Merge pull request #5092 from betagouv/5084-jeton-demarche

#5084 appelle api entreprise avec un jeton spécifique à une démarche
2020-04-28 15:38:04 +02:00 · 2020-04-28 15:38:04 +02:00 · db4cd5f031
commit db4cd5f031
parent 920cf6bb3f 4bd4524f67
16 changed files with 112 additions and 17 deletions
--- a/app/controllers/new_administrateur/procedures_controller.rb
+++ b/app/controllers/new_administrateur/procedures_controller.rb
@ -1,6 +1,6 @@
 module NewAdministrateur
  class ProceduresController < AdministrateurController
-    before_action :retrieve_procedure, only: [:champs, :annotations, :edit, :monavis, :update_monavis]
+    before_action :retrieve_procedure, only: [:champs, :annotations, :edit, :monavis, :update_monavis, :jeton, :update_jeton]
    before_action :procedure_locked?, only: [:champs, :annotations]
    def apercu
@ -57,6 +57,18 @@ module NewAdministrateur
      render 'monavis'
    end
    def jeton
    end
    def update_jeton
      if !@procedure.update(procedure_params)
        flash.now.alert = @procedure.errors.full_messages
      else
        flash.notice = 'Le jeton a bien été mis à jour'
      end
      render 'jeton'
    end
    private
    def apercu_tab
@ -68,7 +80,7 @@ module NewAdministrateur
    end
    def procedure_params
-      editable_params = [:libelle, :description, :organisation, :direction, :lien_site_web, :cadre_juridique, :deliberation, :notice, :web_hook_url, :declarative_with_state, :euro_flag, :logo, :auto_archive_on, :monavis_embed]
+      editable_params = [:libelle, :description, :organisation, :direction, :lien_site_web, :cadre_juridique, :deliberation, :notice, :web_hook_url, :declarative_with_state, :euro_flag, :logo, :auto_archive_on, :monavis_embed, :api_entreprise_token]
      permited_params = if @procedure&.locked?
        params.require(:procedure).permit(*editable_params)
      else
--- a/app/lib/api_entreprise/api.rb
+++ b/app/lib/api_entreprise/api.rb
@ -74,11 +74,12 @@ class ApiEntreprise::API
      recipient: siret_or_siren,
      object: "procedure_id: #{procedure_id}",
      non_diffusables: true,
-      token: token
+      token: token_for_procedure(procedure_id)
    }
  end
-  def self.token
+  def self.token_for_procedure(procedure_id)
-    Rails.application.secrets.api_entreprise[:key]
+    procedure = Procedure.find(procedure_id)
    procedure.api_entreprise_token.presence || Rails.application.secrets.api_entreprise[:key]
  end
 end
--- a/app/views/layouts/left_panels/_left_panel_admin_procedurescontroller_navbar.html.haml
+++ b/app/views/layouts/left_panels/_left_panel_admin_procedurescontroller_navbar.html.haml
@ -68,6 +68,10 @@
      .procedure-list-element{ class: ('active' if active == 'MonAvis') }
        MonAvis
    %a#onglet-description{ href: url_for(admin_procedure_jeton_path(@procedure)) }
      .procedure-list-element
        Jeton
    %a#onglet-description{ href: url_for(admin_procedures_path()) }
      .procedure-list-element
        Sortir
--- a/app/views/new_administrateur/procedures/jeton.html.haml
+++ b/app/views/new_administrateur/procedures/jeton.html.haml
@ -0,0 +1,24 @@
 = render partial: 'new_administrateur/breadcrumbs',
  locals: { steps: [link_to('Démarches', admin_procedures_path),
                    link_to(@procedure.libelle, admin_procedure_path(@procedure)),
                    'Jeton'] }
 .container
  %h1.page-title
    Configurer le jeton API Entreprise
 .container
  %h1
  = form_with model: @procedure, url: url_for({ controller: 'new_administrateur/procedures', action: :update_jeton }), html: { class: 'form' } do |f|
    %p.explication
      Démarches Simplifiées utilise
      = link_to 'API Entreprise', "https://entreprise.api.gouv.fr/"
      qui permet de récupérer les informations administratives des entreprises et des associations.
      Si votre démarche nécessite des autorisations spécifiques que Démarches Simplifiées n'a pas par défaut, merci de renseigner ici le jeton
      = link_to 'API Entreprise', "https://entreprise.api.gouv.fr/demander_un_acces/"
      propre à votre démarche.
