From d74b14c2057e48a18db33a8e4e6b517f68b44749 Mon Sep 17 00:00:00 2001 From: Christophe Robillard Date: Tue, 28 Apr 2020 10:15:08 +0200 Subject: [PATCH] fetch attestation sociale url --- Gemfile | 1 + Gemfile.lock | 1 + app/lib/api_entreprise/api.rb | 3 ++- app/models/procedure.rb | 8 ++++++ app/services/api_entreprise_service.rb | 6 +++++ spec/lib/api_entreprise/api_spec.rb | 27 ++++++++++++++++++++ spec/services/api_entreprise_service_spec.rb | 9 ++++++- 7 files changed, 53 insertions(+), 2 deletions(-) diff --git a/Gemfile b/Gemfile index ad8c4a59b..a25e31a69 100644 --- a/Gemfile +++ b/Gemfile @@ -42,6 +42,7 @@ gem 'groupdate' gem 'haml-rails' gem 'hashie' gem 'jquery-rails' # Use jquery as the JavaScript library +gem 'jwt' gem 'kaminari', '= 1.1.1' # Pagination gem 'lograge' gem 'logstash-event' diff --git a/Gemfile.lock b/Gemfile.lock index 0958a8495..7b8a47c9a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -775,6 +775,7 @@ DEPENDENCIES haml-rails hashie jquery-rails + jwt kaminari (= 1.1.1) launchy letter_opener_web diff --git a/app/lib/api_entreprise/api.rb b/app/lib/api_entreprise/api.rb index b7e1bbeab..d71fc0ff2 100644 --- a/app/lib/api_entreprise/api.rb +++ b/app/lib/api_entreprise/api.rb @@ -41,7 +41,8 @@ class ApiEntreprise::API end def self.attestation_sociale(siren, procedure_id) - call(ATTESTATION_SOCIALE_RESOURCE_NAME, siren, procedure_id) + procedure = Procedure.find(procedure_id) + call(ATTESTATION_SOCIALE_RESOURCE_NAME, siren, procedure_id) if procedure.api_entreprise_role?("attestations_sociales") end private diff --git a/app/models/procedure.rb b/app/models/procedure.rb index 099961c4a..493aa4858 100644 --- a/app/models/procedure.rb +++ b/app/models/procedure.rb @@ -547,6 +547,14 @@ class Procedure < ApplicationRecord "Procedure;#{id}" end + def api_entreprise_roles + JWT.decode(api_entreprise_token, nil, false)[0]["roles"] if api_entreprise_token.present? + end + + def api_entreprise_role?(role) + api_entreprise_roles&.include?(role) + end + private def move_type_de_champ_attributes(types_de_champ, type_de_champ, new_index) diff --git a/app/services/api_entreprise_service.rb b/app/services/api_entreprise_service.rb index 3f5082765..8e8da6ae9 100644 --- a/app/services/api_entreprise_service.rb +++ b/app/services/api_entreprise_service.rb @@ -35,6 +35,12 @@ class ApiEntrepriseService rescue ApiEntreprise::API::RequestFailed end + begin + attestation_sociale_params = ApiEntreprise::AttestationSocialeAdapter.new(entreprise_params[:entreprise_siren], procedure_id).to_params + etablissement_params.merge!(attestation_sociale_params) + rescue ApiEntreprise::API::RequestFailed + end + etablissement_params.merge(entreprise_params) end end diff --git a/spec/lib/api_entreprise/api_spec.rb b/spec/lib/api_entreprise/api_spec.rb index 77c7966b8..dbf16ae36 100644 --- a/spec/lib/api_entreprise/api_spec.rb +++ b/spec/lib/api_entreprise/api_spec.rb @@ -158,4 +158,31 @@ describe ApiEntreprise::API do it { expect(subject).to eq(JSON.parse(body, symbolize_names: true)) } end end + + describe '.attestation_sociale' do + let(:procedure) { create(:procedure, api_entreprise_token: token) } + let(:siren) { '418166096' } + let(:status) { 200 } + let(:body) { File.read('spec/fixtures/files/api_entreprise/attestation_sociale.json') } + + before do + allow_any_instance_of(Procedure).to receive(:api_entreprise_roles).and_return(roles) + stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/attestations_sociales_acoss\/#{siren}?.*token=/) + .to_return(body: body, status: status) + end + + subject { described_class.attestation_sociale(siren, procedure.id) } + + context 'when token not authorized' do + let(:roles) { ["entreprises"] } + + it { expect(subject).to eq(nil) } + end + + context 'when token is authorized' do + let(:roles) { ["attestations_sociales"] } + + it { expect(subject).to eq(JSON.parse(body, symbolize_names: true)) } + end + end end diff --git a/spec/services/api_entreprise_service_spec.rb b/spec/services/api_entreprise_service_spec.rb index 052c36950..9a7024005 100644 --- a/spec/services/api_entreprise_service_spec.rb +++ b/spec/services/api_entreprise_service_spec.rb @@ -13,6 +13,8 @@ describe ApiEntrepriseService do .to_return(body: effectifs_mensuels_body, status: effectifs_mensuels_status) stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/effectifs_annuels_acoss_covid\/#{siren}?.*token=/) .to_return(body: effectifs_annuels_body, status: effectifs_annuels_status) + stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/attestations_sociales_acoss\/#{siren}?.*token=/) + .to_return(body: attestation_sociale_body, status: attestation_sociale_status) end before { Timecop.freeze(Time.zone.local(2020, 3, 14)) } @@ -38,13 +40,17 @@ describe ApiEntrepriseService do let(:effectifs_annuels_body) { File.read('spec/fixtures/files/api_entreprise/effectifs_annuels.json') } let(:effectif_annuel) { 100.5 } + let(:attestation_sociale_status) { 200 } + let(:attestation_sociale_body) { File.read('spec/fixtures/files/api_entreprise/attestation_sociale.json') } + let(:attestation_sociale_url) { "https://storage.entreprise.api.gouv.fr/siade/1569156881-f749d75e2bfd443316e2e02d59015f-attestation_vigilance_acoss.pdf" } + let(:exercices_status) { 200 } let(:exercices_body) { File.read('spec/fixtures/files/api_entreprise/exercices.json') } let(:associations_status) { 200 } let(:associations_body) { File.read('spec/fixtures/files/api_entreprise/associations.json') } - let(:procedure) { create(:procedure) } + let(:procedure) { create(:procedure, api_entreprise_token: 'un-jeton') } let(:result) { ApiEntrepriseService.get_etablissement_params_for_siret(siret, procedure.id) } context 'when service is up' do @@ -55,6 +61,7 @@ describe ApiEntrepriseService do expect(result[:exercices_attributes]).to_not be_empty expect(result[:entreprise_effectif_mensuel]).to eq(effectif_mensuel) expect(result[:entreprise_effectif_annuel]).to eq(effectif_annuel) + expect(result[:entreprise_attestation_sociale_url]).to eq(attestation_sociale_url) end end