DGNum/demarches-normaliennes
15
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Merge branch 'develop' of github.com:sgmap/tps into develop

Browse source
This commit is contained in:
Tanguy PATTE 2016-01-27 14:37:24 +01:00
commit d449c34387
12 changed files with 230 additions and 260 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

0
app/controllers/concerns/.keep
View file

5
app/controllers/concerns/dossier_concern.rb
View file

@ -1,5 +0,0 @@
module DossierConcern
def current_dossier
Dossier.find(params[:dossier_id])
end
end

3
app/controllers/dossiers_controller.rb
View file

@ -1,3 +0,0 @@
class DossiersController < ApplicationController
end

5
app/controllers/france_connect/particulier_controller.rb
View file

@ -1,4 +1,5 @@
class FranceConnect::ParticulierController < ApplicationController
def login
client = FranceConnectParticulierClient.new
@ -94,6 +95,10 @@ class FranceConnect::ParticulierController < ApplicationController
private
def connect_france_connect_particulier user
sign_out :user if user_signed_in?
sign_out :gestionnaire if gestionnaire_signed_in?
sign_out :administrateur if administrateur_signed_in?
sign_in user
user.loged_in_with_france_connect = 'particulier'

12
app/controllers/users/carte_controller.rb
View file

@ -1,7 +1,8 @@
class Users::CarteController < UsersController
include DossierConcern
before_action :authorized_routes?, only: [:show]
before_action only: [:show] do
authorized_routes? self.class
end
def show
@dossier = current_user_dossier
@ -76,6 +77,13 @@ class Users::CarteController < UsersController
render json: {cadastres: cadastres}
end
def self.route_authorization
{
states: [:draft, :initiated, :replied, :updated],
api_carto: true
}
end
private
def generate_qp coordinates

10
app/controllers/users/description_controller.rb
View file

@ -1,5 +1,7 @@
class Users::DescriptionController < UsersController
before_action :authorized_routes?, only: [:show]
before_action only: [:show] do
authorized_routes? self.class
end
def show
@dossier = current_user_dossier
@ -62,6 +64,12 @@ class Users::DescriptionController < UsersController
redirect_to url_for(controller: :recapitulatif, action: :show, dossier_id: @dossier.id)
end
def self.route_authorization
{
states: [:draft, :initiated, :replied, :updated]
}
end
private
def create_params

10
app/controllers/users/dossiers_controller.rb
View file

@ -5,7 +5,9 @@ class Users::DossiersController < UsersController
before_action :authenticate_user!
before_action :check_siret, only: :create
before_action :authorized_routes?, only: [:show]
before_action only: [:show] do
authorized_routes? self.class
end
def index
order = 'DESC'
@ -94,6 +96,12 @@ class Users::DossiersController < UsersController
redirect_to users_dossiers_path
end
def self.route_authorization
{
states: [:draft]
}
end
private
def dossiers_to_display

10
app/controllers/users/recapitulatif_controller.rb
View file

@ -1,5 +1,7 @@
class Users::RecapitulatifController < UsersController
before_action :authorized_routes?, only: [:show]
before_action only: [:show] do
authorized_routes? self.class
end
def show
create_dossier_facade
@ -25,6 +27,12 @@ class Users::RecapitulatifController < UsersController
render 'show'
end
def self.route_authorization
{
states: [:initiated, :replied, :updated, :validated, :submitted, :closed]
}
end
private
def create_dossier_facade

9
app/controllers/users_controller.rb
View file

@ -7,13 +7,10 @@ class UsersController < ApplicationController
current_user.dossiers.find(dossier_id)
end
def authorized_routes?
sub_path = "/users/dossiers/#{current_user_dossier.id}"
def authorized_routes? controller
redirect_to_root_path 'Le status de votre dossier n\'autorise pas cette URL' unless UserRoutesAuthorizationService.authorized_route?(
(request.env['PATH_INFO']).gsub(sub_path, ''),
current_user_dossier.state,
current_user_dossier.procedure.use_api_carto)
controller,
current_user_dossier)
rescue ActiveRecord::RecordNotFound
redirect_to_root_path 'Vous navez pas accès à ce dossier.'
end