    = f.label :api_entreprise_token, "Jeton"
    = f.password_field :api_entreprise_token, class: 'form-control'
    .text-right
      = f.button 'Enregistrer', class: 'button primary send'
--- a/config/routes.rb
+++ b/config/routes.rb
@ -166,6 +166,8 @@ Rails.application.routes.draw do
  post 'admin/procedures' => 'new_administrateur/procedures#create'
  get 'admin/procedures/:id/monavis' => 'new_administrateur/procedures#monavis', as: :admin_procedure_monavis
  patch 'admin/procedures/:id/monavis' => 'new_administrateur/procedures#update_monavis', as: :update_monavis
  get 'admin/procedures/:id/jeton' => 'new_administrateur/procedures#jeton', as: :admin_procedure_jeton
  patch 'admin/procedures/:id/jeton' => 'new_administrateur/procedures#update_jeton', as: :update_jeton
  namespace :admin do
    get 'activate' => '/administrateurs/activate#new'
--- a/db/migrate/20200423171759_add_api_entreprise_token_to_procedures.rb
+++ b/db/migrate/20200423171759_add_api_entreprise_token_to_procedures.rb
@ -0,0 +1,5 @@
 class AddAPIEntrepriseTokenToProcedures < ActiveRecord::Migration[5.2]
  def change
    add_column :procedures, :api_entreprise_token, :string
  end
 end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema.define(version: 2020_04_22_090426) do
+ActiveRecord::Schema.define(version: 2020_04_23_171759) do
  # These are extensions that must be enabled in order to support this database
  enable_extension "plpgsql"
@ -515,6 +515,7 @@ ActiveRecord::Schema.define(version: 2020_04_22_090426) do
    t.datetime "closed_at"
    t.datetime "unpublished_at"
    t.bigint "canonical_procedure_id"
    t.string "api_entreprise_token"
    t.index ["declarative_with_state"], name: "index_procedures_on_declarative_with_state"
    t.index ["hidden_at"], name: "index_procedures_on_hidden_at"
    t.index ["parent_procedure_id"], name: "index_procedures_on_parent_procedure_id"
--- a/spec/controllers/new_administrateur/procedures_controller_spec.rb
+++ b/spec/controllers/new_administrateur/procedures_controller_spec.rb
@ -301,4 +301,21 @@ describe NewAdministrateur::ProceduresController, type: :controller do
      end
    end
  end
  describe 'GET #jeton' do
    let(:procedure) { create(:procedure, administrateur: admin) }
    subject { get :jeton, params: { id: procedure.id } }
    it { is_expected.to have_http_status(:success) }
  end
  describe 'PATCH #jeton' do
    let(:procedure) { create(:procedure, administrateur: admin) }
    it "update api_entreprise_token" do
      patch :update_jeton, params: { id: procedure.id, procedure: { api_entreprise_token: 'ceci-est-un-jeton' } }
      expect(procedure.reload.api_entreprise_token).to eq('ceci-est-un-jeton')
    end
  end
 end
--- a/spec/lib/api_entreprise/api_spec.rb
+++ b/spec/lib/api_entreprise/api_spec.rb
@ -1,11 +1,13 @@
 describe ApiEntreprise::API do
-  let(:procedure_id) { 12 }
+  let(:procedure) { create(:procedure) }
  let(:procedure_id) { procedure.id }
  let(:token) { Rails.application.secrets.api_entreprise[:key] }
  describe '.entreprise' do
    subject { described_class.entreprise(siren, procedure_id) }
    before do
-      stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/entreprises\/#{siren}?.*token=/)
+      stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/entreprises\/#{siren}?.*token=#{token}/)
        .to_return(status: status, body: body)
    end
@ -47,6 +49,27 @@ describe ApiEntreprise::API do
      it 'returns response body' do
        expect(subject).to eq(JSON.parse(body, symbolize_names: true))
      end
      context 'with specific token for procedure' do
        let(:token) { 'token-for-demarche' }
        let(:procedure) { create(:procedure, api_entreprise_token: token) }
        let(:procedure_id) { procedure.id }
        it 'call api-entreprise with specfic token' do
          subject
          expect(WebMock).to have_requested(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/entreprises\/#{siren}?.*token=token-for-demarche/)
        end
      end
