DGNum/demarches-normaliennes
14
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Merge branch 'dev'

Browse source
This commit is contained in:
gregoirenovel 2018-01-03 10:48:39 +01:00
commit edbba8a230
27 changed files with 207 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -27,6 +27,7 @@ config/initializers/token.rb
config/initializers/super_admin.rb
doc/*.svg
config/france_connect.yml
config/github_secrets.yml
config/initializers/mailjet.rb
config/fog_credentials.yml
uploads/*

6
.rubocop.yml
View file

@ -1,3 +1,6 @@
require:
- rubocop/rspec/focused
AllCops:
Exclude:
- "db/schema.rb"
@ -614,6 +617,9 @@ Rails/Validation:
Rails:
Enabled: false
RSpec/Focused:
Enabled: true
Security/Eval:
Enabled: false

2
Gemfile
View file

@ -44,6 +44,7 @@ gem 'unicode_utils'
# Gestion des comptes utilisateurs
gem 'devise'
gem 'openid_connect'
gem 'omniauth-github'
gem 'rest-client'
@ -134,6 +135,7 @@ group :development do
gem 'rack-handlers'
gem 'xray-rails'
gem 'rubocop', require: false
gem 'rubocop-rspec-focused', require: false
gem 'haml-lint'
gem 'scss_lint', require: false
end

21
Gemfile.lock
View file

@ -357,6 +357,7 @@ GEM
url_safe_base64
jsonapi (0.1.1.beta2)
json (~> 1.8)
jwt (1.5.6)
kaminari (0.17.0)
actionpack (>= 3.0.0)
activesupport (>= 3.0.0)
@ -396,6 +397,7 @@ GEM
mini_portile2 (2.3.0)
minitest (5.10.3)
multi_json (1.12.1)
multi_xml (0.6.0)
multipart-post (2.0.0)
mustermann (1.0.1)
nenv (0.3.0)
@ -406,6 +408,21 @@ GEM
notiffany (0.1.1)
nenv (~> 0.1)
shellany (~> 0.0)
oauth2 (1.4.0)
faraday (>= 0.8, < 0.13)
jwt (~> 1.0)
multi_json (~> 1.3)
multi_xml (~> 0.5)
rack (>= 1.2, < 3)
omniauth (1.7.1)
hashie (>= 3.4.6, < 3.6.0)
rack (>= 1.6.2, < 3)
omniauth-github (1.3.0)
omniauth (~> 1.5)
omniauth-oauth2 (>= 1.4.0, < 2.0)
omniauth-oauth2 (1.5.0)
oauth2 (~> 1.1)
omniauth (~> 1.2)
open4 (1.3.4)
openid_connect (0.12.0)
activemodel
@ -545,6 +562,8 @@ GEM
rainbow (>= 1.99.1, < 3.0)
ruby-progressbar (~> 1.7)
unicode-display_width (~> 1.0, >= 1.0.1)
rubocop-rspec-focused (0.1.0)
rubocop (>= 0.37)
ruby-progressbar (1.8.1)
ruby_dep (1.5.0)
ruby_parser (3.10.1)
@ -720,6 +739,7 @@ DEPENDENCIES
mailjet
maruku
mina!
omniauth-github
openid_connect
openstack
pg
@ -736,6 +756,7 @@ DEPENDENCIES
rspec-rails (~> 3.0)
rspec_junit_formatter
rubocop
rubocop-rspec-focused
sass-rails (~> 5.0)
scenic
scss_lint

3
Procfile Normal file
View file

@ -0,0 +1,3 @@
server: bin/rails server
jobs: bin/delayed_job run
mails: mailcatcher -f

26
README.md
View file

@ -46,6 +46,27 @@ Afin de générer la BDD de l'application, il est nécessaire d'éxécuter les c
rake db:migrate
rake db:migrate RAILS_ENV=test
## Bouchonnage de lauthentification
Créer le fichier `config/france_connect.yml` avec le contenu
```yaml
particulier_identifier: ''
particulier_secret: ''
particulier_redirect_uri: ''
particulier_authorization_endpoint: ''
particulier_token_endpoint: ''
particulier_userinfo_endpoint: ''
particulier_logout_endpoint: ''
```
Créer le fichier `config/github_secrets.yml` avec le contenu
```yaml
client_id: ''
client_secret: ''
```
## Création des comptes initiaux
@ -60,9 +81,8 @@ Afin de générer la BDD de l'application, il est nécessaire d'éxécuter les c
## Lancement de l'application
bin/delayed_job run
mailcatcher -f
rails s
brew install hivemind # Avec Linux voir https://github.com/DarthSim/hivemind#installation
hivemind
## Programmation des jobs

