Merge branch 'dev'

This commit is contained in:
gregoirenovel 2018-01-18 13:37:11 +01:00
commit e4e51c66b6
122 changed files with 581 additions and 984 deletions

View file

@ -65,7 +65,7 @@ jobs:
- *bundle_install - *bundle_install
- run: - run:
name: Run rubocop name: Run rubocop
command: bundle exec rubocop -R command: bundle exec rubocop
- run: - run:
name: Run brakeman name: Run brakeman
command: bundle exec brakeman -z command: bundle exec brakeman -z

View file

@ -155,28 +155,28 @@ Layout/RescueEnsureAlignment:
Enabled: true Enabled: true
Layout/SpaceAfterColon: Layout/SpaceAfterColon:
Enabled: false Enabled: true
Layout/SpaceAfterComma: Layout/SpaceAfterComma:
Enabled: false Enabled: false
Layout/SpaceAfterMethodName: Layout/SpaceAfterMethodName:
Enabled: false Enabled: true
Layout/SpaceAfterNot: Layout/SpaceAfterNot:
Enabled: false Enabled: true
Layout/SpaceAfterSemicolon: Layout/SpaceAfterSemicolon:
Enabled: false Enabled: true
Layout/SpaceAroundBlockParameters: Layout/SpaceAroundBlockParameters:
Enabled: false Enabled: true
Layout/SpaceAroundEqualsInParameterDefault: Layout/SpaceAroundEqualsInParameterDefault:
Enabled: false Enabled: true
Layout/SpaceAroundKeyword: Layout/SpaceAroundKeyword:
Enabled: false Enabled: true
Layout/SpaceAroundOperators: Layout/SpaceAroundOperators:
Enabled: true Enabled: true
@ -185,52 +185,56 @@ Layout/SpaceBeforeBlockBraces:
Enabled: false Enabled: false
Layout/SpaceBeforeComma: Layout/SpaceBeforeComma:
Enabled: false Enabled: true
Layout/SpaceBeforeComment: Layout/SpaceBeforeComment:
Enabled: false Enabled: true
Layout/SpaceBeforeFirstArg: Layout/SpaceBeforeFirstArg:
Enabled: false Enabled: true
Layout/SpaceBeforeSemicolon: Layout/SpaceBeforeSemicolon:
Enabled: false Enabled: true
Layout/SpaceInLambdaLiteral: Layout/SpaceInLambdaLiteral:
Enabled: false Enabled: true
EnforcedStyle: require_space
Layout/SpaceInsideArrayPercentLiteral: Layout/SpaceInsideArrayPercentLiteral:
Enabled: false Enabled: true
Layout/SpaceInsideBlockBraces: Layout/SpaceInsideBlockBraces:
Enabled: false Enabled: true
Layout/SpaceInsideBrackets: Layout/SpaceInsideBrackets:
Enabled: false Enabled: true
Layout/SpaceInsideHashLiteralBraces: Layout/SpaceInsideHashLiteralBraces:
Enabled: true
Layout/SpaceInsideArrayLiteralBrackets:
Enabled: false Enabled: false
Layout/SpaceInsideParens: Layout/SpaceInsideParens:
Enabled: false Enabled: true
Layout/SpaceInsidePercentLiteralDelimiters: Layout/SpaceInsidePercentLiteralDelimiters:
Enabled: false Enabled: true
Layout/SpaceInsideRangeLiteral: Layout/SpaceInsideRangeLiteral:
Enabled: false Enabled: true
Layout/SpaceInsideStringInterpolation: Layout/SpaceInsideStringInterpolation:
Enabled: false Enabled: true
Layout/Tab: Layout/Tab:
Enabled: false Enabled: true
Layout/TrailingBlankLines: Layout/TrailingBlankLines:
Enabled: false Enabled: true
Layout/TrailingWhitespace: Layout/TrailingWhitespace:
Enabled: false Enabled: true
Lint/AmbiguousBlockAssociation: Lint/AmbiguousBlockAssociation:
Enabled: false Enabled: false
@ -317,9 +321,6 @@ Lint/IneffectiveAccessModifier:
Lint/InheritException: Lint/InheritException:
Enabled: false Enabled: false
Lint/InvalidCharacterLiteral:
Enabled: false
Lint/LiteralInCondition: Lint/LiteralInCondition:
Enabled: false Enabled: false
@ -381,7 +382,7 @@ Lint/StringConversionInInterpolation:
Enabled: false Enabled: false
Lint/Syntax: Lint/Syntax:
Enabled: false Enabled: true
Lint/UnderscorePrefixedVariableName: Lint/UnderscorePrefixedVariableName:
Enabled: false Enabled: false
@ -404,6 +405,12 @@ Lint/UnusedBlockArgument:
Lint/UnusedMethodArgument: Lint/UnusedMethodArgument:
Enabled: false Enabled: false
Lint/UriEscapeUnescape:
Enabled: false
Lint/UriRegexp:
Enabled: false
Lint/UselessAccessModifier: Lint/UselessAccessModifier:
Enabled: false Enabled: false
@ -452,6 +459,39 @@ Metrics/ParameterLists:
Metrics/PerceivedComplexity: Metrics/PerceivedComplexity:
Enabled: false Enabled: false
Naming/AccessorMethodName:
Enabled: false
Naming/AsciiIdentifiers:
Enabled: false
Naming/BinaryOperatorParameterName:
Enabled: false
Naming/ClassAndModuleCamelCase:
Enabled: false
Naming/ConstantName:
Enabled: false
Naming/FileName:
Enabled: false
Naming/HeredocDelimiterNaming:
Enabled: false
Naming/MethodName:
Enabled: false
Naming/PredicateName:
Enabled: false
Naming/VariableName:
Enabled: false
Naming/VariableNumber:
Enabled: false
Performance/Caller: Performance/Caller:
Enabled: true Enabled: true
@ -539,6 +579,9 @@ Rails/ApplicationRecord:
Rails/Blank: Rails/Blank:
Enabled: false Enabled: false
Rails/CreateTableWithTimestamps:
Enabled: false
Rails/Date: Rails/Date:
Enabled: false Enabled: false
@ -554,6 +597,9 @@ Rails/DynamicFindBy:
Rails/EnumUniqueness: Rails/EnumUniqueness:
Enabled: false Enabled: false
Rails/EnvironmentComparison:
Enabled: false
Rails/Exit: Rails/Exit:
Enabled: false Enabled: false
@ -569,9 +615,18 @@ Rails/FindEach:
Rails/HasAndBelongsToMany: Rails/HasAndBelongsToMany:
Enabled: false Enabled: false
Rails/HasManyOrHasOneDependent:
Enabled: false
Rails/HttpPositionalArguments: Rails/HttpPositionalArguments:
Enabled: false Enabled: false
Rails/InverseOf:
Enabled: false
Rails/LexicallyScopedActionFilter:
Enabled: false
Rails/NotNullColumn: Rails/NotNullColumn:
Enabled: false Enabled: false
@ -584,6 +639,9 @@ Rails/OutputSafety:
Rails/PluralizationGrammar: Rails/PluralizationGrammar:
Enabled: false Enabled: false
Rails/Presence:
Enabled: false
Rails/Present: Rails/Present:
Enabled: true Enabled: true
@ -617,11 +675,14 @@ Rails/TimeZone:
Rails/UniqBeforePluck: Rails/UniqBeforePluck:
Enabled: false Enabled: false
Rails/UnknownEnv:
Enabled: false
Rails/Validation: Rails/Validation:
Enabled: false Enabled: false
Rails: Rails:
Enabled: false Enabled: true
RSpec/Focused: RSpec/Focused:
Enabled: true Enabled: true
@ -638,9 +699,6 @@ Security/MarshalLoad:
Security/YAMLLoad: Security/YAMLLoad:
Enabled: false Enabled: false
Style/AccessorMethodName:
Enabled: false
Style/Alias: Style/Alias:
Enabled: false Enabled: false
@ -653,9 +711,6 @@ Style/ArrayJoin:
Style/AsciiComments: Style/AsciiComments:
Enabled: false Enabled: false
Style/AsciiIdentifiers:
Enabled: false
Style/Attr: Style/Attr:
Enabled: false Enabled: false
@ -683,9 +738,6 @@ Style/CaseEquality:
Style/CharacterLiteral: Style/CharacterLiteral:
Enabled: false Enabled: false
Style/ClassAndModuleCamelCase:
Enabled: false
Style/ClassAndModuleChildren: Style/ClassAndModuleChildren:
Enabled: false Enabled: false
@ -710,13 +762,16 @@ Style/CommandLiteral:
Style/CommentAnnotation: Style/CommentAnnotation:
Enabled: false Enabled: false
Style/CommentedKeyword:
Enabled: false
Style/ConditionalAssignment: Style/ConditionalAssignment:
Enabled: false Enabled: false
Style/ConstantName: Style/Copyright:
Enabled: false Enabled: false
Style/Copyright: Style/DateTime:
Enabled: false Enabled: false
Style/DefWithParentheses: Style/DefWithParentheses:
@ -755,10 +810,10 @@ Style/Encoding:
Style/EndBlock: Style/EndBlock:
Enabled: false Enabled: false
Style/EvenOdd: Style/EvalWithLocation:
Enabled: false Enabled: false
Style/FileName: Style/EvenOdd:
Enabled: false Enabled: false
Style/FlipFlop: Style/FlipFlop:
@ -839,15 +894,15 @@ Style/MethodDefParentheses:
Style/MethodMissing: Style/MethodMissing:
Enabled: false Enabled: false
Style/MethodName:
Enabled: false
Style/MissingElse: Style/MissingElse:
Enabled: false Enabled: false
Style/MixinGrouping: Style/MixinGrouping:
Enabled: false Enabled: false
Style/MixinUsage:
Enabled: false
Style/ModuleFunction: Style/ModuleFunction:
Enabled: false Enabled: false
@ -911,9 +966,6 @@ Style/NumericPredicate:
Style/OneLineConditional: Style/OneLineConditional:
Enabled: false Enabled: false
Style/OpMethod:
Enabled: false
Style/OptionHash: Style/OptionHash:
Enabled: false Enabled: false
@ -935,9 +987,6 @@ Style/PercentQLiterals:
Style/PerlBackrefs: Style/PerlBackrefs:
Enabled: false Enabled: false
Style/PredicateName:
Enabled: false
Style/PreferredHashMethods: Style/PreferredHashMethods:
Enabled: false Enabled: false
@ -947,6 +996,9 @@ Style/Proc:
Style/RaiseArgs: Style/RaiseArgs:
Enabled: false Enabled: false
Style/RandomWithOffset:
Enabled: false
Style/RedundantBegin: Style/RedundantBegin:
Enabled: false Enabled: false
@ -971,6 +1023,9 @@ Style/RegexpLiteral:
Style/RescueModifier: Style/RescueModifier:
Enabled: false Enabled: false
Style/RescueStandardError:
Enabled: false
Style/SafeNavigation: Style/SafeNavigation:
Enabled: false Enabled: false
@ -1049,12 +1104,6 @@ Style/UnneededPercentQ:
Style/VariableInterpolation: Style/VariableInterpolation:
Enabled: false Enabled: false
Style/VariableName:
Enabled: false
Style/VariableNumber:
Enabled: false
Style/WhenThen: Style/WhenThen:
Enabled: false Enabled: false

