* add base controller for public api
* add dossiers controller with basic checks
* create the dossier
* ensure content-type is json
* prefill dossier with given values
* mark a dossier as prefilled
When a dossier is prefilled, it's allowed not to have a user.
Plus, we add a secure token to the dossier, which we will need later to set a
user after sign in / sign up.
* set user as owner of an orphan prefilled dossier
When a visitor comes from the dossier_url answered by the public api,
the dossier is orphan:
- when the user is already authenticated: they become the owner
- when the user is not authenticated: they can sign in / sign up / france_connect
and then they become the owner
So here is the procedure:
- allow to sign in / sign up / france connect when user is unauthenticated
- set dossier ownership when the dossier is orphan
- check dossier ownership when the dossier is not
- redirect to brouillon path when user is signed in and owner
* mark the dossier as prefilled when it's prefilled
(even with a GET request, because it will be useful later on, for
exmample in order to cleanup the unused prefilled dossiers)
* system spec: prefilling dossier with post request
* store prefill params in session
Instead of using query params on /dossier/new, we assume the user comes
from /commencer/:path, which is the new prefill link.
There, we store the prefill params in session, and use them to prefill
the dossier when creating it, in /dossiers/new.
* spec: cover the case
* review: serialize with json instead of yaml
* review: rename method
* review: store only query params
* review: comment why we dont override already stored params
On créé l'établissement uniquement avec le SIRET, sans que ce soit bloquant
pour compléter le dossier. On demande à l'utilisateur de vérifier
lui-même la concordance du SIRET avec son entreprise.
Cf #7766
Auparavant le service échouait silencieusement et ne retournait rien,
ce qui dans les implémentations du front aboutissait au message que
l'établissement/l'entreprise n'a pas été trouvé.
Un type d'erreur spécifique sur l'expiration du token permet d'afficher
le message lié à un problème temporaire de récupération d'infos.
fix(profil_controller#update_email): changing email from current_user.email to current_user.email destroy current user. whoops ☠️'
Update config/locales/en.yml
Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>
Update config/locales/fr.yml
Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>
Update spec/controllers/users/profil_controller_spec.rb
Update config/locales/fr.yml
Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>
Update spec/controllers/users/profil_controller_spec.rb
fix(spec): broken due to typo
Test helpers are separated between two files: spec_helper and
rails_helper. This separation is meant to allow tests that do not
require Rails (like testing standalone libs) to boot faster.
The spec_helper file is always loaded, through `--require spec_helper`
in the `.rspec` config file. When needed, the rails_helper file is
expected to be required manually.
This is fine, but:
- Many test files have a redundant `require 'spec_helper'` line;
- Many test files should require `rails_helper`, but don't.
Not requiring `rails_helper` will cause the Rails-concerned section of
the test environment not to be configured–which may cause subtle bugs
(like the test database not being properly initialized).
Moreover, Spring loads all the Rails files on preloading anyway. So the
gains from using only `spec_helper` are thin.
To streamline this process, this commit:
- Configures `.rspec` to require `rails_helper` by default;
- Remove all manual requires to spec_helper or rails_helper.
Reference: https://stackoverflow.com/questions/24145329/how-is-spec-rails-helper-rb-different-from-spec-spec-helper-rb-do-i-need-it
- as a user, it should not display the administration info
- as an instructeur, it should display the administration info
- it should render the proper view with no crash