fix(dossier): do not bypass depositaire check on modifier path
This commit is contained in:
parent
2ad8ccc310
commit
cb752d1857
7 changed files with 31 additions and 27 deletions
|
@ -10,7 +10,9 @@ module Users
|
||||||
|
|
||||||
before_action :ensure_ownership!, except: ACTIONS_ALLOWED_TO_ANY_USER + ACTIONS_ALLOWED_TO_OWNER_OR_INVITE
|
before_action :ensure_ownership!, except: ACTIONS_ALLOWED_TO_ANY_USER + ACTIONS_ALLOWED_TO_OWNER_OR_INVITE
|
||||||
before_action :ensure_ownership_or_invitation!, only: ACTIONS_ALLOWED_TO_OWNER_OR_INVITE
|
before_action :ensure_ownership_or_invitation!, only: ACTIONS_ALLOWED_TO_OWNER_OR_INVITE
|
||||||
before_action :ensure_dossier_can_be_updated, only: [:update_identite, :update_brouillon, :submit_brouillon, :modifier, :update]
|
before_action :ensure_dossier_can_be_updated, only: [:update_identite, :update_siret, :brouillon, :update_brouillon, :submit_brouillon, :modifier, :update]
|
||||||
|
before_action :ensure_dossier_can_be_filled, only: [:brouillon, :modifier, :update_brouillon, :submit_brouillon, :update]
|
||||||
|
before_action :ensure_dossier_can_be_viewed, only: [:show]
|
||||||
before_action :forbid_invite_submission!, only: [:submit_brouillon]
|
before_action :forbid_invite_submission!, only: [:submit_brouillon]
|
||||||
before_action :forbid_closed_submission!, only: [:submit_brouillon]
|
before_action :forbid_closed_submission!, only: [:submit_brouillon]
|
||||||
before_action :show_demarche_en_test_banner
|
before_action :show_demarche_en_test_banner
|
||||||
|
@ -33,11 +35,6 @@ module Users
|
||||||
end
|
end
|
||||||
|
|
||||||
def show
|
def show
|
||||||
if dossier.brouillon?
|
|
||||||
redirect_to brouillon_dossier_path(dossier)
|
|
||||||
return
|
|
||||||
end
|
|
||||||
|
|
||||||
@dossier = dossier
|
@dossier = dossier
|
||||||
respond_to do |format|
|
respond_to do |format|
|
||||||
format.pdf do
|
format.pdf do
|
||||||
|
@ -150,15 +147,6 @@ module Users
|
||||||
session.delete(:prefill_params)
|
session.delete(:prefill_params)
|
||||||
@dossier = dossier_with_champs
|
@dossier = dossier_with_champs
|
||||||
@dossier.valid?(context: :prefilling)
|
@dossier.valid?(context: :prefilling)
|
||||||
|
|
||||||
# TODO: remove when the champs are unifed
|
|
||||||
if !@dossier.autorisation_donnees
|
|
||||||
if dossier.procedure.for_individual
|
|
||||||
redirect_to identite_dossier_path(@dossier)
|
|
||||||
else
|
|
||||||
redirect_to siret_dossier_path(@dossier)
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def submit_brouillon
|
def submit_brouillon
|
||||||
|
@ -383,7 +371,23 @@ module Users
|
||||||
def ensure_dossier_can_be_updated
|
def ensure_dossier_can_be_updated
|
||||||
if !dossier.can_be_updated_by_user?
|
if !dossier.can_be_updated_by_user?
|
||||||
flash.alert = t('users.dossiers.no_longer_editable')
|
flash.alert = t('users.dossiers.no_longer_editable')
|
||||||
redirect_to dossiers_path
|
redirect_to dossier_path(dossier)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def ensure_dossier_can_be_filled
|
||||||
|
if !dossier.autorisation_donnees
|
||||||
|
if dossier.procedure.for_individual
|
||||||
|
redirect_to identite_dossier_path(dossier)
|
||||||
|
else
|
||||||
|
redirect_to siret_dossier_path(dossier)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def ensure_dossier_can_be_viewed
|
||||||
|
if dossier.brouillon?
|
||||||
|
redirect_to brouillon_dossier_path(dossier)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -163,7 +163,7 @@ class ProcedureRevision < ApplicationRecord
|
||||||
|
|
||||||
def dossier_for_preview(user)
|
def dossier_for_preview(user)
|
||||||
dossier = Dossier
|
dossier = Dossier
|
||||||
.create_with(groupe_instructeur: procedure.defaut_groupe_instructeur_for_new_dossier)
|
.create_with(groupe_instructeur: procedure.defaut_groupe_instructeur_for_new_dossier, autorisation_donnees: true)
|
||||||
.find_or_initialize_by(revision: self, user: user, for_procedure_preview: true, state: Dossier.states.fetch(:brouillon))
|
.find_or_initialize_by(revision: self, user: user, for_procedure_preview: true, state: Dossier.states.fetch(:brouillon))
|
||||||
|
|
||||||
if dossier.new_record?