View file

@ -20,6 +20,8 @@ gem 'sdoc', '~> 0.4.0', group: :doc
# Enable deep clone of active record models # Enable deep clone of active record models
gem 'deep_cloneable', '~> 2.2.1' gem 'deep_cloneable', '~> 2.2.1'
gem 'warden', git: 'https://github.com/hassox/warden.git', branch: 'master'
# Use Unicorn as the app server # Use Unicorn as the app server
gem 'unicorn' gem 'unicorn'

View file

@ -1,3 +1,11 @@
GIT
remote: https://github.com/hassox/warden.git
revision: a4b197e0b28e7b576b0745b0f6aeaed8dbb774a4
branch: master
specs:
warden (1.2.8)
rack (>= 1.0)
GIT GIT
remote: https://github.com/mina-deploy/mina.git remote: https://github.com/mina-deploy/mina.git
revision: 343a7ab672d8b4f0ddb84ec240cde7d94b46397a revision: 343a7ab672d8b4f0ddb84ec240cde7d94b46397a
@ -133,6 +141,7 @@ GEM
carrierwave (>= 0.9) carrierwave (>= 0.9)
crack (0.4.3) crack (0.4.3)
safe_yaml (~> 1.0.0) safe_yaml (~> 1.0.0)
crass (1.0.3)
daemons (1.2.4) daemons (1.2.4)
database_cleaner (1.5.3) database_cleaner (1.5.3)
datetime_picker_rails (0.0.7) datetime_picker_rails (0.0.7)
@ -142,7 +151,7 @@ GEM
activerecord (>= 3.1.0, < 5.2.0) activerecord (>= 3.1.0, < 5.2.0)
delayed_cron_job (0.7.2) delayed_cron_job (0.7.2)
delayed_job (>= 4.1) delayed_job (>= 4.1)
delayed_job (4.1.3) delayed_job (4.1.4)
activesupport (>= 3.0, < 5.2) activesupport (>= 3.0, < 5.2)
delayed_job_active_record (4.1.2) delayed_job_active_record (4.1.2)
activerecord (>= 3.0, < 5.2) activerecord (>= 3.0, < 5.2)
@ -151,14 +160,14 @@ GEM
activerecord (> 3.0.0) activerecord (> 3.0.0)
delayed_job (> 2.0.3) delayed_job (> 2.0.3)
sinatra (>= 1.4.4) sinatra (>= 1.4.4)
devise (4.2.0) devise (4.4.0)
bcrypt (~> 3.0) bcrypt (~> 3.0)
orm_adapter (~> 0.1) orm_adapter (~> 0.1)
railties (>= 4.1.0, < 5.1) railties (>= 4.1.0, < 5.2)
responders responders
warden (~> 1.2.3) warden (~> 1.2.3)
diff-lcs (1.2.5) diff-lcs (1.2.5)
domain_name (0.5.20161129) domain_name (0.5.20170404)
unf (>= 0.0.5, < 1.0.0) unf (>= 0.0.5, < 1.0.0)
dotenv (2.2.0) dotenv (2.2.0)
dotenv-rails (2.2.0) dotenv-rails (2.2.0)
@ -389,7 +398,7 @@ GEM
leaflet-markercluster-rails (0.7.0) leaflet-markercluster-rails (0.7.0)
railties (>= 3.1) railties (>= 3.1)
leaflet-rails (0.7.7) leaflet-rails (0.7.7)
libv8 (3.16.14.17) libv8 (3.16.14.19)
listen (3.1.5) listen (3.1.5)
rb-fsevent (~> 0.9, >= 0.9.4) rb-fsevent (~> 0.9, >= 0.9.4)
rb-inotify (~> 0.9, >= 0.9.7) rb-inotify (~> 0.9, >= 0.9.7)
@ -400,7 +409,8 @@ GEM
activesupport (>= 4.0) activesupport (>= 4.0)
logstash-event (~> 1.2.0) logstash-event (~> 1.2.0)
request_store request_store
loofah (2.0.3) loofah (2.1.1)
crass (~> 1.0.2)
nokogiri (>= 1.5.9) nokogiri (>= 1.5.9)
lumberjack (1.0.10) lumberjack (1.0.10)
mail (2.6.4) mail (2.6.4)
@ -416,7 +426,7 @@ GEM
mime-types-data (3.2016.0521) mime-types-data (3.2016.0521)
mimemagic (0.3.2) mimemagic (0.3.2)
mini_portile2 (2.3.0) mini_portile2 (2.3.0)
minitest (5.10.3) minitest (5.11.1)
momentjs-rails (2.17.1) momentjs-rails (2.17.1)
railties (>= 3.1) railties (>= 3.1)
multi_json (1.12.1) multi_json (1.12.1)
@ -465,9 +475,9 @@ GEM
openstack (3.3.7) openstack (3.3.7)
json json
orm_adapter (0.5.0) orm_adapter (0.5.0)
parallel (1.11.2) parallel (1.12.1)
parser (2.4.0.0) parser (2.4.0.2)
ast (~> 2.2) ast (~> 2.3)
pdf-core (0.6.1) pdf-core (0.6.1)
pg (0.19.0) pg (0.19.0)
powerpack (0.1.1) powerpack (0.1.1)
@ -485,7 +495,7 @@ GEM
byebug (~> 9.0) byebug (~> 9.0)
pry (~> 0.10) pry (~> 0.10)
public_suffix (2.0.5) public_suffix (2.0.5)
rack (2.0.1) rack (2.0.3)
rack-handlers (0.7.3) rack-handlers (0.7.3)
rack rack
rack-mini-profiler (0.10.7) rack-mini-profiler (0.10.7)
@ -527,10 +537,9 @@ GEM
method_source method_source
rake (>= 0.8.7) rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0) thor (>= 0.18.1, < 2.0)
rainbow (2.2.2) rainbow (3.0.0)
rake
raindrops (0.17.0) raindrops (0.17.0)
rake (12.0.0) rake (12.3.0)
rb-fsevent (0.9.8) rb-fsevent (0.9.8)
rb-inotify (0.9.7) rb-inotify (0.9.7)
ffi (>= 0.5.0) ffi (>= 0.5.0)
@ -542,9 +551,10 @@ GEM
rdoc (4.3.0) rdoc (4.3.0)
ref (2.0.0) ref (2.0.0)
request_store (1.3.1) request_store (1.3.1)
responders (2.3.0) responders (2.4.0)
railties (>= 4.2.0, < 5.1) actionpack (>= 4.2.0, < 5.3)
rest-client (2.0.0) railties (>= 4.2.0, < 5.3)
rest-client (2.0.2)
http-cookie (>= 1.0.2, < 2.0) http-cookie (>= 1.0.2, < 2.0)
mime-types (>= 1.16, < 4.0) mime-types (>= 1.16, < 4.0)
netrc (~> 0.8) netrc (~> 0.8)
@ -578,16 +588,16 @@ GEM
