[manager] add list of dubious procedures

app/controllers/manager/dubious_procedures_controller.rb

@@ -0,0 +1,15 @@
+module Manager
+  class DubiousProceduresController < Manager::ApplicationController
+    def index
+      raw_resources = DubiousProcedure.all
+      resources = Kaminari.paginate_array(raw_resources).page(params[:_page]).per(records_per_page)
+      page = Administrate::Page::Collection.new(dashboard)
+
+      render locals: {
+        resources: resources,
+        page: page,
+        show_search_bar: false
+      }
+    end
+  end
+end

app/dashboards/dubious_procedure_dashboard.rb

@@ -0,0 +1,12 @@
+require "administrate/base_dashboard"
+
+class DubiousProcedureDashboard < Administrate::BaseDashboard
+  ATTRIBUTE_TYPES = {
+    id: Field::Number,
+    libelle: Field::String,
+    dubious_champs: Field::String,
+    aasm_state: Field::String
+  }.freeze
+  COLLECTION_ATTRIBUTES = [:id, :libelle, :dubious_champs, :aasm_state].freeze
+  COLLECTION_FILTERS = {}.freeze
+end

app/models/dubious_procedure.rb

@@ -0,0 +1,45 @@
+class DubiousProcedure
+  extend ActiveModel::Naming
+  extend ActiveModel::Translation
+
+  attr_accessor :id, :libelle, :dubious_champs, :aasm_state
+
+  FORBIDDEN_KEYWORDS = [
+    'NIR', 'NIRPP', 'race', 'religion',
+    'carte bancaire', 'carte bleue', 'sécurité sociale',
+    'agdref', 'syndicat', 'syndical',
+    'parti politique', 'opinion politique', 'bord politique', 'courant politique',
+    'médical', 'handicap', 'maladie', 'allergie', 'hospitalisé', 'RQTH', 'vaccin'
+  ]
+
+  def persisted?
+    false
+  end
+
+  def self.all
+    procedures_with_forbidden_tdcs_sql = TypeDeChamp
+      .joins(:procedure)
+      .select("string_agg(types_de_champ.libelle, ' - ') as dubious_champs, procedures.id as procedure_id, procedures.libelle as procedure_libelle, procedures.aasm_state as procedure_aasm_state")
+      .where("unaccent(types_de_champ.libelle) ~* unaccent(?)", forbidden_regexp)
+      .where(type_champ: [TypeDeChamp.type_champs.fetch(:text), TypeDeChamp.type_champs.fetch(:textarea)])
+      .where(procedures: { closed_at: nil, whitelisted_at: nil })
+      .group("procedures.id")
+      .order("procedures.id asc")
+      .to_sql
+
+    ActiveRecord::Base.connection.execute(procedures_with_forbidden_tdcs_sql).map do |procedure|
+      p = DubiousProcedure.new
+      p.id = procedure["procedure_id"]
+      p.dubious_champs = procedure["dubious_champs"]
+      p.libelle = procedure["procedure_libelle"]
+      p.aasm_state = procedure["procedure_aasm_state"]
+      p
+    end
+  end
+
+  # \\y is a word boundary
+  def self.forbidden_regexp
+    FORBIDDEN_KEYWORDS.map { |keyword| "\\y#{keyword}\\y" }
+      .join('|')
+  end
+end

app/models/type_de_champ.rb

@@ -94,7 +94,7 @@ class TypeDeChamp < ApplicationRecord
   scope :fillable, -> { where.not(type_champ: [type_champs.fetch(:header_section), type_champs.fetch(:explication)]) }
 
   scope :dubious, -> {
-    where("unaccent(types_de_champ.libelle) ~* unaccent(?)", Cron::FindDubiousProceduresJob.forbidden_regexp)
+    where("unaccent(types_de_champ.libelle) ~* unaccent(?)", DubiousProcedure.forbidden_regexp)
       .where(type_champ: [TypeDeChamp.type_champs.fetch(:text), TypeDeChamp.type_champs.fetch(:textarea)])
   }
 