4
app/assets/stylesheets/new_design/flex.scss
View file

@ -16,4 +16,8 @@
&.justify-between {
justify-content: space-between;
}
&.justify-center {
justify-content: center;
}
}

11
app/assets/stylesheets/new_design/super_admin.scss Normal file
View file

@ -0,0 +1,11 @@
@import "constants";
.super-admin {
margin-top: 40px;
text-align: center;
h2 {
font-size: 24px;
margin-bottom: 4 * $default-spacer;
}
}

6
app/controllers/admin/profile_controller.rb
View file

@ -2,4 +2,10 @@ class Admin::ProfileController < AdminController
def show
@administrateur = current_administrateur
end
def renew_api_token
flash[:notice] = "Votre token d'API a été regénéré."
current_administrateur.renew_api_token
redirect_to admin_profile_path
end
end

16
app/controllers/administrations/omniauth_callbacks_controller.rb Normal file
View file

@ -0,0 +1,16 @@
class Administrations::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def github
administration = Administration.from_omniauth(request.env["omniauth.auth"])
if administration.present?
sign_in administration
redirect_to administrations_path
else
flash[:alert] = "Compte GitHub non autorisé"
redirect_to root_path
end
end
def failure
redirect_to root_path
end
end

11
app/controllers/administrations/sessions_controller.rb Normal file
View file

@ -0,0 +1,11 @@
class Administrations::SessionsController < ApplicationController
layout "new_application"
def new
end
def destroy
sign_out :administration if administration_signed_in?
redirect_to root_path
end
end

2
app/controllers/administrations_controller.rb
View file

@ -18,7 +18,7 @@ class AdministrationsController < ApplicationController
if admin.save
flash.notice = "Administrateur créé"
NewAdminMailer.new_admin_email(admin).deliver_now!
NewAdminMailer.new_admin_email(admin, current_administration).deliver_now!
else
flash.alert = admin.errors.full_messages
end

3
app/mailers/new_admin_mailer.rb
View file

@ -1,6 +1,7 @@
class NewAdminMailer < ApplicationMailer
def new_admin_email admin
def new_admin_email admin, administration
@admin = admin
@administration = administration
mail(to: 'tech@tps.apientreprise.fr',
subject: "Création d'un compte Admin TPS")

6
app/models/administration.rb
View file

@ -1,5 +1,9 @@
class Administration < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :rememberable, :trackable, :validatable
devise :database_authenticatable, :rememberable, :trackable, :validatable, :omniauthable, omniauth_providers: [:github]
def self.from_omniauth(params)
find_by(email: params["info"]["email"])
end
end

2
app/views/admin/profile/show.html.haml
View file

@ -4,3 +4,5 @@
%p
API TOKEN :
= @administrateur.api_token
%p
= link_to "Regénérer mon token", admin_renew_api_token_path, method: :post, class: "btn btn-default", data: { confirm: "Confirmez-vous la regénération de votre token ? Les applications qui l'utilisent actuellement seront bloquées.", disable_with: "Regénération..." }

2
app/views/administrations/index.html.haml
View file

@ -13,4 +13,4 @@
%br
.text-center
= link_to 'Deconnexion', '/administrations/sign_out', method: :delete
= link_to 'Deconnexion', administrations_sign_out_path, method: :delete

6
app/views/administrations/sessions/new.html.haml Normal file
View file

@ -0,0 +1,6 @@
.super-admin.flex.justify-center
%div
%h2 Espace Admin
= link_to administration_github_omniauth_authorize_path, class: "button large" do
%span.icon.lock
Connexion avec GitHub

2
app/views/new_admin_mailer/new_admin_email.text.erb
View file

@ -4,6 +4,8 @@ Plateforme : <%= TPS::Application::URL %>
Login : <%= @admin.email %>
Créateur : <%= @administration.email %>
Bonne journée,
L'équipe Téléprocédures Simplifiées

1
config/deploy.rb
View file

@ -65,6 +65,7 @@ set :shared_paths, [
"config/unicorn.rb",
"config/initializers/raven.rb",
'config/france_connect.yml',
'config/github_secrets.yml',
'config/initializers/mailjet.rb',
'config/initializers/storage_url.rb'
]

5
config/initializers/devise.rb
View file

@ -232,7 +232,10 @@ Devise.setup do |config|
# ==> OmniAuth
# Add a new OmniAuth provider. Check the wiki for more information on setting
# up on your models and hooks.
# config.omniauth :github, 'APP_ID', 'APP_SECRET', scope: 'user,public_repo'
if !Rails.env.test?
github_secrets = YAML::load_file(File.join(__dir__, '../github_secrets.yml'))
config.omniauth :github, github_secrets['client_id'], github_secrets['client_secret'], scope: 'user:email'
end
# ==> Warden configuration
# If you want to use other strategies, that are not supported by Devise, or