|
if dossier.new_record?
|
||||||
|
|
|
@ -19,7 +19,7 @@
|
||||||
- if @prefilled_dossier
|
- if @prefilled_dossier
|
||||||
%h2.huge-title= t('views.commencer.show.prefilled_draft')
|
%h2.huge-title= t('views.commencer.show.prefilled_draft')
|
||||||
%p= t('views.commencer.show.prefilled_draft_detail_html', time_ago: time_ago_in_words(@prefilled_dossier.created_at), procedure: @procedure.libelle)
|
%p= t('views.commencer.show.prefilled_draft_detail_html', time_ago: time_ago_in_words(@prefilled_dossier.created_at), procedure: @procedure.libelle)
|
||||||
= link_to t('views.commencer.show.go_to_prefilled_file'), brouillon_dossier_path(@prefilled_dossier), class: 'fr-btn fr-btn--lg fr-my-2w'
|
= link_to t('views.commencer.show.go_to_prefilled_file'), url_for_dossier(@prefilled_dossier), class: 'fr-btn fr-btn--lg fr-my-2w'
|
||||||
|
|
||||||
- elsif dossiers.empty?
|
- elsif dossiers.empty?
|
||||||
= link_to t('views.commencer.show.start_procedure'), url_for_new_dossier(@revision), class: 'fr-btn fr-btn--lg fr-my-2w'
|
= link_to t('views.commencer.show.start_procedure'), url_for_new_dossier(@revision), class: 'fr-btn fr-btn--lg fr-my-2w'
|
||||||
|
@ -29,7 +29,7 @@
|
||||||
%h2.huge-title= t('views.commencer.show.already_draft')
|
%h2.huge-title= t('views.commencer.show.already_draft')
|
||||||
%p
|
%p
|
||||||
= t('views.commencer.show.already_draft_detail_html', time_ago: time_ago_in_words(dossier.created_at), procedure: dossier.procedure.libelle)
|
= t('views.commencer.show.already_draft_detail_html', time_ago: time_ago_in_words(dossier.created_at), procedure: dossier.procedure.libelle)
|
||||||
= link_to t('views.commencer.show.continue_file'), brouillon_dossier_path(dossier), class: 'fr-btn fr-btn--lg fr-my-2w'
|
= link_to t('views.commencer.show.continue_file'), url_for_dossier(dossier), class: 'fr-btn fr-btn--lg fr-my-2w'
|
||||||
= link_to t('views.commencer.show.start_new_file'), url_for_new_dossier(@revision), class: 'fr-btn fr-btn--lg fr-btn--secondary fr-my-2w'
|
= link_to t('views.commencer.show.start_new_file'), url_for_new_dossier(@revision), class: 'fr-btn fr-btn--lg fr-btn--secondary fr-my-2w'
|
||||||
|
|
||||||
- elsif not_drafts.size == 1
|
- elsif not_drafts.size == 1
|
||||||
|
@ -37,7 +37,7 @@
|
||||||
%h2.huge-title= t('views.commencer.show.already_not_draft')
|
%h2.huge-title= t('views.commencer.show.already_not_draft')
|
||||||
%p
|
%p
|
||||||
= t('views.commencer.show.already_not_draft_detail_html', time_ago: time_ago_in_words(dossier.depose_at), procedure: dossier.procedure.libelle)
|
= t('views.commencer.show.already_not_draft_detail_html', time_ago: time_ago_in_words(dossier.depose_at), procedure: dossier.procedure.libelle)
|
||||||
= link_to t('views.commencer.show.show_my_submitted_file'), dossier_path(dossier), class: 'fr-btn fr-btn--lg fr-my-2w'
|
= link_to t('views.commencer.show.show_my_submitted_file'), url_for_dossier(dossier), class: 'fr-btn fr-btn--lg fr-my-2w'
|
||||||
= link_to t('views.commencer.show.start_new_file'), url_for_new_dossier(@revision), class: 'fr-btn fr-btn--lg fr-btn--secondary fr-my-2w'
|
= link_to t('views.commencer.show.start_new_file'), url_for_new_dossier(@revision), class: 'fr-btn fr-btn--lg fr-btn--secondary fr-my-2w'
|
||||||
|
|
||||||
- else
|
- else
|
||||||
|
|
|
@ -42,4 +42,4 @@
|
||||||
|
|
||||||
.actions
|
.actions
|
||||||
= link_to 'Utiliser un autre numéro SIRET', siret_dossier_path(@dossier), class: 'fr-btn fr-btn--secondary'
|
= link_to 'Utiliser un autre numéro SIRET', siret_dossier_path(@dossier), class: 'fr-btn fr-btn--secondary'
|
||||||
= link_to 'Continuer avec ces informations', brouillon_dossier_path(@dossier), class: 'fr-btn'
|
= link_to 'Continuer avec ces informations', url_for_dossier(@dossier), class: 'fr-btn'
|
||||||
|
|
|
@ -74,7 +74,7 @@
