feat(FranceConnect): list and allow to unlink FC identities

app/controllers/users/profil_controller.rb

@@ -4,6 +4,7 @@ module Users
     before_action :find_transfers, only: [:show, :renew_api_token]
 
     def show
+      @france_connect_informations = FranceConnectInformation.where(user: current_user)
     end
 
     def renew_api_token
@@ -57,6 +58,17 @@ module Users
       redirect_to profil_path
     end
 
+    def destroy_fci
+      fci = FranceConnectInformation
+        .where(user: current_user)
+        .find(params[:fci_id])
+
+      fci.destroy!
+      flash.notice = "Le compte FranceConnect de « #{fci.full_name} » ne peut plus accéder à vos dossiers"
+
+      redirect_to profil_path
+    end
+
     private
 
     def find_transfers

app/views/users/profil/show.html.haml

@@ -76,3 +76,17 @@
         class: "fr-btn fr-btn--secondary",
         data: { confirm: "Confirmez-vous la regénération de votre jeton ? Les applications qui l’utilisent actuellement seront bloquées.",
                 disable: true }
+
+  - if @france_connect_informations.present?
+    .card
+      .card-title= t('.identities', count: @france_connect_informations.count, application_name: APPLICATION_NAME)
+      %p= t('.linked_identities', count: @france_connect_informations.count, application_name: APPLICATION_NAME)
+      %ul
+        - @france_connect_informations.each do |fci|
+          %li
+            #{fci.given_name} #{fci.family_name} (#{fci.email_france_connect})
+            = link_to 'Interdire l’accès',
+              france_connect_information_path(fci_id: fci.id),
+              method: :delete,
+              data: { confirm: t('.unlink_confirmation', full_name: fci.full_name) },
+              class: 'fr-btn fr-btn--secondary fr-ml-2w'

config/locales/views/users/profil/fr.yml

@@ -21,6 +21,13 @@ fr:
           <br>
           Si ce n’est pas votre cas, contactez le support&nbsp;:
           <a href="mailto:%{contact_email}">%{contact_email}</a>
+        identities:
+          one: Identité FranceConnect
+          other: Identités FranceConnect
+        linked_identities:
+          one: 'Votre compte sur %{application_name} est actuellement lié à l’identité suivante :'
+          other: 'Votre compte sur %{application_name} est actuellement lié aux %{count} identité suivantes :'
+        unlink_confirmation: 'le compte FranceConnect « %{full_name} » ne pourra plus accéder à vos dossiers.'
       ensure_update_email_is_authorized:
         email_not_allowed: "L’email %{requested_email} ne peut être utilisé, contactez le support : <a href='mailto:%{contact_email}'>%{contact_email}</a>"
       transfer_all_dossiers:

config/routes.rb

@@ -311,6 +311,7 @@ Rails.application.routes.draw do
     post 'transfer_all_dossiers' => 'profil#transfer_all_dossiers'
     post 'accept_merge' => 'profil#accept_merge'
     post 'refuse_merge' => 'profil#refuse_merge'
+    delete 'france_connect_information' => 'profil#destroy_fci'
   end
 
   #

spec/controllers/users/profil_controller_spec.rb

@@ -188,4 +188,17 @@ describe Users::ProfilController, type: :controller do
       expect(response).to redirect_to(profil_path)
     end
   end
+
+  context 'DELETE #destroy_fci' do
+    let!(:fci) { create(:france_connect_information, user: user) }
+
+    subject { delete :destroy_fci, params: { fci_id: fci.id } }
+
+    it do
+      expect(FranceConnectInformation.where(user: user).count).to eq(1)
+      subject
+      expect(FranceConnectInformation.where(user: user).count).to eq(0)
+      expect(response).to redirect_to(profil_path)
+    end
+  end
 end