rspec-support (3.5.0) rspec-support (3.5.0)
rspec_junit_formatter (0.3.0) rspec_junit_formatter (0.3.0)
rspec-core (>= 2, < 4, != 2.12.0) rspec-core (>= 2, < 4, != 2.12.0)
rubocop (0.49.1) rubocop (0.52.1)
parallel (~> 1.10) parallel (~> 1.10)
parser (>= 2.3.3.1, < 3.0) parser (>= 2.4.0.2, < 3.0)
powerpack (~> 0.1) powerpack (~> 0.1)
rainbow (>= 1.99.1, < 3.0) rainbow (>= 2.2.2, < 4.0)
ruby-progressbar (~> 1.7) ruby-progressbar (~> 1.7)
unicode-display_width (~> 1.0, >= 1.0.1) unicode-display_width (~> 1.0, >= 1.0.1)
rubocop-rspec-focused (0.1.0) rubocop-rspec-focused (0.1.0)
rubocop (>= 0.37) rubocop (>= 0.37)
ruby-progressbar (1.8.1) ruby-progressbar (1.9.0)
ruby_dep (1.5.0) ruby_dep (1.5.0)
ruby_parser (3.10.1) ruby_parser (3.10.1)
sexp_processor (~> 4.9) sexp_processor (~> 4.9)
@ -660,10 +670,10 @@ GEM
i18n i18n
json (>= 1.4.3) json (>= 1.4.3)
sysexits (1.2.0) sysexits (1.2.0)
therubyracer (0.12.2) therubyracer (0.12.3)
libv8 (~> 3.16.14.0) libv8 (~> 3.16.14.15)
ref ref
thor (0.19.4) thor (0.20.0)
thread_safe (0.3.6) thread_safe (0.3.6)
tilt (2.0.8) tilt (2.0.8)
timecop (0.8.1) timecop (0.8.1)
@ -674,12 +684,12 @@ GEM
turbolinks-source (5.0.0) turbolinks-source (5.0.0)
tzinfo (1.2.4) tzinfo (1.2.4)
thread_safe (~> 0.1) thread_safe (~> 0.1)
uglifier (3.0.4) uglifier (4.1.3)
execjs (>= 0.3.0, < 3) execjs (>= 0.3.0, < 3)
unf (0.1.4) unf (0.1.4)
unf_ext unf_ext
unf_ext (0.0.7.2) unf_ext (0.0.7.4)
unicode-display_width (1.2.1) unicode-display_width (1.3.0)
unicode_utils (1.4.0) unicode_utils (1.4.0)
unicorn (5.2.0) unicorn (5.2.0)
kgio (~> 2.6) kgio (~> 2.6)
@ -692,8 +702,6 @@ GEM
activemodel (>= 3.0.0) activemodel (>= 3.0.0)
addressable addressable
vcr (3.0.3) vcr (3.0.3)
warden (1.2.6)
rack (>= 1.0)
web-console (3.4.0) web-console (3.4.0)
actionview (>= 5.0) actionview (>= 5.0)
activemodel (>= 5.0) activemodel (>= 5.0)
@ -804,6 +812,7 @@ DEPENDENCIES
unicode_utils unicode_utils
unicorn unicorn
vcr vcr
warden!
web-console web-console
webmock webmock
xray-rails xray-rails

View file

@ -21,6 +21,9 @@ Téléprocédures Simplifiées, ou TPS pour les intimes, est une plateforme 100
### Tests ### Tests
- Chrome - Chrome
- chromedriver :
* Mac : `brew install chromedriver`
* Linux : voir https://sites.google.com/a/chromium.org/chromedriver/downloads
## Initialisation de l'environnement de développement ## Initialisation de l'environnement de développement
@ -116,7 +119,7 @@ Pour exécuter les tests de l'application, plusieurs possibilités :
## Linting ## Linting
- Faire tourner RuboCop : `bundle exec rubocop -R` - Faire tourner RuboCop : `bundle exec rubocop`
- Faire tourner Brakeman : `bundle exec brakeman -z` - Faire tourner Brakeman : `bundle exec brakeman -z`
- Linter les fichiers HAML : `bundle exec haml-lint app/views/` - Linter les fichiers HAML : `bundle exec haml-lint app/views/`
- Linter les fichiers SCSS : `bundle exec scss-lint app/assets/stylesheets/` - Linter les fichiers SCSS : `bundle exec scss-lint app/assets/stylesheets/`

View file

@ -3,7 +3,7 @@ class Administrations::OmniauthCallbacksController < Devise::OmniauthCallbacksCo
administration = Administration.from_omniauth(request.env["omniauth.auth"]) administration = Administration.from_omniauth(request.env["omniauth.auth"])
if administration.present? if administration.present?
sign_in administration sign_in administration
redirect_to administrations_path redirect_to manager_administrateurs_path
else else
flash[:alert] = "Compte GitHub non autorisé" flash[:alert] = "Compte GitHub non autorisé"
redirect_to root_path redirect_to root_path

View file

@ -1,39 +0,0 @@
class AdministrationsController < ApplicationController
include SmartListing::Helper::ControllerExtensions
helper SmartListing::Helper
before_action :authenticate_administration!
def index
@admin = Administrateur.new
@admins = smart_listing_create :admins,
Administrateur.all.order(:email),
partial: "administrations/list",
array: true
end
def create
administrateur = current_administration.invite_admin(create_administrateur_params[:email])
if administrateur.errors.empty?
flash.notice = "Administrateur créé"
else
flash.alert = administrateur.errors.full_messages
end
redirect_to administrations_path
end
def update
Administrateur.find_inactive_by_id(params[:id]).invite!
redirect_to administrations_path
end
private
def create_administrateur_params
params.require(:administrateur).permit(:email)
end
end

View file

@ -1,16 +1,4 @@
class CommentairesController < ApplicationController class CommentairesController < ApplicationController
def index
@facade = DossierFacades.new(
params[:dossier_id],
(current_gestionnaire || current_user).email,
params[:champs_id]
)
render layout: false
rescue ActiveRecord::RecordNotFound
flash.alert = t('errors.messages.dossier_not_found')
redirect_to url_for(controller: '/')
end
def create def create
@commentaire = Commentaire.new @commentaire = Commentaire.new
@commentaire.champ = @commentaire.dossier.champs.find(params[:champ_id]) if params[:champ_id] @commentaire.champ = @commentaire.dossier.champs.find(params[:champ_id]) if params[:champ_id]

View file

@ -1,87 +1,39 @@
class FranceConnect::ParticulierController < ApplicationController class FranceConnect::ParticulierController < ApplicationController
before_action :redirect_to_login_if_fc_aborted, only: [:callback]
def login def login
redirect_to FranceConnectService.authorization_uri redirect_to FranceConnectService.authorization_uri
end end
def callback def callback
if params[:code].nil? fetched_fci = FranceConnectService.retrieve_user_informations_particulier(params[:code])
return redirect_to new_user_session_path
fci = FranceConnectInformation
.find_by(france_connect_particulier_id: fetched_fci[:france_connect_particulier_id]) ||
fetched_fci.tap { |object| object.save }
if fci.user.nil?
user = User.find_or_create_by(email: fci.email_france_connect) do |new_user|
new_user.password = Devise.friendly_token[0, 20]
end end
fetched_fc_information = FranceConnectService.retrieve_user_informations_particulier(params[:code]) fci.update_attribute('user_id', user.id)
france_connect_information = FranceConnectInformation
.find_by(france_connect_particulier_id: fetched_fc_information[:france_connect_particulier_id])
if france_connect_information.nil?
fetched_fc_information.save
france_connect_information = fetched_fc_information
end end
user = france_connect_information.user connect_france_connect_particulier(fci.user)
salt = FranceConnectSaltService.new(france_connect_information).salt
if user.nil?
redirect_to france_connect_particulier_new_path(fci_id: france_connect_information.id, salt: salt)
else
connect_france_connect_particulier(user)
end
rescue Rack::OAuth2::Client::Error => e rescue Rack::OAuth2::Client::Error => e
Rails.logger.error e.message Rails.logger.error e.message
redirect_france_connect_error_connection redirect_france_connect_error_connection
end end
def new
return redirect_france_connect_error_connection if !valid_salt_and_fci_id_params?
france_connect_information = FranceConnectInformation.find(params[:fci_id])
@user = User.new(france_connect_information: france_connect_information).decorate
rescue ActiveRecord::RecordNotFound
redirect_france_connect_error_connection
end
def check_email
return redirect_france_connect_error_connection if !valid_salt_and_fci_id_params?
user = User.find_by_email(params[:user][:email_france_connect])
return create if user.nil?
if params[:user][:password].present?
if user.valid_password?(params[:user][:password])
user.france_connect_information = FranceConnectInformation.find(params[:fci_id])
return connect_france_connect_particulier user
else
flash.now.alert = 'Mot de passe invalide'
end
end
france_connect_information = FranceConnectInformation.find(params[:fci_id])
france_connect_information.update_attribute(:email_france_connect, params[:user][:email_france_connect])
@user = User.new(france_connect_information: france_connect_information).decorate
end
def create
user = User.new email: params[:user][:email_france_connect]
user.password = Devise.friendly_token[0, 20]
if !user.valid?
flash.alert = 'Email non valide'
return redirect_to france_connect_particulier_new_path fci_id: params[:fci_id], salt: params[:salt], user: {email_france_connect: params[:user]['email_france_connect']}
end
user.save
FranceConnectInformation.find(params[:fci_id]).update_attribute(:user, user)
connect_france_connect_particulier user
end
private private
def redirect_to_login_if_fc_aborted
if params[:code].empty?
redirect_to new_user_session_path
end
end
def connect_france_connect_particulier user def connect_france_connect_particulier user
sign_out :user if user_signed_in? sign_out :user if user_signed_in?
sign_out :gestionnaire if gestionnaire_signed_in? sign_out :gestionnaire if gestionnaire_signed_in?
@ -89,19 +41,13 @@ class FranceConnect::ParticulierController < ApplicationController
sign_in user sign_in user
user.loged_in_with_france_connect = 'particulier' user.update_attribute('loged_in_with_france_connect', 'particulier')
user.save
redirect_to stored_location_for(current_user) || signed_in_root_path(current_user) redirect_to stored_location_for(current_user) || root_path(current_user)
end end
def redirect_france_connect_error_connection def redirect_france_connect_error_connection
flash.alert = t('errors.messages.france_connect.connexion') flash.alert = t('errors.messages.france_connect.connexion')
redirect_to(new_user_session_path) redirect_to(new_user_session_path)
end end
def valid_salt_and_fci_id_params?
france_connect_information = FranceConnectInformation.find(params[:fci_id])
FranceConnectSaltService.new(france_connect_information).valid? params[:salt]
end
end end

View file

@ -1,21 +1,28 @@
module Manager module Manager
class AdministrateursController < Manager::ApplicationController class AdministrateursController < Manager::ApplicationController
# To customize the behavior of this controller, def create
# simply overwrite any of the RESTful actions. For example: administrateur = current_administration.invite_admin(create_administrateur_params[:email])
#
# def index
# super
# @resources = Administrateur.
# page(params[:page]).
# per(10)
# end
# Define a custom finder by overriding the `find_resource` method: if administrateur.errors.empty?
# def find_resource(param) flash.notice = "Administrateur créé"
# Administrateur.find_by!(slug: param) redirect_to manager_administrateurs_path
# end else
render :new, locals: {
# See https://administrate-prototype.herokuapp.com/customizing_controller_actions page: Administrate::Page::Form.new(dashboard, administrateur),
# for more information }
end
end
def reinvite
Administrateur.find_inactive_by_id(params[:id]).invite!
flash.notice = "Invitation renvoyée"
redirect_to manager_administrateur_path(params[:id])
end
private
def create_administrateur_params
params.require(:administrateur).permit(:email)
end
end end
end end

View file

@ -1,23 +1,21 @@
# All Administrate controllers inherit from this `Admin::ApplicationController`,
# making it the ideal place to put authentication logic or other
# before_actions.
#
# If you want to add pagination or other controller-level concerns,
# you're free to overwrite the RESTful controller actions.
module Manager module Manager
class ApplicationController < Administrate::ApplicationController class ApplicationController < Administrate::ApplicationController
before_action :authenticate_administration! before_action :authenticate_administration!
before_action :default_params before_action :default_params
# Override this value to specify the number of elements to display at a time
# on index pages. Defaults to 20.
# def records_per_page
# params[:per_page] || 20
# end
def default_params def default_params
params[:order] ||= "created_at" params[:order] ||= "created_at"
params[:direction] ||= "desc" params[:direction] ||= "desc"
end end
protected
def authenticate_administration!
if administration_signed_in?
super
else
redirect_to manager_sign_in_path
end
end
end end
end end

View file

@ -9,7 +9,7 @@ class RootController < ApplicationController
elsif user_signed_in? elsif user_signed_in?
return redirect_to users_dossiers_path return redirect_to users_dossiers_path
elsif administration_signed_in? elsif administration_signed_in?
return redirect_to administrations_path return redirect_to manager_root_path
end end
render 'landing' render 'landing'

