From e1909ed29ff2701071164f7195e31a5eb3da434a Mon Sep 17 00:00:00 2001
From: Pierre de La Morinerie <kemenaran@gmail.com>
Date: Thu, 22 Jul 2021 08:31:13 +0000
Subject: [PATCH] brouillon: redirect to sign-in when disconnected
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

There are two cases where the draft auto-save might fail because the
user is no longer authenticated:

- The user signed-out in another tab,
- The brower quit and re-opened, so the Session cookie expired.

In both cases, the auto-save will never succeed until the user
authenticates again, so displaying a "Retry" button is cruel.

Moreover, in plus of all auto-save requests failing with a small error,
the actual hard failure only occurs after filling all the form and
trying to submit it. Then the user is redirected to the sign-in page –
but all their changes are lost.

Instead, we now redirect to the sign-in page on the first 401 error
during the auto-save, let the user sign-in, and then redirect back to
the form.
---
 .../new_design/dossiers/auto-save.js          |  9 ++++++
 spec/features/users/brouillon_spec.rb         | 28 +++++++++++++++++--
 spec/support/capybara.rb                      | 13 +++++++++
 3 files changed, 47 insertions(+), 3 deletions(-)

diff --git a/app/javascript/new_design/dossiers/auto-save.js b/app/javascript/new_design/dossiers/auto-save.js
index 1b4b9185c..d51bd1dda 100644
--- a/app/javascript/new_design/dossiers/auto-save.js
+++ b/app/javascript/new_design/dossiers/auto-save.js
@@ -62,6 +62,15 @@ addEventListener('autosave:end', () => {
 });
 
 addEventListener('autosave:error', (event) => {
+  let error = event.detail;
+
+  if (error.xhr.status == 401) {
+    // If we are unauthenticated, reload the page using a GET request.
+    // This will allow Devise to properly redirect us to sign-in, and then back to this page.
+    document.location.reload();
+    return;
+  }
+
   enable(document.querySelector('button.autosave-retry'));
   setState('failed');
   logError(event.detail);
diff --git a/spec/features/users/brouillon_spec.rb b/spec/features/users/brouillon_spec.rb
index f25662b73..30c127051 100644
--- a/spec/features/users/brouillon_spec.rb
+++ b/spec/features/users/brouillon_spec.rb
@@ -255,24 +255,46 @@ feature 'The user' do
       expect(page).to have_field('texte obligatoire', with: 'a valid user input')
     end
 
-    scenario 'retry on autosave error', js: true do
+    scenario 'retry on autosave error', :capybara_ignore_server_errors, js: true do
       log_in(user, simple_procedure)
       fill_individual
 
       # Test autosave failure
-      logout(:user) # Make the subsequent autosave requests fail
+      allow_any_instance_of(Users::DossiersController).to receive(:update_brouillon).and_raise("Server is busy")
       fill_in('texte obligatoire', with: 'a valid user input')
       blur
       expect(page).to have_css('span', text: 'Impossible d’enregistrer le brouillon', visible: true)
 
       # Test that retrying after a failure works
-      login_as(user, scope: :user) # Make the autosave requests work again
+      allow_any_instance_of(Users::DossiersController).to receive(:update_brouillon).and_call_original
       click_on 'réessayer'
       expect(page).to have_css('span', text: 'Brouillon enregistré', visible: true)
 
       visit current_path
       expect(page).to have_field('texte obligatoire', with: 'a valid user input')
     end
+
+    scenario 'autosave redirects to sign-in after being disconnected', js: true do
+      log_in(user, simple_procedure)
+      fill_individual
+
+      # When the user is disconnected
+      # (either because signing-out in another tab, or because the session cookie expired)
+      logout(:user)
+      fill_in('texte obligatoire', with: 'a valid user input')
+      blur
+
+      # … they are redirected to the sign-in page.
+      expect(page).to have_current_path(new_user_session_path)
+
+      # After sign-in, they are redirected back to their brouillon
+      sign_in_with(user.email, password)
+      expect(page).to have_current_path(brouillon_dossier_path(user_dossier))
+
+      fill_in('texte obligatoire', with: 'a valid user input')
+      blur
+      expect(page).to have_css('span', text: 'Brouillon enregistré', visible: true)
+    end
   end
 
   private
diff --git a/spec/support/capybara.rb b/spec/support/capybara.rb
index c8700a5e7..234aacbd9 100644
--- a/spec/support/capybara.rb
+++ b/spec/support/capybara.rb
@@ -47,3 +47,16 @@ Capybara::Screenshot.prune_strategy = :keep_last_run
 Capybara::Screenshot.register_driver :headless_chrome do |driver, path|
   driver.browser.save_screenshot(path)
 end
+
+RSpec.configure do |config|
+  # Examples tagged with :capybara_ignore_server_errors will allow Capybara
+  # to continue when an exception in raised by Rails.
+  # This allows to test for error cases.
+  config.around(:each, :capybara_ignore_server_errors) do |example|
+    Capybara.raise_server_errors = false
+
+    example.run
+  ensure
+    Capybara.raise_server_errors = true
+  end
+end