47
app/services/user_routes_authorization_service.rb
View file

@ -1,48 +1,9 @@
class UserRoutesAuthorizationService
def self.authorized_paths
{
root: '',
carte: '/carte',
description: '/description',
recapitulatif: '/recapitulatif'
}
end
def self.authorized_route? controller, dossier
auth = controller.route_authorization
def self.authorized_states
Dossier.states
end
def self.authorized_routes
{
root: {
authorized_states: [:draft],
api_carto: false
},
carte: {
authorized_states: [:draft, :initiated, :replied, :updated],
api_carto: true
},
description: {
authorized_states: [:draft, :initiated, :replied, :updated],
api_carto: false
},
recapitulatif: {
authorized_states: [:initiated, :replied, :updated, :validated, :submitted, :closed],
api_carto: false
}
}
end
def self.authorized_route? path, state, api_carto=false
return raise 'Not a valid path' unless authorized_paths.has_value? path
return raise 'Not a valid state' unless authorized_states.has_value? state
path_key = authorized_paths.key(path)
first = authorized_routes[path_key][:authorized_states].include? state.to_sym
seconde = authorized_routes[path_key][:api_carto] ? api_carto : true
first && seconde
auth[:states].include?(dossier.state.to_sym) &&
(auth[:api_carto].nil? ? true : auth[:api_carto] == dossier.procedure.use_api_carto)
end
end

5
spec/controllers/dossiers_controller_spec.rb
View file

@ -1,5 +0,0 @@
require 'spec_helper'
describe DossiersController, type: :controller do
end

374
spec/services/user_routes_authorization_service_spec.rb
View file

@ -1,222 +1,210 @@
require 'spec_helper'
describe UserRoutesAuthorizationService do
describe '#authorize_route?' do
let(:api_carto) { false }
let(:module_api_carto) { create :module_api_carto, use_api_carto: use_api_carto }
let(:procedure) { create :procedure, module_api_carto: module_api_carto }
let(:dossier) { create :dossier, procedure: procedure, state: state }
subject { described_class.authorized_route? path, state, api_carto }
let(:use_api_carto) { false }
context 'when path is not recognized' do
let(:state) { 'blabla' }
let(:path) { 'blabla' }
subject { described_class.authorized_route? controller, dossier }
it { expect { subject }.to raise_error 'Not a valid path' }
describe 'Users::DossiersController' do
let(:controller) { Users::DossiersController }
describe 'draft' do
let(:state) { 'draft' }
it { is_expected.to be_truthy }
end
describe 'initiated' do
let(:state) { 'initiated' }
it { is_expected.to be_falsey }
end
describe 'replied' do
let(:state) { 'replied' }
it { is_expected.to be_falsey }
end
describe 'updated' do
let(:state) { 'updated' }
it { is_expected.to be_falsey }
end
describe 'validated' do
let(:state) { 'validated' }
it { is_expected.to be_falsey }
end
describe 'submitted' do
let(:state) { 'submitted' }
it { is_expected.to be_falsey }
end
describe 'closed' do
let(:state) { 'closed' }
it { is_expected.to be_falsey }
end
end
context 'when state is not recognized' do
let(:state) { 'blabla' }
let(:path) { '' }
describe 'carte' do
let(:controller) { Users::CarteController }
it { expect { subject }.to raise_error 'Not a valid state' }
context 'when use_api_carto is false' do
describe 'draft' do
let(:state) { 'draft' }
it { is_expected.to be_falsey }
end
describe 'initiated' do
let(:state) { 'initiated' }
it { is_expected.to be_falsey }
end
describe 'replied' do
let(:state) { 'replied' }
it { is_expected.to be_falsey }
end
describe 'updated' do
let(:state) { 'updated' }
it { is_expected.to be_falsey }
end
describe 'validated' do
let(:state) { 'validated' }
it { is_expected.to be_falsey }
end
describe 'submitted' do
let(:state) { 'submitted' }
it { is_expected.to be_falsey }
end
describe 'closed' do
let(:state) { 'closed' }
it { is_expected.to be_falsey }
end
end
context 'when use_api_carto is true' do
let(:use_api_carto) { true }
describe 'draft' do
let(:state) { 'draft' }
it { is_expected.to be_truthy }
end
describe 'initiated' do
let(:state) { 'initiated' }
it { is_expected.to be_truthy }
end
describe 'replied' do
let(:state) { 'replied' }
it { is_expected.to be_truthy }
end
describe 'updated' do
let(:state) { 'updated' }
it { is_expected.to be_truthy }
end
describe 'validated' do
let(:state) { 'validated' }
it { is_expected.to be_falsey }
end
describe 'submitted' do
let(:state) { 'submitted' }
it { is_expected.to be_falsey }
end
describe 'closed' do
let(:state) { 'closed' }
it { is_expected.to be_falsey }
end
end
end
context 'when path and state are recognized' do
describe 'root' do
let(:path) { '' }
describe 'Users::DescriptionController' do
let(:controller) { Users::DescriptionController }
describe 'draft' do
let(:state) { 'draft' }
it { is_expected.to be_truthy }
end
describe 'initiated' do
let(:state) { 'initiated' }
it { is_expected.to be_falsey }
end
describe 'replied' do
let(:state) { 'replied' }
it { is_expected.to be_falsey }
end
describe 'updated' do
let(:state) { 'updated' }
it { is_expected.to be_falsey }
end
describe 'validated' do
let(:state) { 'validated' }
it { is_expected.to be_falsey }
end
describe 'submitted' do
let(:state) { 'submitted' }
it { is_expected.to be_falsey }
end
describe 'closed' do
let(:state) { 'closed' }
it { is_expected.to be_falsey }
end
describe 'draft' do
let(:state) { 'draft' }
it { is_expected.to be_truthy }
end
describe 'carte' do
let(:path) { '/carte' }
context 'when use_api_carto is false' do
describe 'draft' do
let(:state) { 'draft' }
it { is_expected.to be_falsey }
end
describe 'initiated' do
let(:state) { 'initiated' }
it { is_expected.to be_falsey }
end
describe 'replied' do
let(:state) { 'replied' }
it { is_expected.to be_falsey }
end
describe 'updated' do
let(:state) { 'updated' }
it { is_expected.to be_falsey }
end
describe 'validated' do
let(:state) { 'validated' }
it { is_expected.to be_falsey }
end
describe 'submitted' do
let(:state) { 'submitted' }
it { is_expected.to be_falsey }
end
describe 'closed' do
let(:state) { 'closed' }
it { is_expected.to be_falsey }
end
end
context 'when use_api_carto is true' do
let(:api_carto) { true }
describe 'draft' do
let(:state) { 'draft' }
it { is_expected.to be_truthy }
end
describe 'initiated' do
let(:state) { 'initiated' }
it { is_expected.to be_truthy }
end
describe 'replied' do
let(:state) { 'replied' }
it { is_expected.to be_truthy }
end
describe 'updated' do
let(:state) { 'updated' }
it { is_expected.to be_truthy }
end
describe 'validated' do
let(:state) { 'validated' }
it { is_expected.to be_falsey }
end
describe 'submitted' do
let(:state) { 'submitted' }
it { is_expected.to be_falsey }
end
describe 'closed' do
let(:state) { 'closed' }
it { is_expected.to be_falsey }
end
end
describe 'initiated' do
let(:state) { 'initiated' }
it { is_expected.to be_truthy }
end
describe 'description' do
let(:path) { '/description' }
describe 'draft' do
let(:state) { 'draft' }
it { is_expected.to be_truthy }
end
describe 'initiated' do
let(:state) { 'initiated' }
it { is_expected.to be_truthy }
end
describe 'replied' do
let(:state) { 'replied' }
it { is_expected.to be_truthy }
end
describe 'updated' do
let(:state) { 'updated' }
it { is_expected.to be_truthy }
end
describe 'validated' do
let(:state) { 'validated' }
it { is_expected.to be_falsey }
end
describe 'submitted' do
let(:state) { 'submitted' }
it { is_expected.to be_falsey }
end
describe 'closed' do
let(:state) { 'closed' }
it { is_expected.to be_falsey }
end
describe 'replied' do
let(:state) { 'replied' }
it { is_expected.to be_truthy }
end
describe 'recapitulatif' do
let(:path) { '/recapitulatif' }
describe 'updated' do
let(:state) { 'updated' }
it { is_expected.to be_truthy }
end
describe 'draft' do
let(:state) { 'draft' }
it { is_expected.to be_falsey }
end
describe 'validated' do
let(:state) { 'validated' }
it { is_expected.to be_falsey }
end
describe 'initiated' do
let(:state) { 'initiated' }
it { is_expected.to be_truthy }
end
describe 'submitted' do
let(:state) { 'submitted' }
it { is_expected.to be_falsey }
end
describe 'replied' do
let(:state) { 'replied' }
it { is_expected.to be_truthy }
end
describe 'closed' do
let(:state) { 'closed' }
it { is_expected.to be_falsey }
end
end
describe 'updated' do
let(:state) { 'updated' }
it { is_expected.to be_truthy }
end
describe 'recapitulatif' do
let(:controller) { Users::RecapitulatifController }
describe 'validated' do
let(:state) { 'validated' }
it { is_expected.to be_truthy }
end
describe 'draft' do
let(:state) { 'draft' }
it { is_expected.to be_falsey }
end
describe 'submitted' do
let(:state) { 'submitted' }
it { is_expected.to be_truthy }
end
describe 'initiated' do
let(:state) { 'initiated' }
it { is_expected.to be_truthy }
end
describe 'closed' do
let(:state) { 'closed' }
it { is_expected.to be_truthy }
end
describe 'replied' do
let(:state) { 'replied' }
it { is_expected.to be_truthy }
end
describe 'updated' do
let(:state) { 'updated' }
it { is_expected.to be_truthy }
end
describe 'validated' do
let(:state) { 'validated' }
it { is_expected.to be_truthy }
end
describe 'submitted' do
let(:state) { 'submitted' }
it { is_expected.to be_truthy }
end
describe 'closed' do
let(:state) { 'closed' }
it { is_expected.to be_truthy }
end
end
end