9
config/routes.rb
View file

@ -1,7 +1,11 @@
Rails.application.routes.draw do
get "/ping" => "ping#index", :constraints => {:ip => /127.0.0.1/}
devise_for :administrations, skip: [:password, :registrations]
devise_for :administrations,
skip: [:password, :registrations, :sessions],
controllers: {
omniauth_callbacks: 'administrations/omniauth_callbacks'
}
devise_for :administrateurs, controllers: {
sessions: 'administrateurs/sessions'
@ -42,6 +46,8 @@ Rails.application.routes.draw do
get 'admin' => 'admin#index'
get 'backoffice' => 'backoffice#index'
get 'administrations/sign_in' => 'administrations/sessions#new'
delete 'administrations/sign_out' => 'administrations/sessions#destroy'
authenticate :administration do
resources :administrations, only: [:index, :create]
namespace :administrations do
@ -104,6 +110,7 @@ Rails.application.routes.draw do
get 'procedures/draft' => 'procedures#draft'
get 'procedures/path_list' => 'procedures#path_list'
get 'profile' => 'profile#show', as: :profile
post 'renew_api_token' => 'profile#renew_api_token', as: :renew_api_token
get 'change_dossier_state' => 'change_dossier_state#index'
post 'change_dossier_state' => 'change_dossier_state#check'

8
lib/tasks/2017_12_20_delete_old_administration.rake Normal file
View file

@ -0,0 +1,8 @@
namespace :'2017_12_20_delete_old_administration' do
task set: :environment do
Administration.all.each do |a|
puts "Deleting #{a.email}"
a.destroy
end
end
end

12
lib/tasks/admin.rake Normal file
View file

@ -0,0 +1,12 @@
namespace :admin do
task :create_admin, [:email] => :environment do |t, args|
email = args[:email]
puts "Creating Administration for #{email}"
a = Administration.new(email: email, password: Devise.friendly_token[0,20])
if a.save
puts "#{a.email} created"
else
puts "An error occured : #{a.errors.full_messages}"
end
end
end

11
spec/controllers/admin/profile_controller_spec.rb
View file

@ -2,4 +2,15 @@ require 'spec_helper'
describe Admin::ProfileController, type: :controller do
it { expect(described_class).to be < AdminController }
let(:administrateur) { create(:administrateur) }
before { sign_in(administrateur) }
describe 'POST #renew_api_token' do
subject { post :renew_api_token }
it { expect{ subject }.to change{ administrateur.reload.api_token } }
it { subject; expect(response.status).to redirect_to(admin_profile_path) }
end
end

38
spec/controllers/administrations/omniauth_callbacks_controller_spec.rb Normal file
View file

@ -0,0 +1,38 @@
require 'spec_helper'
describe Administrations::OmniauthCallbacksController, type: :controller do
before(:each) do
@request.env["devise.mapping"] = Devise.mappings[:administration]
end
describe 'POST #github' do
let(:params) { { "info" => { "email" => email } } }
before do
controller.stub(:sign_in).and_return true
@request.env["omniauth.auth"] = params
end
subject { post :github }
context 'with an authorized email' do
let(:email) { "ivan@tps.fr" }
let(:administration) { create(:administration, email: email) }
before { administration }
it { is_expected.to redirect_to(administrations_path) }
it do
expect(controller).to receive(:sign_in).with(administration)
subject
end
end
context 'with an unauthorized email' do
let(:email) { "michel@tps.fr" }
it { is_expected.to redirect_to(root_path) }
it do
expect(controller).to_not receive(:sign_in)
subject
end
end
end
end

2
spec/controllers/backoffice/dossiers_controller_spec.rb
View file

@ -350,7 +350,7 @@ describe Backoffice::DossiersController, type: :controller do
end
end
context 'when the attestation template uses the motivation field', focus: true do
context 'when the attestation template uses the motivation field' do
let(:emailable) { false }
let(:template) { create(:attestation_template) }
let(:procedure) { create(:procedure, :published, attestation_template: template, gestionnaires: [gestionnaire]) }

2
spec/controllers/new_gestionnaire/dossiers_controller_spec.rb
View file

@ -224,7 +224,7 @@ describe NewGestionnaire::DossiersController, type: :controller do
end
end
context 'when the attestation template uses the motivation field', focus: true do
context 'when the attestation template uses the motivation field' do
let(:emailable) { false }
let(:template) { create(:attestation_template) }
let(:procedure) { create(:procedure, :published, attestation_template: template, gestionnaires: [gestionnaire]) }