(searchable: false) }.freeze @@ -39,7 +38,6 @@ class AdministrateurDashboard < Administrate::BaseDashboard :created_at, :updated_at, :registration_state, - :current_sign_in_at, :features, :procedures ].freeze diff --git a/app/dashboards/instructeur_dashboard.rb b/app/dashboards/instructeur_dashboard.rb index e88052331..f61b858db 100644 --- a/app/dashboards/instructeur_dashboard.rb +++ b/app/dashboards/instructeur_dashboard.rb @@ -12,7 +12,6 @@ class InstructeurDashboard < Administrate::BaseDashboard user: Field::HasOne.with_options(searchable: true, searchable_field: 'email'), created_at: Field::DateTime, updated_at: Field::DateTime, - current_sign_in_at: Field::DateTime, dossiers: Field::HasMany, procedures: Field::HasMany, features: FeaturesField @@ -35,7 +34,6 @@ class InstructeurDashboard < Administrate::BaseDashboard :dossiers, :id, :user, - :current_sign_in_at, :created_at, :features ].freeze diff --git a/app/models/administrateur.rb b/app/models/administrateur.rb index 8082325d3..0b982aabf 100644 --- a/app/models/administrateur.rb +++ b/app/models/administrateur.rb @@ -92,4 +92,8 @@ class Administrateur < ApplicationRecord destroy end + + # required to display feature flags field in manager + def features + end end diff --git a/app/models/instructeur.rb b/app/models/instructeur.rb index bb55fe36a..f3cc6dff7 100644 --- a/app/models/instructeur.rb +++ b/app/models/instructeur.rb @@ -191,6 +191,10 @@ class Instructeur < ApplicationRecord user.administrateur.nil? && procedures.all? { |p| p.defaut_groupe_instructeur.instructeurs.count > 1 } end + # required to display feature flags field in manager + def features + end + private def annotations_hash(demande, annotations_privees, avis, messagerie) diff --git a/spec/controllers/manager/administrateurs_controller_spec.rb b/spec/controllers/manager/administrateurs_controller_spec.rb index b1504511a..1261c49b8 100644 --- a/spec/controllers/manager/administrateurs_controller_spec.rb +++ b/spec/controllers/manager/administrateurs_controller_spec.rb @@ -1,10 +1,21 @@ describe Manager::AdministrateursController, type: :controller do let(:administration) { create(:administration) } + let(:administrateur) { create(:administrateur) } before do sign_in administration end + describe '#show' do + render_views + + before do + get :show, params: { id: administrateur.id } + end + + it { expect(response.body).to include(administrateur.email) } + end + describe 'GET #new' do render_views it 'displays form to create a new admin' do @@ -41,23 +52,20 @@ describe Manager::AdministrateursController, type: :controller do end describe '#delete' do - let!(:admin) { create(:administrateur) } - - subject { delete :delete, params: { id: admin.id } } + subject { delete :delete, params: { id: administrateur.id } } it 'deletes the admin' do subject - expect(Administrateur.find_by(id: admin.id)).to be_nil + expect(Administrateur.find_by(id: administrateur.id)).to be_nil end end describe '#index' do render_views - let(:admin) { create(:administrateur) } it 'searches admin by email' do - get :index, params: { search: admin.email } + get :index, params: { search: administrateur.email } expect(response).to be_success end end diff --git a/spec/controllers/manager/instructeurs_controller_spec.rb b/spec/controllers/manager/instructeurs_controller_spec.rb index 3a0164d4b..ef44aa706 100644 --- a/spec/controllers/manager/instructeurs_controller_spec.rb +++ b/spec/controllers/manager/instructeurs_controller_spec.rb @@ -1,9 +1,19 @@ describe Manager::InstructeursController, type: :controller do let(:administration) { create(:administration) } + let(:instructeur) { create(:instructeur) } + + describe '#show' do + render_views + + before do + sign_in(administration) + get :show, params: { id: instructeur.id } + end + + it { expect(response.body).to include(instructeur.email) } + end describe '#delete' do - let!(:instructeur) { create(:instructeur) } - before { sign_in administration } subject { delete :delete, params: { id: instructeur.id } } diff --git a/spec/controllers/manager/users_controller_spec.rb b/spec/controllers/manager/users_controller_spec.rb index 4aacf54a1..58a71972a 100644 --- a/spec/controllers/manager/users_controller_spec.rb +++ b/spec/controllers/manager/users_controller_spec.rb @@ -1,6 +1,20 @@ describe Manager::UsersController, type: :controller do let(:administration) { create(:administration) } + describe '#show' do + render_views + + let(:administration) { create(:administration) } + let(:user) { create(:user) } + + before do + sign_in(administration) + get :show, params: { id: user.id } + end + + it { expect(response.body).to include(user.email) } + end + describe '#update' do let!(:user) { create(:user, email: 'ancien.email@domaine.fr') }