DGNum/demarches-normaliennes
15
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

AvisController: add redirection logic for various login cases

Browse source
This commit is contained in:
Simon Lehericey 2017-05-05 17:38:43 +02:00
parent 516a8c28c5
commit f9aee06040
2 changed files with 64 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
app/controllers/backoffice/avis_controller.rb
View file

@ -1,6 +1,7 @@
class Backoffice::AvisController < ApplicationController
before_action :authenticate_gestionnaire!, except: [:sign_up, :create_gestionnaire]
before_action :redirect_if_no_sign_up_needed, only: [:sign_up]
before_action :check_avis_exists_and_email_belongs_to_avis, only: [:sign_up, :create_gestionnaire]
def create
@ -68,6 +69,20 @@ class Backoffice::AvisController < ApplicationController
params.require(:avis).permit(:answer)
end
def redirect_if_no_sign_up_needed
avis = Avis.find(params[:id])
if current_gestionnaire.present?
# a gestionnaire is authenticated ... lets see if it can view the dossier
redirect_to backoffice_dossier_url(avis.dossier)
elsif avis.gestionnaire.present? && avis.gestionnaire.email == params[:email]
# the avis gestionnaire has already signed up and it sould sign in
redirect_to new_gestionnaire_session_url
end
end
def check_avis_exists_and_email_belongs_to_avis
if !Avis.avis_exists_and_email_belongs_to_avis?(params[:id], params[:email])
redirect_to url_for(root_path)

61
spec/controllers/backoffice/avis_controller_spec.rb
View file

@ -72,23 +72,60 @@ describe Backoffice::AvisController, type: :controller do
let!(:avis) { Avis.create(email: invited_email, dossier: dossier) }
let(:invitations_email) { true }
before do
expect(Avis).to receive(:avis_exists_and_email_belongs_to_avis?)
.with(avis.id.to_s, invited_email)
.and_return(invitations_email)
get :sign_up, params: { id: avis.id, email: invited_email }
context 'when the new gestionnaire has never signed up' do
before do
expect(Avis).to receive(:avis_exists_and_email_belongs_to_avis?)
.with(avis.id.to_s, invited_email)
.and_return(invitations_email)
get :sign_up, params: { id: avis.id, email: invited_email }
end
context 'when the email belongs to the invitation' do
it { expect(subject.status).to eq(200) }
it { expect(assigns(:email)).to eq(invited_email) }
it { expect(assigns(:dossier)).to eq(dossier) }
end
context 'when the email does not belong to the invitation' do
let(:invitations_email) { false }
it { is_expected.to redirect_to root_path }
end
end
context 'when the email belongs to the invitation' do
it { expect(subject.status).to eq(200) }
it { expect(assigns(:email)).to eq(invited_email) }
it { expect(assigns(:dossier)).to eq(dossier) }
context 'when the gestionnaire has already signed up and belongs to the invitation' do
let(:gestionnaire) { create(:gestionnaire, email: invited_email) }
let!(:avis) { Avis.create(dossier: dossier, gestionnaire: gestionnaire) }
context 'when the gestionnaire is authenticated' do
before do
sign_in gestionnaire
get :sign_up, params: { id: avis.id, email: invited_email }
end
it { is_expected.to redirect_to backoffice_dossier_url(avis.dossier) }
end
context 'when the gestionnaire is not authenticated' do
before do
get :sign_up, params: { id: avis.id, email: invited_email }
end
it { is_expected.to redirect_to new_gestionnaire_session_url }
end
end
context 'when the email does not belong to the invitation' do
let(:invitations_email) { false }
context 'when the gestionnaire has already signed up / is authenticated and does not belong to the invitation' do
let(:gestionnaire) { create(:gestionnaire, email: 'other@gmail.com') }
let!(:avis) { Avis.create(email: invited_email, dossier: dossier) }
it { is_expected.to redirect_to root_path }
before do
sign_in gestionnaire
get :sign_up, params: { id: avis.id, email: invited_email }
end
# redirected to dossier but then the gestionnaire gonna be banished !
it { is_expected.to redirect_to backoffice_dossier_url(avis.dossier) }
end
end