|
||||||
- c.with_body do
|
- c.with_body do
|
||||||
%p
|
%p
|
||||||
= t('users.dossiers.header.callout.first_brouillon_recently_updated_text', time_ago: time_ago_in_words(@first_brouillon_recently_updated.created_at), libelle: @first_brouillon_recently_updated.procedure.libelle )
|
= t('users.dossiers.header.callout.first_brouillon_recently_updated_text', time_ago: time_ago_in_words(@first_brouillon_recently_updated.created_at), libelle: @first_brouillon_recently_updated.procedure.libelle )
|
||||||
= link_to t('users.dossiers.header.callout.first_brouillon_recently_updated_button'), modifier_dossier_path(@first_brouillon_recently_updated), class: 'fr-btn'
|
= link_to t('users.dossiers.header.callout.first_brouillon_recently_updated_button'), url_for_dossier(@first_brouillon_recently_updated), class: 'fr-btn'
|
||||||
|
|
||||||
= render partial: "dossiers_list", locals: { dossiers: @user_dossiers }
|
= render partial: "dossiers_list", locals: { dossiers: @user_dossiers }
|
||||||
|
|
||||||
|
|
|
@ -159,7 +159,7 @@ describe Users::DossiersController, type: :controller do
|
||||||
let(:individual_params) { { gender: 'M', nom: 'Mouse', prenom: 'Mickey' } }
|
let(:individual_params) { { gender: 'M', nom: 'Mouse', prenom: 'Mickey' } }
|
||||||
|
|
||||||
it 'redirects to the dossiers list' do
|
it 'redirects to the dossiers list' do
|
||||||
expect(response).to redirect_to(dossiers_path)
|
expect(response).to redirect_to(dossier_path(dossier))
|
||||||
expect(flash.alert).to eq('Votre dossier ne peut plus être modifié')
|
expect(flash.alert).to eq('Votre dossier ne peut plus être modifié')
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -361,7 +361,7 @@ describe Users::DossiersController, type: :controller do
|
||||||
it 'redirects to the dossiers list' do
|
it 'redirects to the dossiers list' do
|
||||||
subject
|
subject
|
||||||
|
|
||||||
expect(response).to redirect_to(dossiers_path)
|
expect(response).to redirect_to(dossier_path(dossier))
|
||||||
expect(flash.alert).to eq('Votre dossier ne peut plus être modifié')
|
expect(flash.alert).to eq('Votre dossier ne peut plus être modifié')
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -477,7 +477,7 @@ describe Users::DossiersController, type: :controller do
|
||||||
it 'redirects to the dossiers list' do
|
it 'redirects to the dossiers list' do
|
||||||
subject
|
subject
|
||||||
|
|
||||||
expect(response).to redirect_to(dossiers_path)
|
expect(response).to redirect_to(dossier_path(dossier))
|
||||||
expect(flash.alert).to eq('Votre dossier ne peut plus être modifié')
|
expect(flash.alert).to eq('Votre dossier ne peut plus être modifié')
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -561,7 +561,7 @@ describe Users::DossiersController, type: :controller do
|
||||||
|
|
||||||
it 'redirects to the dossiers list' do
|
it 'redirects to the dossiers list' do
|
||||||
subject
|
subject
|
||||||
expect(response).to redirect_to(dossiers_path)
|
expect(response).to redirect_to(dossier_path(dossier))
|
||||||
expect(flash.alert).to eq('Votre dossier ne peut plus être modifié')
|
expect(flash.alert).to eq('Votre dossier ne peut plus être modifié')
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -47,7 +47,7 @@ describe 'users/dossiers/index.html.haml', type: :view do
|
||||||
end
|
end
|
||||||
it 'affiche une alerte pour continuer à remplir un dossier' do
|
it 'affiche une alerte pour continuer à remplir un dossier' do
|
||||||
expect(rendered).to have_selector('.fr-callout', count: 1)
|
expect(rendered).to have_selector('.fr-callout', count: 1)
|
||||||
expect(rendered).to have_link(href: modifier_dossier_path(dossier_brouillon))
|
expect(rendered).to have_link(href: brouillon_dossier_path(dossier_brouillon))
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue