fetch attestation sociale url

2020-04-28 10:15:08 +02:00 · 2020-04-28 10:15:08 +02:00 · d74b14c205
commit d74b14c205
parent b147956a92
7 changed files with 53 additions and 2 deletions
--- a/1
+++ b/1
@ -42,6 +42,7 @@ gem 'groupdate'
 gem 'haml-rails'
 gem 'hashie'
 gem 'jquery-rails' # Use jquery as the JavaScript library
+gem 'jwt'
 gem 'kaminari', '= 1.1.1' # Pagination
 gem 'lograge'
 gem 'logstash-event'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -775,6 +775,7 @@ DEPENDENCIES
  haml-rails
  hashie
  jquery-rails
+  jwt
  kaminari (= 1.1.1)
  launchy
  letter_opener_web
--- a/app/lib/api_entreprise/api.rb
+++ b/app/lib/api_entreprise/api.rb
@ -41,7 +41,8 @@ class ApiEntreprise::API
  end

  def self.attestation_sociale(siren, procedure_id)
-    call(ATTESTATION_SOCIALE_RESOURCE_NAME, siren, procedure_id)
+    procedure = Procedure.find(procedure_id)
+    call(ATTESTATION_SOCIALE_RESOURCE_NAME, siren, procedure_id) if procedure.api_entreprise_role?("attestations_sociales")
  end

  private
--- a/app/models/procedure.rb
+++ b/app/models/procedure.rb
@ -547,6 +547,14 @@ class Procedure < ApplicationRecord
    "Procedure;#{id}"
  end

+  def api_entreprise_roles
+    JWT.decode(api_entreprise_token, nil, false)[0]["roles"] if api_entreprise_token.present?
+  end
+
+  def api_entreprise_role?(role)
+    api_entreprise_roles&.include?(role)
+  end
+
  private

  def move_type_de_champ_attributes(types_de_champ, type_de_champ, new_index)
--- a/app/services/api_entreprise_service.rb
+++ b/app/services/api_entreprise_service.rb
@ -35,6 +35,12 @@ class ApiEntrepriseService
      rescue ApiEntreprise::API::RequestFailed
      end

+      begin
+        attestation_sociale_params = ApiEntreprise::AttestationSocialeAdapter.new(entreprise_params[:entreprise_siren], procedure_id).to_params
+        etablissement_params.merge!(attestation_sociale_params)
+      rescue ApiEntreprise::API::RequestFailed
+      end
+
      etablissement_params.merge(entreprise_params)
    end
  end
--- a/spec/lib/api_entreprise/api_spec.rb
+++ b/spec/lib/api_entreprise/api_spec.rb
@ -158,4 +158,31 @@ describe ApiEntreprise::API do
      it { expect(subject).to eq(JSON.parse(body, symbolize_names: true)) }
    end
  end
+
+  describe '.attestation_sociale' do
+    let(:procedure) { create(:procedure, api_entreprise_token: token) }
+    let(:siren) { '418166096' }
+    let(:status) { 200 }
+    let(:body) { File.read('spec/fixtures/files/api_entreprise/attestation_sociale.json') }
+
+    before do
+      allow_any_instance_of(Procedure).to receive(:api_entreprise_roles).and_return(roles)
+      stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/attestations_sociales_acoss\/#{siren}?.*token=/)
+        .to_return(body: body, status: status)
+    end
+
+    subject { described_class.attestation_sociale(siren, procedure.id) }
+
+    context 'when token not authorized' do
+      let(:roles) { ["entreprises"] }
+
+      it { expect(subject).to eq(nil) }
+    end
+
+    context 'when token is authorized' do
+      let(:roles) { ["attestations_sociales"] }
+
+      it { expect(subject).to eq(JSON.parse(body, symbolize_names: true)) }
+    end
+  end
 end
--- a/spec/services/api_entreprise_service_spec.rb
+++ b/spec/services/api_entreprise_service_spec.rb
@ -13,6 +13,8 @@ describe ApiEntrepriseService do
        .to_return(body: effectifs_mensuels_body, status: effectifs_mensuels_status)
      stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/effectifs_annuels_acoss_covid\/#{siren}?.*token=/)
        .to_return(body: effectifs_annuels_body, status: effectifs_annuels_status)
+      stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/attestations_sociales_acoss\/#{siren}?.*token=/)
+        .to_return(body: attestation_sociale_body, status: attestation_sociale_status)
    end

    before { Timecop.freeze(Time.zone.local(2020, 3, 14)) }
@ -38,13 +40,17 @@ describe ApiEntrepriseService do
    let(:effectifs_annuels_body) { File.read('spec/fixtures/files/api_entreprise/effectifs_annuels.json') }
    let(:effectif_annuel) { 100.5 }

+    let(:attestation_sociale_status) { 200 }
+    let(:attestation_sociale_body) { File.read('spec/fixtures/files/api_entreprise/attestation_sociale.json') }
+    let(:attestation_sociale_url) { "https://storage.entreprise.api.gouv.fr/siade/1569156881-f749d75e2bfd443316e2e02d59015f-attestation_vigilance_acoss.pdf" }
+
    let(:exercices_status) { 200 }
    let(:exercices_body) { File.read('spec/fixtures/files/api_entreprise/exercices.json') }

    let(:associations_status) { 200 }
    let(:associations_body) { File.read('spec/fixtures/files/api_entreprise/associations.json') }

-    let(:procedure) { create(:procedure) }
+    let(:procedure) { create(:procedure, api_entreprise_token: 'un-jeton') }
    let(:result) { ApiEntrepriseService.get_etablissement_params_for_siret(siret, procedure.id) }

    context 'when service is up' do
@ -55,6 +61,7 @@ describe ApiEntrepriseService do
        expect(result[:exercices_attributes]).to_not be_empty
        expect(result[:entreprise_effectif_mensuel]).to eq(effectif_mensuel)
        expect(result[:entreprise_effectif_annuel]).to eq(effectif_annuel)
+        expect(result[:entreprise_attestation_sociale_url]).to eq(attestation_sociale_url)
      end
    end