View file

@ -12,7 +12,9 @@ class AdministrateurDashboard < Administrate::BaseDashboard
email: Field::String, email: Field::String,
created_at: Field::DateTime, created_at: Field::DateTime,
updated_at: Field::DateTime, updated_at: Field::DateTime,
procedures: Field::HasMany, procedures: Field::HasMany.with_options(limit: 20),
registration_state: Field::String.with_options(searchable: false),
current_sign_in_at: Field::DateTime,
}.freeze }.freeze
# COLLECTION_ATTRIBUTES # COLLECTION_ATTRIBUTES
@ -24,6 +26,7 @@ class AdministrateurDashboard < Administrate::BaseDashboard
:email, :email,
:created_at, :created_at,
:procedures, :procedures,
:registration_state,
].freeze ].freeze
# SHOW_PAGE_ATTRIBUTES # SHOW_PAGE_ATTRIBUTES
@ -33,13 +36,17 @@ class AdministrateurDashboard < Administrate::BaseDashboard
:email, :email,
:created_at, :created_at,
:updated_at, :updated_at,
:registration_state,
:current_sign_in_at,
:procedures, :procedures,
].freeze ].freeze
# FORM_ATTRIBUTES # FORM_ATTRIBUTES
# an array of attributes that will be displayed # an array of attributes that will be displayed
# on the model's form (`new` and `edit`) pages. # on the model's form (`new` and `edit`) pages.
FORM_ATTRIBUTES = [].freeze FORM_ATTRIBUTES = [
:email
].freeze
# Overwrite this method to customize how procedures are displayed # Overwrite this method to customize how procedures are displayed
# across all pages of the admin dashboard. # across all pages of the admin dashboard.

View file

@ -1,16 +0,0 @@
class FranceConnectSaltService
attr_reader :model
def initialize france_connect_information
raise 'Not a FranceConnectInformation class' if france_connect_information.class != FranceConnectInformation
@model = france_connect_information
end
def valid? test_salt
salt == test_salt
end
def salt
Digest::MD5.hexdigest(model.france_connect_particulier_id + model.given_name + model.family_name + FRANCE_CONNECT[:particulier][:secret] + DateTime.now.to_date.to_s)
end
end

View file

@ -1,37 +0,0 @@
.card
- if smart_listing.present?
%table.table
%thead
%th.col-xs-4= smart_listing.sortable 'Email', :email
%th.col-xs-4= smart_listing.sortable 'Date de dernière connexion', :last_sign_in_at
%th.col-xs-2 État
%th.col-xs-2 Procédure active
%th.col-xs-2 Dossier en cours
- @admins.each do |admin|
%tr
%td
= admin.email
%td
- if admin.last_sign_in_at.present?
= time_ago_in_words(l(admin.last_sign_in_at, format: "%d/%m/%Y %H:%M UTC +02:00"))
(
= admin.last_sign_in_at.localtime.strftime('%d/%m/%Y')
)
%td
- if admin.invitation_expired?
= link_to admin.registration_state, administration_path(admin), remote: true, method: :patch
- else
= admin.registration_state
%td
= admin.procedures.publiees.count
%td
- total_dossier = 0
- admin.procedures.each do |procedure| total_dossier += procedure.dossiers.state_not_brouillon.count end
= total_dossier
= smart_listing.paginate
= smart_listing.pagination_per_page_links
- else
%h4.center
Aucun administrateur créé

View file

@ -1,15 +0,0 @@
.container
.mt-1
= form_for @admin, url: { controller: 'administrations', action: :create } do |f|
.form-group.form-inline.text-center
= f.text_field :email, placeholder: :email, class: 'form-control'
= f.submit 'Créer un administrateur', class: 'btn btn-success', id: 'submit_new_administrateur'
= smart_listing_render :admins
%br
%br
.text-center
= link_to 'Deconnexion', administrations_sign_out_path, method: :delete

View file

@ -1 +0,0 @@
<%= smart_listing_update :admins %>

View file

@ -1,23 +0,0 @@
%h2.text-info
= image_tag('logo_FC_02_small.png', style: 'height: 55px;')
&nbsp;France Connect - Particulier
%h3 Nouvelle connexion
%h4.text-warning{ style: 'margin-left: 20px;' } Email déjà utilisé
%br
%p
%h4.center Nous avons trouvé un compte qui utilise déjà cette adresse email.
%p.center
Afin d'associer ce compte à votre identifiant France Connect, merci de saisir votre mot de passe TPS.
%br
.center
#france-connect-particulier-email
= form_for @user, url: { controller: 'france_connect/particulier', action: :check_email }, method: :post do |f|
.form-group.form-group-lg
= f.text_field :email_france_connect, class: "form-control", readonly: 'readonly'
%br
= f.password_field :password, class: "form-control", placeholder: "Entrez votre mot de passe"
= hidden_field_tag :fci_id, params[:fci_id]
= hidden_field_tag :salt, params[:salt]
= f.submit 'Terminer', class: %w(btn btn-lg btn-success), style: 'margin-top: 20px;', id: 'valid_new_fcp'

View file

@ -1,32 +0,0 @@
%h2.text-info
= image_tag('logo_FC_02_small.png', style: 'height: 55px;')
&nbsp;France Connect - Particulier
%h3 Nouvelle connexion
%br
%p
Nous vous avons identifié comme étant
%h4.text-info.center
%strong
= @user.gender_fr
= @user.given_name
= @user.family_name
né le
%strong
= @user.birthdate_fr
%br
%h4
Afin de finaliser votre première connexion à TPS, merci de saisir un email valide :
%br
.center
#france-connect-particulier-email
= form_for @user, url: { controller: 'france_connect/particulier', action: :check_email }, method: :post do |f|
.form-group.form-group-lg
= f.text_field :email_france_connect, class: "form-control", placeholder: "Entrez votre email"
= hidden_field_tag :fci_id, params[:fci_id]
= hidden_field_tag :salt, params[:salt]
= f.submit 'Terminer', class: %w(btn btn-lg btn-success), style: 'margin-top: 20px;', id: 'valid_new_fcp'

View file

@ -45,7 +45,7 @@
= current_email = current_email
- if administration_signed_in? - if administration_signed_in?
%li %li
= link_to administrations_path, class: "menu-item menu-link" do = link_to manager_root_path, class: "menu-item menu-link" do
= image_tag "icons/super-admin.svg" = image_tag "icons/super-admin.svg"
Passer en super-admin Passer en super-admin
- if SwitchDeviseProfileService.new(warden).multiple_devise_profile_connect? - if SwitchDeviseProfileService.new(warden).multiple_devise_profile_connect?

View file

@ -0,0 +1,16 @@
- content_for(:title) do
= display_resource_name(page.resource_name)
- content_for(:search) do
- if show_search_bar
= render "search", search_term: search_term
%header.header
%h1.header__heading#page-title
= content_for(:title)
.header__actions
= link_to 'nouveau', new_manager_administrateur_path, class: 'button'
= render "collection", collection_presenter: page, resources: resources
= paginate resources

View file

@ -0,0 +1,15 @@
- content_for(:title) { page.page_title }
%header.header
%h1.header__heading= content_for(:title)
.header__actions
- if page.resource.invitation_expired?
= link_to "renvoyer l'invitation", reinvite_manager_administrateur_path(page.resource), method: :post, class: "button"
%dl
- page.attributes.each do |attribute|
%dt.attribute-label
= t("helpers.label.#{resource_name}.#{attribute.name}", default: attribute.name.titleize)
%dd.attribute-data{ class: "attribute-data--#{attribute.html_class}" }
= render_field attribute

View file

@ -1,21 +1,3 @@
-# # Collection
-#
-# This partial is used on the `index` and `show` pages
-# to display a collection of resources in an HTML table.
-#
-# ## Local variables:
-#
-# - `collection_presenter`:
-# An instance of [Administrate::Page::Collection][1].
-# The table presenter uses `ResourceDashboard::COLLECTION_ATTRIBUTES` to determine
-# the columns displayed in the table
-# - `resources`:
-# An ActiveModel::Relation collection of resources to be displayed in the table.
-# By default, the number of resources is limited by pagination
-# or by a hard limit to prevent excessive page load times
-#
-# [1]: http://www.rubydoc.info/gems/administrate/Administrate/Page/Collection
%table.collection-data{ "aria-labelledby": "page-title" } %table.collection-data{ "aria-labelledby": "page-title" }
%thead %thead
%tr %tr

View file

@ -1,14 +1,3 @@
-# # Flash Partial
-#
-# This partial renders flash messages on every page.
-#
-# ## Relevant Helpers:
-#
-# - `flash`:
-# Returns a hash,
-# where the keys are the type of flash (alert, error, notice, etc)
-# and the values are the message to be displayed.
- if flash.any? - if flash.any?
.flashes .flashes
- flash.each do |key, value| - flash.each do |key, value|

View file

@ -1,10 +1,3 @@
-# # Javascript Partial
-#
-# This partial imports the necessary javascript on each page.
-# By default, it includes the application JS,
-# but each page can define additional JS sources
-# by providing a `content_for(:javascript)` block.
- Administrate::Engine.javascripts.each do |js_path| - Administrate::Engine.javascripts.each do |js_path|
= javascript_include_tag js_path = javascript_include_tag js_path

View file

@ -1,13 +1,6 @@
-# # Sidebar
-#
-# This partial is used to display the sidebar in Administrate.
-# By default, the sidebar contains navigation links
-# for all resources in the admin dashboard,
-# as defined by the routes in the `admin/` namespace
%ul.sidebar__list %ul.sidebar__list
%li %li
= link_to "Se déconnecter", administrations_sign_out_path, method: :delete, class: "sidebar__link" = link_to "Se déconnecter", manager_sign_out_path, method: :delete, class: "sidebar__link"
%hr{ style: "margin-bottom: 0;" } %hr{ style: "margin-bottom: 0;" }
@ -15,3 +8,9 @@
- Administrate::Namespace.new(namespace).resources.each do |resource| - Administrate::Namespace.new(namespace).resources.each do |resource|
%li %li
= link_to(display_resource_name(resource), [namespace, resource], class: "sidebar__link sidebar__link--#{nav_link_state(resource)}") = link_to(display_resource_name(resource), [namespace, resource], class: "sidebar__link sidebar__link--#{nav_link_state(resource)}")
%hr{ style: "margin-bottom: 0;" }
%ul.sidebar__list
%li
= link_to "Delayed Job", manager_delayed_job_path, class: "sidebar__link"

View file

@ -1,26 +1,3 @@
-# # Index
-#
-# This view is the template for the index page.
-# It is responsible for rendering the search bar, header and pagination.
-# It renders the `_table` partial to display details about the resources.
-#
-# ## Local variables:
-#
-# - `page`:
-# An instance of [Administrate::Page::Collection][1].
-# Contains helper methods to help display a table,
-# and knows which attributes should be displayed in the resource's table.
-# - `resources`:
-# An instance of `ActiveRecord::Relation` containing the resources
-# that match the user's search criteria.
-# By default, these resources are passed to the table partial to be displayed.
-# - `search_term`:
-# A string containing the term the user has searched for, if any.
-# - `show_search_bar`:
-# A boolean that determines if the search bar should be shown.
-#
-# [1]: http://www.rubydoc.info/gems/administrate/Administrate/Page/Collection
- content_for(:title) do - content_for(:title) do
= display_resource_name(page.resource_name) = display_resource_name(page.resource_name)

View file

@ -1,19 +1,3 @@
-# # Show
-#
-# This view is the template for the show page.
-# It renders the attributes of a resource,
-# as well as a link to its edit page.
-#
-# ## Local variables:
-#
-# - `page`:
-# An instance of [Administrate::Page::Show][1].
-# Contains methods for accessing the resource to be displayed on the page,
-# as well as helpers for describing how each attribute of the resource
-# should be displayed.
-#
-# [1]: http://www.rubydoc.info/gems/administrate/Administrate/Page/Show
- content_for(:title) { page.page_title } - content_for(:title) { page.page_title }
%header.header %header.header

View file

@ -1,19 +1,3 @@
-# # Show
-#
-# This view is the template for the show page.
-# It renders the attributes of a resource,
-# as well as a link to its edit page.
-#
-# ## Local variables:
-#
-# - `page`:
-# An instance of [Administrate::Page::Show][1].
-# Contains methods for accessing the resource to be displayed on the page,
-# as well as helpers for describing how each attribute of the resource
-# should be displayed.
-#
-# [1]: http://www.rubydoc.info/gems/administrate/Administrate/Page/Show
- content_for(:title) { page.page_title } - content_for(:title) { page.page_title }
- procedure = page.resource - procedure = page.resource

View file

@ -15,15 +15,17 @@
%th Statut %th Statut
%tbody %tbody
- @dossiers.each do |dossier| - @dossiers.each do |dossier|
/ # FIXME: here we have a n+1, we fire a request
/ (due to dossier_linked_path) per result
%tr %tr
%td.number-col %td.number-col
= link_to(dossier_path(dossier.procedure, dossier), class: 'cell-link') do = link_to(dossier_linked_path(current_gestionnaire, dossier), class: 'cell-link') do
%span.icon.folder> %span.icon.folder>
= dossier.id = dossier.id
%td= link_to(dossier.procedure.libelle, dossier_path(dossier.procedure, dossier), class: 'cell-link') %td= link_to(dossier.procedure.libelle, dossier_linked_path(current_gestionnaire, dossier), class: 'cell-link')
%td= link_to(dossier.user.email, dossier_path(dossier.procedure, dossier), class: 'cell-link') %td= link_to(dossier.user.email, dossier_linked_path(current_gestionnaire, dossier), class: 'cell-link')
%td.status-col %td.status-col
= link_to(dossier_path(dossier.procedure, dossier), class: 'cell-link') do = link_to(dossier_linked_path(current_gestionnaire, dossier), class: 'cell-link') do
= render partial: 'new_gestionnaire/procedures/status', locals: { dossier: dossier } = render partial: 'new_gestionnaire/procedures/status', locals: { dossier: dossier }
- else - else
%h2 Aucun dossier correspondant à votre recherche n'a été trouvé %h2 Aucun dossier correspondant à votre recherche n'a été trouvé

View file

@ -1 +0,0 @@
= render partial: '/users/recapitulatif/commentaires_flux'

View file

@ -0,0 +1,8 @@
fr:
activerecord:
errors:
models:
administrateur:
attributes:
email:
blank: 'doit être rempli'

View file

@ -1,12 +1,20 @@
Rails.application.routes.draw do Rails.application.routes.draw do
get 'manager/sign_in' => 'administrations/sessions#new'
delete 'manager/sign_out' => 'administrations/sessions#destroy'
namespace :manager do namespace :manager do
resources :procedures, only: [:index, :show] do resources :procedures, only: [:index, :show] do
post 'whitelist', on: :member post 'whitelist', on: :member
end end
resources :administrateurs, only: [:index, :show] resources :administrateurs, only: [:index, :show, :new, :create] do
post 'reinvite', on: :member
end
root to: "procedures#index" authenticate :administration do
match "/delayed_job" => DelayedJobWeb, :anchor => false, :via => [:get, :post]
end
root to: "administrateurs#index"
end end
get "/ping" => "ping#index", :constraints => { :ip => /127.0.0.1/ } get "/ping" => "ping#index", :constraints => { :ip => /127.0.0.1/ }
@ -52,23 +60,11 @@ Rails.application.routes.draw do
get 'users' => 'users#index' get 'users' => 'users#index'
get 'admin' => 'admin#index' get 'admin' => 'admin#index'
get 'administrations/sign_in' => 'administrations/sessions#new'
delete 'administrations/sign_out' => 'administrations/sessions#destroy'
authenticate :administration do
resources :administrations, only: [:index, :create, :update] do
match "/delayed_job" => DelayedJobWeb, :anchor => false, :via => [:get, :post]
end
end
resources :stats, only: [:index] resources :stats, only: [:index]
namespace :france_connect do namespace :france_connect do
get 'particulier' => 'particulier#login' get 'particulier' => 'particulier#login'
get 'particulier/callback' => 'particulier#callback' get 'particulier/callback' => 'particulier#callback'
get 'particulier/new' => 'particulier#new'
post 'particulier/create' => 'particulier#create'
post 'particulier/check_email' => 'particulier#check_email'
end end
namespace :users do namespace :users do
@ -90,7 +86,6 @@ Rails.application.routes.draw do
post '/recapitulatif/initiate' => 'recapitulatif#initiate' post '/recapitulatif/initiate' => 'recapitulatif#initiate'
post '/commentaire' => 'commentaires#create' post '/commentaire' => 'commentaires#create'
resources :commentaires, only: [:index]
get '/carte/position' => 'carte#get_position' get '/carte/position' => 'carte#get_position'
post '/carte/qp' => 'carte#get_qp' post '/carte/qp' => 'carte#get_qp'

View file

@ -3,7 +3,7 @@ class RemoveDuplicateEmailReceived < ActiveRecord::Migration[5.0]
all_mails = MailReceived.all all_mails = MailReceived.all
groupped = all_mails.group_by { |m| m.procedure_id } groupped = all_mails.group_by { |m| m.procedure_id }
filtered = groupped.reject { |k, v| v.length < 2 } filtered = groupped.reject { |k, v| v.length < 2 }
filtered.each do |k, duplicate_mails| filtered.each_value do |duplicate_mails|
duplicate_mails.pop duplicate_mails.pop
duplicate_mails.each(&:destroy) duplicate_mails.each(&:destroy)
end end

View file

@ -21,7 +21,7 @@ namespace :'2017_10_30_copy_commentaire_piece_justificative_to_file' do
def sanitize_name(name) # from https://github.com/carrierwaveuploader/carrierwave/blob/master/lib/carrierwave/sanitized_file.rb#L323 def sanitize_name(name) # from https://github.com/carrierwaveuploader/carrierwave/blob/master/lib/carrierwave/sanitized_file.rb#L323
name = name.gsub(/[^[:word:]\.\-\+]/,"_") name = name.gsub(/[^[:word:]\.\-\+]/,"_")
name = "_#{name}" if name =~ /\A\.+\z/ name = "_#{name}" if name.match?(/\A\.+\z/)
name = "unnamed" if name.size == 0 name = "unnamed" if name.size == 0
return name.mb_chars.to_s return name.mb_chars.to_s
end end

View file

@ -18,7 +18,7 @@ describe Administrations::OmniauthCallbacksController, type: :controller do
let(:administration) { create(:administration, email: email) } let(:administration) { create(:administration, email: email) }
before { administration } before { administration }
it { is_expected.to redirect_to(administrations_path) } it { is_expected.to redirect_to(manager_administrateurs_path) }
it do it do
expect(controller).to receive(:sign_in).with(administration) expect(controller).to receive(:sign_in).with(administration)
subject subject