app/views/manager/dubious_procedures/_collection.html.erb

@@ -0,0 +1,56 @@
+<%#
+# Collection
+
+This partial is used on the `index` and `show` pages
+to display a collection of resources in an HTML table.
+
+## Local variables:
+
+- `collection_presenter`:
+  An instance of [Administrate::Page::Collection][1].
+  The table presenter uses `ResourceDashboard::COLLECTION_ATTRIBUTES` to determine
+  the columns displayed in the table
+- `resources`:
+  An ActiveModel::Relation collection of resources to be displayed in the table.
+  By default, the number of resources is limited by pagination
+  or by a hard limit to prevent excessive page load times
+
+[1]: http://www.rubydoc.info/gems/administrate/Administrate/Page/Collection
+%>
+
+<table aria-labelledby="<%= table_title %>">
+  <thead>
+    <tr>
+      <% collection_presenter.attribute_types.each do |attr_name, attr_type| %>
+        <th class="cell-label
+        cell-label--<%= attr_type.html_class %>
+        cell-label--<%= collection_presenter.ordered_html_class(attr_name) %>"
+        scope="col"
+        role="columnheader"
+        aria-sort="<%= sort_order(collection_presenter.ordered_html_class(attr_name)) %>">
+        <%= t(
+          "helpers.label.#{collection_presenter.resource_name}.#{attr_name}",
+          default: resource_class.human_attribute_name(attr_name),
+        ).titleize %>
+        </th>
+      <% end %>
+    </tr>
+  </thead>
+
+  <tbody>
+    <% resources.each do |resource| %>
+      <tr class="js-table-row" >
+        <% collection_presenter.attributes_for(resource).each do |attribute| %>
+          <td class="cell-data cell-data--<%= attribute.html_class %>">
+            <a href="<%= manager_procedure_url(resource.id) -%>"
+               tabindex="-1"
+               class="action-show"
+               >
+               <%= render_field attribute %>
+            </a>
+          </td>
+        <% end %>
+      </tr>
+    <% end %>
+  </tbody>
+</table>

config/routes.rb

@@ -58,6 +58,8 @@ Rails.application.routes.draw do
 
     resources :zones, only: [:index, :show]
 
+    resources :dubious_procedures, only: [:index]
+
     post 'demandes/create_administrateur'
     post 'demandes/refuse_administrateur'
 

spec/models/dubious_procedure_spec.rb

@@ -0,0 +1,48 @@
+describe DubiousProcedure, type: :model do
+  describe '#all' do
+    let!(:procedure) { create(:procedure, types_de_champ: tdcs) }
+    let(:allowed_tdc) { build(:type_de_champ, libelle: 'fournir') }
+    subject { DubiousProcedure.all }
+
+    context 'with suspicious champs' do
+      let(:forbidden_tdcs) do
+        [
+          build(:type_de_champ, libelle: 'num de securite sociale, stp'),
+          build(:type_de_champ, libelle: "t'aurais une carte bancaire ?")
+        ]
+      end
+
+      let(:tdcs) { forbidden_tdcs + [allowed_tdc] }
+
+      it 'returns dubious procedures' do
+        expect(subject.first.id).to eq(procedure.id)
+        expect(subject.first.libelle).to eq(procedure.libelle)
+        expect(subject.first.dubious_champs).to eq("num de securite sociale, stp - t'aurais une carte bancaire ?")
+      end
+
+      context 'and a whitelisted procedure' do
+        let(:procedure) { create(:procedure, :whitelisted) }
+
+        it { expect(subject).to eq([]) }
+      end
+
+      context 'and a closed procedure' do
+        let(:procedure) { create(:procedure, :closed) }
+
+        it { expect(subject).to eq([]) }
+      end
+
+      context 'and a discarded procedure' do
+        let(:procedure) { create(:procedure, :discarded) }
+
+        it { expect(subject).to eq([]) }
+      end
+    end
+
+    context 'with no suspicious champs' do
+      let(:tdcs) { [allowed_tdc] }
+
+      it { expect(subject).to eq([]) }
+    end
+  end
+end