      context 'without specific token for procedure' do
        let(:procedure) { create(:procedure, api_entreprise_token: nil) }
        let(:procedure_id) { procedure.id }
        it 'call api-entreprise with specfic token' do
          subject
          expect(WebMock).to have_requested(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/entreprises\/#{siren}?.*token=#{token}/)
        end
      end
    end
  end
--- a/spec/lib/api_entreprise/effectifs_adapter_spec.rb
+++ b/spec/lib/api_entreprise/effectifs_adapter_spec.rb
@ -1,6 +1,7 @@
 describe ApiEntreprise::EffectifsAdapter do
  let(:siren) { '418166096' }
-  let(:procedure_id) { 22 }
+  let(:procedure) { create(:procedure) }
  let(:procedure_id) { procedure.id }
  let(:annee) { "2020" }
  let(:mois) { "02" }
  let(:adapter) { described_class.new(siren, procedure_id, annee, mois) }
--- a/spec/lib/api_entreprise/effectifs_annuels_adapter_spec.rb
+++ b/spec/lib/api_entreprise/effectifs_annuels_adapter_spec.rb
@ -1,6 +1,7 @@
 describe ApiEntreprise::EffectifsAnnuelsAdapter do
  let(:siren) { '418166096' }
-  let(:procedure_id) { 22 }
+  let(:procedure) { create(:procedure) }
  let(:procedure_id) { procedure.id }
  let(:adapter) { described_class.new(siren, procedure_id) }
  subject { adapter.to_params }
--- a/spec/lib/api_entreprise/entreprise_adapter_spec.rb
+++ b/spec/lib/api_entreprise/entreprise_adapter_spec.rb
@ -1,6 +1,7 @@
 describe ApiEntreprise::EntrepriseAdapter do
  let(:siren) { '418166096' }
-  let(:procedure_id) { 22 }
+  let(:procedure) { create(:procedure) }
  let(:procedure_id) { procedure.id }
  let(:adapter) { described_class.new(siren, procedure_id) }
  subject { adapter.to_params }
--- a/spec/lib/api_entreprise/etablissement_adapter_spec.rb
+++ b/spec/lib/api_entreprise/etablissement_adapter_spec.rb
@ -1,5 +1,6 @@
 describe ApiEntreprise::EtablissementAdapter do
-  let(:procedure_id) { 33 }
+  let(:procedure) { create(:procedure) }
  let(:procedure_id) { procedure.id }
  context 'SIRET valide avec infos diffusables' do
    let(:siret) { '41816609600051' }
@ -88,7 +89,7 @@ describe ApiEntreprise::EtablissementAdapter do
  context 'when siret is not found' do
    let(:bad_siret) { 11_111_111_111_111 }
-    subject { described_class.new(bad_siret, 12).to_params }
+    subject { described_class.new(bad_siret, procedure_id).to_params }
    before do
      stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/etablissements\/#{bad_siret}?.*token=/)
--- a/spec/lib/api_entreprise/exercices_adapter_spec.rb
+++ b/spec/lib/api_entreprise/exercices_adapter_spec.rb
@ -1,7 +1,7 @@
 describe ApiEntreprise::ExercicesAdapter do
  let(:siret) { '41816609600051' }
-  let(:procedure_id) { 11 }
+  let(:procedure) { create(:procedure) }
-  subject { described_class.new(siret, procedure_id).to_params }
+  subject { described_class.new(siret, procedure.id).to_params }
  before do
    stub_request(:get, /https:\/\/entreprise.api.gouv.fr\/v2\/exercices\/.*token=/)
--- a/spec/lib/api_entreprise/rna_adapter_spec.rb
+++ b/spec/lib/api_entreprise/rna_adapter_spec.rb
@ -1,6 +1,7 @@
 describe ApiEntreprise::RNAAdapter do
  let(:siret) { '50480511000013' }
-  let(:procedure_id) { 22 }
+  let(:procedure) { create(:procedure) }
  let(:procedure_id) { procedure.id }
  let(:body) { File.read('spec/fixtures/files/api_entreprise/associations.json') }
  let(:status) { 200 }
  let(:adapter) { described_class.new(siret, procedure_id) }
--- a/spec/services/api_entreprise_service_spec.rb
+++ b/spec/services/api_entreprise_service_spec.rb
@ -44,7 +44,8 @@ describe ApiEntrepriseService do
    let(:associations_status) { 200 }
    let(:associations_body) { File.read('spec/fixtures/files/api_entreprise/associations.json') }
-    let(:result) { ApiEntrepriseService.get_etablissement_params_for_siret(siret, '1') }
+    let(:procedure) { create(:procedure) }
    let(:result) { ApiEntrepriseService.get_etablissement_params_for_siret(siret, procedure.id) }
    context 'when service is up' do
      it 'should fetch etablissement params' do