View file

@ -1,34 +1,42 @@
require 'spec_helper'
describe FranceConnect::ParticulierController, type: :controller do describe FranceConnect::ParticulierController, type: :controller do
let(:code) { 'plop' }
let(:given_name) { 'titi' }
let(:family_name) { 'toto' }
let(:birthdate) { '20150821' } let(:birthdate) { '20150821' }
let(:gender) { 'M' }
let(:birthplace) { '1234' }
let(:france_connect_particulier_id) { 'blabla' }
let(:email) { 'test@test.com' } let(:email) { 'test@test.com' }
let(:password) { '' }
let(:user_info) { { france_connect_particulier_id: france_connect_particulier_id, given_name: given_name, family_name: family_name, birthdate: birthdate, birthplace: birthplace, gender: gender, email_france_connect: email } } let(:user_info) do
{
describe '.auth' do france_connect_particulier_id: 'blablabla',
it 'redirect to france connect serveur' do given_name: 'titi',
get :login family_name: 'toto',
expect(response.status).to eq(302) birthdate: birthdate,
end birthplace: '1234',
gender: 'M',
email_france_connect: email
}
end end
describe '.callback' do describe '#auth' do
subject { get :login }
it { is_expected.to have_http_status(:redirect) }
end
describe '#callback' do
let(:code) { 'plop' }
subject { get :callback, params: { code: code } }
context 'when param code is missing' do context 'when param code is missing' do
it 'redirect to login page' do let(:code) { nil }
get :callback
expect(response).to redirect_to(new_user_session_path) it { is_expected.to redirect_to(new_user_session_path) }
end end
context 'when param code is empty' do
let(:code) { '' }
it { is_expected.to redirect_to(new_user_session_path) }
end end
context 'when params code is present' do
context 'when code is correct' do context 'when code is correct' do
before do before do
allow(FranceConnectService).to receive(:retrieve_user_informations_particulier) allow(FranceConnectService).to receive(:retrieve_user_informations_particulier)
@ -36,190 +44,60 @@ describe FranceConnect::ParticulierController, type: :controller do
end end
context 'when france_connect_particulier_id exist in database' do context 'when france_connect_particulier_id exist in database' do
let!(:france_connect_information) { create(:france_connect_information, france_connect_particulier_id: france_connect_particulier_id, given_name: given_name, family_name: family_name, birthdate: birthdate, gender: gender, birthplace: birthplace) } let!(:france_connect_information) { create(:france_connect_information, user_info) }
context { it { expect { subject }.not_to change { FranceConnectInformation.count } }
subject { get :callback, params: {code: code} }
it 'does not create a new france_connect_information in database' do
expect { subject }.not_to change { FranceConnectInformation.count }
end
}
context 'when france_connect_particulier_id have an associate user' do context 'when france_connect_particulier_id have an associate user' do
before do let!(:user) { create(:user, email: 'plop@plop.com', france_connect_information: france_connect_information) }
create(:user, email: email, france_connect_information: france_connect_information)
get :callback, params: {code: code} it do
subject
expect(user.reload.loged_in_with_france_connect).to eq('particulier')
end end
let(:email) { 'plop@plop.com' } context 'and the user has a stored location' do
let(:current_user) { User.find_by_email(email) }
let(:stored_location) { '/plip/plop' } let(:stored_location) { '/plip/plop' }
before { controller.store_location_for(:user, stored_location) }
it 'current user have attribut loged_in_with_france_connect? at true' do it { is_expected.to redirect_to(stored_location) }
expect(current_user.loged_in_with_france_connect?).to be_truthy
end
it 'redirect to stored location' do
subject.store_location_for(:user, stored_location)
get :callback, params: {code: code}
expect(response).to redirect_to(stored_location)
end end
end end
context 'when france_connect_particulier_id does not have an associate user' do context 'when france_connect_particulier_id does not have an associate user' do
let(:salt) { FranceConnectSaltService.new(france_connect_information).salt } it { is_expected.to redirect_to(root_path) }
before do it do
get :callback, params: {code: code} subject
end expect(User.find_by(email: email)).not_to be_nil
it 'redirects to check email FC page' do
expect(response).to redirect_to(france_connect_particulier_new_path(fci_id: france_connect_information.id, salt: salt))
end end
end end
end end
context 'when france_connect_particulier_id does not exist in database' do context 'when france_connect_particulier_id does not exist in database' do
let(:last_france_connect_information) { FranceConnectInformation.last }
let(:salt) { FranceConnectSaltService.new(last_france_connect_information).salt }
subject { get :callback, params: {code: code} }
it { expect { subject }.to change { FranceConnectInformation.count }.by(1) } it { expect { subject }.to change { FranceConnectInformation.count }.by(1) }
describe 'FranceConnectInformation attributs' do describe 'FranceConnectInformation attributs' do
before do let(:stored_fci) { FranceConnectInformation.last }
get :callback, params: {code: code}
before { subject }
it { expect(stored_fci).to have_attributes(user_info.merge(birthdate: DateTime.parse(birthdate))) }
end end
subject { last_france_connect_information } it { is_expected.to redirect_to(root_path) }
it { expect(subject.gender).to eq gender }
it { expect(subject.given_name).to eq given_name }
it { expect(subject.family_name).to eq family_name }
it { expect(subject.email_france_connect).to eq email }
it { expect(subject.birthdate.to_time.to_i).to eq birthdate.to_time.to_i }
it { expect(subject.birthplace).to eq birthplace }
it { expect(subject.france_connect_particulier_id).to eq france_connect_particulier_id }
end
it 'redirects to check email FC page' do
expect(subject).to redirect_to(france_connect_particulier_new_path(fci_id: last_france_connect_information.id, salt: salt))
end
end end
end end
context 'when code is not correct' do context 'when code is not correct' do
before do before do
allow(FranceConnectService).to receive(:retrieve_user_informations_particulier) { raise Rack::OAuth2::Client::Error.new(500, error: 'Unknown') } allow(FranceConnectService).to receive(:retrieve_user_informations_particulier) { raise Rack::OAuth2::Client::Error.new(500, error: 'Unknown') }
get :callback, params: {code: code}
end
it 'redirect to login page' do
expect(response).to redirect_to(new_user_session_path)
end
it 'display error message' do
expect(flash[:alert]).to be_present
end
end
end
end
describe 'POST #check_email' do
let(:email) { 'plop@gmail.com' }
let!(:france_connect_information) { create(:france_connect_information) }
let(:france_connect_information_id) { france_connect_information.id }
let(:salt) { FranceConnectSaltService.new(france_connect_information).salt }
subject { post :check_email, params: {fci_id: france_connect_information_id, salt: salt, user: {email_france_connect: email}} }
context 'when salt and fci_id does not matches' do
let(:france_connect_information_fake) { create(:france_connect_information, france_connect_particulier_id: 'iugfjh') }
let(:france_connect_information_id) { france_connect_information_fake.id }
it { is_expected.to redirect_to new_user_session_path }
end
context 'when salt and fci_id matches' do
context 'when email is not used' do
context 'when email is valid' do
it { expect { subject }.to change { User.count }.by(1) }
describe 'New user attributs' do
before do
subject subject
end end
let(:user) { User.last } it { expect(response).to redirect_to(new_user_session_path) }
it { expect(user.email).to eq email } it { expect(flash[:alert]).to be_present }
it { expect(user.france_connect_information).to eq france_connect_information }
end
end
context 'when email is not valid' do
let(:email) { 'kdjizjflk' }
it { expect { subject }.not_to change { User.count } }
it { is_expected.to redirect_to(france_connect_particulier_new_path fci_id: france_connect_information.id, salt: salt, user: {email_france_connect: email}) }
end
end
context 'when email is used' do
let!(:user) { create(:user, email: france_connect_information.email_france_connect) }
let(:email) { france_connect_information.email_france_connect }
let(:password) { user.password }
before do
subject
end
subject { post :check_email, params: {fci_id: france_connect_information_id, salt: salt, user: {email_france_connect: email, password: password}} }
context 'when email and password couple is valid' do
it { expect { subject }.not_to change { User.count } }
describe 'Update user attributs' do
before do
subject
end
it { expect(user.france_connect_information).to eq france_connect_information }
end
end
context 'when email and password couple is not valid' do
let(:password) { 'fake' }
it { expect(flash.alert).to eq 'Mot de passe invalide' }
end
end
end
end
describe 'POST #create' do
let!(:france_connect_information) { create(:france_connect_information, email_france_connect: email) }
let(:france_connect_information_id) { france_connect_information.id }
let(:salt) { FranceConnectSaltService.new(france_connect_information).salt }
subject { post :create, params: {fci_id: france_connect_information_id, salt: salt, user: {email_france_connect: france_connect_information.email_france_connect}} }
context 'when email is filled' do
let(:email) { 'plop@gmail.com' }
it { expect { subject }.to change { User.count }.by(1) }
it { expect(subject).to redirect_to(root_path) }
end
context 'when email is incorrect' do
let(:email) { '' }
it { expect { subject }.not_to change { User.count } }
it { expect(subject).to redirect_to(france_connect_particulier_new_path(fci_id: france_connect_information_id, salt: salt, user: {email_france_connect: france_connect_information.email_france_connect})) }
end end
end end
end end

View file

@ -1,23 +1,5 @@
require 'spec_helper' describe Manager::AdministrateursController, type: :controller do
let(:administration){ create(:administration) }
describe AdministrationsController, type: :controller do
let(:administration) { create :administration }
describe 'GET #index' do
subject { get :index }
context 'when administration user is not connect' do
it { expect(subject.status).to eq 302 }
end
context 'when administration user is connect' do
before do
sign_in administration
end
it { expect(subject.status).to eq 200 }
end
end
describe 'POST #create' do describe 'POST #create' do
let(:email) { 'plop@plop.com' } let(:email) { 'plop@plop.com' }

View file

@ -12,4 +12,3 @@ describe NewGestionnaire::GestionnaireController, type: :controller do
end end
end end
end end

View file

@ -37,7 +37,7 @@ describe RootController, type: :controller do
sign_in create(:administration) sign_in create(:administration)
end end
it { expect(subject).to redirect_to(administrations_path) } it { expect(subject).to redirect_to(manager_root_path) }
end end
context 'when nobody is connected' do context 'when nobody is connected' do

View file

@ -55,21 +55,11 @@ feature 'France Connect Particulier Connexion' do
before do before do
page.find('.login-with-fc').click page.find('.login-with-fc').click
end end
scenario 'he is redirected to france connect particulier page' do
expect(page).to have_content('Nouvelle connexion')
end
context 'when he fill an email and valid' do
before do
page.find_by_id('user_email_france_connect').set email
page.find_by_id('valid_new_fcp').click
end
scenario 'he is redirected to user dossiers page' do scenario 'he is redirected to user dossiers page' do
expect(page).to have_content('Dossiers') expect(page).to have_content('Dossiers')
end end
end end
end
context 'when is not the first connexion' do context 'when is not the first connexion' do
before do before do

View file

@ -1,41 +0,0 @@
require 'spec_helper'
describe FranceConnectSaltService do
describe '.initialize' do
context 'when args is not a FranceConnectInformation class' do
let(:args) { create(:dossier) }
subject { described_class.new args }
it { expect { subject }.to raise_error 'Not a FranceConnectInformation class' }
end
end
describe '.valid?' do
let(:france_connect_information) { create(:france_connect_information) }
let(:salt_service) { FranceConnectSaltService.new(france_connect_information) }
let(:salt) { salt_service.salt }
context 'when france_connect_information_id is correct' do
let(:france_connect_information_id) { france_connect_information.id }
let(:france_connect_information_get_with_id) { FranceConnectInformation.find(france_connect_information_id) }
let(:salt_service_compare) { FranceConnectSaltService.new france_connect_information_get_with_id }
subject { salt_service_compare.valid? salt }
it { is_expected.to be_truthy }
end
context 'when france_connect_information_id is not correct' do
let(:france_connect_information_fake) { create(:france_connect_information, france_connect_particulier_id: '87515272') }
let(:france_connect_information_id) { france_connect_information_fake.id }
let(:france_connect_information_get_with_id) { FranceConnectInformation.find(france_connect_information_id) }
let(:salt_service_compare) { FranceConnectSaltService.new france_connect_information_get_with_id }
subject { salt_service_compare.valid? salt }
it { is_expected.to be_falsey }
end
end
end