Merge pull request #7838 from mfo/sentry/3422144920

fix(sentry/3422144920): old email using TargetUserLink creates confusing errors
2022-10-04 13:57:15 +02:00 · 2022-10-04 13:57:15 +02:00 · f3787e4423
commit f3787e4423
parent ca8755330a ba1035bd30
6 changed files with 48 additions and 7 deletions
--- a/app/controllers/targeted_user_links_controller.rb
+++ b/app/controllers/targeted_user_links_controller.rb
@ -1,16 +1,17 @@
 class TargetedUserLinksController < ApplicationController
-  before_action :set_targeted_user_link, only: [:show]
  def show
-    if @targeted_user_link.invalid_signed_in_user?(current_user)
+    if targeted_user_link.invalid_signed_in_user?(current_user)
      render
    else
-      redirect_to @targeted_user_link.redirect_url(Rails.application.routes.url_helpers)
+      redirect_to targeted_user_link.redirect_url(Rails.application.routes.url_helpers)
    end
+  rescue ActiveRecord::RecordNotFound
+    redirect_to root_path, flash: { error: t('errors.messages.targeted_user_link_expired') }
  end

  private

-  def set_targeted_user_link
-    @targeted_user_link = TargetedUserLink.find(params[:id])
+  def targeted_user_link
+    @targeted_user_link ||= TargetedUserLink.find(params[:id])
  end
 end
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@ -362,6 +362,7 @@ en:
    messages:
      dossier_not_found: "The file does not exist or you do not have access to it."
      # # dossier_map_not_activated: "The file does not have access to the map."
+      targeted_user_link_expired: "This invitation link is not more accessible."
      invalid_siret: "The SIRET is incorrect"
      procedure_not_found: "The procedure does not exist"
      siret_unknown: 'Sorry, we did not find any establishment registered under this SIRET number.'
--- a/config/locales/fr.yml
+++ b/config/locales/fr.yml
@ -365,6 +365,7 @@ fr:
      saml_not_authorized: "Vous n’êtes pas autorisé à accéder à ce service."
      dossier_not_found: "Le dossier n’existe pas ou vous n’y avez pas accès."
      # dossier_map_not_activated: "Le dossier n’a pas accès à la cartographie."
+      targeted_user_link_expired: "Ce lien d'invitation n'est plus valable."
      invalid_siret: "Le siret est incorrect"
      procedure_not_found: "La démarche n’existe pas"
      siret_unknown: 'Désolé, nous n’avons pas trouvé d’établissement enregistré correspondant à ce numéro SIRET.'
--- a/lib/tasks/deployment/20221004112700_clean_orphaned_targeted_user_links.rake
+++ b/lib/tasks/deployment/20221004112700_clean_orphaned_targeted_user_links.rake
@ -0,0 +1,18 @@
+namespace :after_party do
+  desc 'Deployment task: clean_orphaned_targeted_user_links'
+  task clean_orphaned_targeted_user_links: :environment do
+    puts "Running deploy task 'clean_orphaned_targeted_user_links'"
+
+    progress = ProgressReport.new(TargetedUserLink.count)
+    TargetedUserLink.find_each do |tul|
+      if tul.target_model.nil?
+        tul.destroy
+      end
+      progress.inc
+    end
+    # Update task as completed.  If you remove the line below, the task will
+    # run with every deploy (or every time you call after_party:run).
+    AfterParty::TaskRecord
+      .create version: AfterParty::TaskRecorder.new(__FILE__).timestamp
+  end
+end
--- a/spec/controllers/targeted_user_links_controller_spec.rb
+++ b/spec/controllers/targeted_user_links_controller_spec.rb
@ -1,8 +1,8 @@
 describe TargetedUserLinksController, type: :controller do
  describe '#show' do
-    let!(:targeted_user_link) { create(:targeted_user_link, target_context: target_context, target_model: target_model, user: user) }
-
    context 'avis' do
+      let!(:targeted_user_link) { create(:targeted_user_link, target_context: target_context, target_model: target_model, user: user) }
+
      let(:target_context) { :avis }
      let!(:expert) { create(:expert, user: user) }
      let!(:target_model) { create(:avis, experts_procedure: expert_procedure) }
@ -56,6 +56,8 @@ describe TargetedUserLinksController, type: :controller do
    end

    context 'with invite having user' do
+      let!(:targeted_user_link) { create(:targeted_user_link, target_context: target_context, target_model: target_model, user: user) }
+
      let(:target_context) { 'invite' }
      let(:target_model) { create(:invite, user: user) }

@ -93,6 +95,7 @@ describe TargetedUserLinksController, type: :controller do
    end

    context 'with invite not having user' do
+      let!(:targeted_user_link) { create(:targeted_user_link, target_context: target_context, target_model: target_model, user: user) }
      let(:target_context) { 'invite' }
      let(:user_email) { 'not_yet_registered@a.com' }
      let(:target_model) { create(:invite, user: nil, email: user_email) }
@ -129,5 +132,14 @@ describe TargetedUserLinksController, type: :controller do
        end
      end
    end
+
+    context 'not found' do
+      it 'redirect nicely' do
+        sign_in(create(:user))
+        get :show, params: { id: "asldjiasld" }
+        expect(response).to redirect_to(root_path)
+        expect(flash[:error]).to be_present
+      end
+    end
  end
 end
--- a/spec/models/invite_spec.rb
+++ b/spec/models/invite_spec.rb
@ -55,6 +55,14 @@ describe Invite do
    end
  end

+  describe 'association' do
+    let!(:invite) { create(:invite, email: "email@totor.com") }
+    let!(:target_user_link) { create(:targeted_user_link, target_model: invite, target_context: 'invite') }
+    it 'destroy target_user_link' do
+      expect { invite.destroy! }.to change { TargetedUserLink.count }.from(1).to(0)
+    end
+  end
+
  describe "#default_scope" do
    let!(:dossier) { create(:dossier, hidden_by_user_at: hidden_by_user_at) }
    let!(:invite) { create(:invite, email: "email@totor.com", dossier: dossier) }