* add base controller for public api
* add dossiers controller with basic checks
* create the dossier
* ensure content-type is json
* prefill dossier with given values
* mark a dossier as prefilled
When a dossier is prefilled, it's allowed not to have a user.
Plus, we add a secure token to the dossier, which we will need later to set a
user after sign in / sign up.
* set user as owner of an orphan prefilled dossier
When a visitor comes from the dossier_url answered by the public api,
the dossier is orphan:
- when the user is already authenticated: they become the owner
- when the user is not authenticated: they can sign in / sign up / france_connect
and then they become the owner
So here is the procedure:
- allow to sign in / sign up / france connect when user is unauthenticated
- set dossier ownership when the dossier is orphan
- check dossier ownership when the dossier is not
- redirect to brouillon path when user is signed in and owner
* mark the dossier as prefilled when it's prefilled
(even with a GET request, because it will be useful later on, for
exmample in order to cleanup the unused prefilled dossiers)
* system spec: prefilling dossier with post request
Although we already ignore "invalid recipient" errors, a new type
of error recently popped: the mail service responds with
> Net::SMTPServerBusy '400 unexpected recipients: want atleast 1, got 0'
We want to also ignore this kind of errors.
As mailers are run asynchronously, they don't have access to the
CurrentConfirmation defined in an earlier request.
For the procedure_after_confirmation to be serialized to the Mailer,
we need to pass it at creation time.
This allows to redirect the user to the procedure they signed up for
even when the browser session is not available (like if they changed
of browser).
Fix#4738
`default template_path:` was the documented way, but wasn’t working
(and there was no hint in the source code of Devise that it could
work)
Therefore, let’s override `template_paths` instead and stop worrying
