1 - spec cover the job which fetches external data
2 - refactor the job with guard clauses
3 - delegate update operation to the champ itself
4 - annuaire education: override the update operation
to let the value be populated by the fetched data
5 - prefilling: don't fetch data synchronously
* add base controller for public api
* add dossiers controller with basic checks
* create the dossier
* ensure content-type is json
* prefill dossier with given values
* mark a dossier as prefilled
When a dossier is prefilled, it's allowed not to have a user.
Plus, we add a secure token to the dossier, which we will need later to set a
user after sign in / sign up.
* set user as owner of an orphan prefilled dossier
When a visitor comes from the dossier_url answered by the public api,
the dossier is orphan:
- when the user is already authenticated: they become the owner
- when the user is not authenticated: they can sign in / sign up / france_connect
and then they become the owner
So here is the procedure:
- allow to sign in / sign up / france connect when user is unauthenticated
- set dossier ownership when the dossier is orphan
- check dossier ownership when the dossier is not
- redirect to brouillon path when user is signed in and owner
* mark the dossier as prefilled when it's prefilled
(even with a GET request, because it will be useful later on, for
exmample in order to cleanup the unused prefilled dossiers)
* system spec: prefilling dossier with post request
