sessions: add a helper to clear the stored return path

2019-01-14 15:16:23 +00:00 · 2019-01-14 15:16:23 +00:00 · e580d336e4
commit e580d336e4
parent e39fd7b171
6 changed files with 65 additions and 8 deletions
--- a/app/controllers/devise/store_location_extension.rb
+++ b/app/controllers/devise/store_location_extension.rb
@ -0,0 +1,10 @@
+module Devise
+  # Useful helpers additions to Devise::Controllers::StoreLocation
+  module StoreLocationExtension
+    # Delete the url stored in the session for the given scope.
+    def clear_stored_location_for(resource_or_scope)
+      session_key = send(:stored_location_key_for, resource_or_scope)
+      session.delete(session_key)
+    end
+  end
+end
--- a/app/controllers/invites_controller.rb
+++ b/app/controllers/invites_controller.rb
@ -1,5 +1,5 @@
 class InvitesController < ApplicationController
-  SESSION_USER_RETURN_LOCATION = 'user_return_to'
+  include Devise::StoreLocationExtension

  before_action :authenticate_user!, only: [:create]
  before_action :store_user_location!, only: [:show]
@ -62,6 +62,6 @@ class InvitesController < ApplicationController
  end

  def erase_user_location!
-    session.delete(SESSION_USER_RETURN_LOCATION)
+    clear_stored_location_for(:user)
  end
 end
--- a/app/controllers/new_user/dossiers_controller.rb
+++ b/app/controllers/new_user/dossiers_controller.rb
@ -1,10 +1,10 @@
 module NewUser
  class DossiersController < UserController
+    include Devise::StoreLocationExtension
    include DossierHelper

    layout 'procedure_context', only: [:identite, :update_identite, :siret, :update_siret]

-    SESSION_USER_RETURN_LOCATION = 'user_return_to'
    ACTIONS_ALLOWED_TO_ANY_USER = [:index, :recherche, :new]
    ACTIONS_ALLOWED_TO_OWNER_OR_INVITE = [:show, :demande, :messagerie, :brouillon, :update_brouillon, :modifier, :update, :create_commentaire, :purge_champ_piece_justificative]

@ -247,7 +247,7 @@ module NewUser
    end

    def erase_user_location!
-      session.delete(SESSION_USER_RETURN_LOCATION)
+      clear_stored_location_for(:user)
    end

    def show_demarche_en_test_banner
--- a/spec/controllers/devise/store_location_extension_spec.rb
+++ b/spec/controllers/devise/store_location_extension_spec.rb
@ -0,0 +1,26 @@
+require 'rails_helper'
+
+RSpec.describe Devise::StoreLocationExtension, type: :controller do
+  class TestController < ActionController::Base
+    include Devise::Controllers::StoreLocation
+    include Devise::StoreLocationExtension
+  end
+
+  controller TestController do
+  end
+
+  describe "#clear_stored_location_for" do
+    context 'when a location has been previously stored' do
+      before { subject.store_location_for(:user, dossiers_path) }
+
+      it 'delete the stored location' do
+        subject.clear_stored_location_for(:user)
+        expect(subject.stored_location_for(:user)).to be nil
+      end
+    end
+
+    context 'when no location has been stored' do
+      it { expect(subject.clear_stored_location_for(:user)).to be nil }
+    end
+  end
+end
--- a/spec/controllers/invites_controller_spec.rb
+++ b/spec/controllers/invites_controller_spec.rb
@ -171,7 +171,10 @@ describe InvitesController, type: :controller do
        let(:email) { nil }

        context 'and user is not connected' do
-          it { is_expected.to redirect_to new_user_session_path }
+          it 'redirects to the sign-in page' do
+            expect(subject).to redirect_to new_user_session_path
+            expect(controller.stored_location_for(:user)).to be_present
+          end
        end

        context 'and user is connected' do
@ -186,20 +189,29 @@ describe InvitesController, type: :controller do
      context 'when email is blank' do
        let(:email) { '' }

-        it { is_expected.to redirect_to new_user_session_path }
+        it 'redirects to the sign-in page' do
+          expect(subject).to redirect_to new_user_session_path
+          expect(controller.stored_location_for(:user)).to be_present
+        end
      end

      context 'when email is not blank' do
        context 'when email is affected at an user' do
          let(:email) { user.email }

-          it { is_expected.to redirect_to new_user_session_path }
+          it 'redirects to the sign-in page' do
+            expect(subject).to redirect_to new_user_session_path
+            expect(controller.stored_location_for(:user)).to be_present
+          end
        end

        context 'when email is not affected at an user' do
          let(:email) { 'new_user@octo.com' }

-          it { is_expected.to redirect_to new_user_registration_path(user: { email: email }) }
+          it 'redirects to the sign-up page' do
+            expect(subject).to redirect_to new_user_registration_path(user: { email: email })
+            expect(controller.stored_location_for(:user)).to be_present
+          end
        end
      end
    end
@ -213,6 +225,10 @@ describe InvitesController, type: :controller do

      subject! { get :show, params: { id: invite.id } }

+      it 'clears the stored return location' do
+        expect(controller.stored_location_for(:user)).to be nil
+      end
+
      context 'when invitation ID is attached at the user email account' do
        let(:email) { user.email }

--- a/spec/controllers/new_user/dossiers_controller_spec.rb
+++ b/spec/controllers/new_user/dossiers_controller_spec.rb
@ -854,6 +854,11 @@ describe NewUser::DossiersController, type: :controller do

    subject { get :new, params: { procedure_id: procedure_id } }

+    it 'clears the stored procedure context' do
+      subject
+      expect(controller.stored_location_for(:user)).to be nil
+    end
+
    context 'when params procedure_id is present' do
      context 'when procedure_id is valid' do
        context 'when user is logged in' do