DGNum/demarches-normaliennes
11
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity
demarches-normaliennes/app/controllers/users/registrations_controller.rb
Sébastien Carceles 20136b7ac8
feat(demarche): create and prefill a dossier with POST request (#8233) 
* add base controller for public api

* add dossiers controller with basic checks

* create the dossier

* ensure content-type is json

* prefill dossier with given values

* mark a dossier as prefilled

When a dossier is prefilled, it's allowed not to have a user.

Plus, we add a secure token to the dossier, which we will need later to set a
user after sign in / sign up.

* set user as owner of an orphan prefilled dossier

When a visitor comes from the dossier_url answered by the public api,
the dossier is orphan:
- when the user is already authenticated: they become the owner
- when the user is not authenticated: they can sign in / sign up / france_connect
and then they become the owner

So here is the procedure:
- allow to sign in / sign up / france connect when user is unauthenticated
- set dossier ownership when the dossier is orphan
- check dossier ownership when the dossier is not
- redirect to brouillon path when user is signed in and owner

* mark the dossier as prefilled when it's prefilled
(even with a GET request, because it will be useful later on, for
exmample in order to cleanup the unused prefilled dossiers)

* system spec: prefilling dossier with post request
2023-01-03 14:46:10 +01:00

91 lines
2.6 KiB
Ruby
Raw Blame History

class Users::RegistrationsController < Devise::RegistrationsController
include ProcedureContextConcern
# before_action :configure_sign_up_params, only: [:create]
# before_action :configure_account_update_params, only: [:update]
before_action :restore_procedure_context, only: [:new, :create]
layout 'procedure_context', only: [:new, :create]
# GET /resource/sign_up
def new
# Allow pre-filling the user email from a query parameter
build_resource({ email: sign_up_params[:email] })
if block_given?
yield resource
end
respond_with resource
end
# POST /resource
def create
# We may need the confirmation mailer to access the current procedure.
# But there's no easy way to pass an argument to the mailer through
# all Devise code.
# So instead we use a per-request global variable.
CurrentConfirmation.procedure_after_confirmation = @procedure
CurrentConfirmation.prefill_token = @prefill_token
# Handle existing user trying to sign up again
existing_user = User.find_by(email: params[:user][:email])
if existing_user.present?
if existing_user.confirmed?
UserMailer.new_account_warning(existing_user, @procedure).deliver_later
else
existing_user.resend_confirmation_instructions
end
return redirect_to after_inactive_sign_up_path_for(existing_user)
end
super
end
# GET /resource/edit
# def edit
# super
# end
# PUT /resource
# def update
# super
# end
# DELETE /resource
# def destroy
# super
# end
# GET /resource/cancel
# Forces the session data which is usually expired after sign
# in to be expired now. This is useful if the user wants to
# cancel oauth signing in/up in the middle of the process,
# removing all OAuth session data.
# def cancel
# super
# end
# protected
# You can put the params you want to permit in the empty array.
# def configure_sign_up_params
# devise_parameter_sanitizer.for(:sign_up) << :attribute
# end
# You can put the params you want to permit in the empty array.
# def configure_account_update_params
# devise_parameter_sanitizer.for(:account_update) << :attribute
# end
# The path used after sign up.
# def after_sign_up_path_for(resource)
# super(resource)
# end
# The path used after sign up for inactive accounts.
def after_inactive_sign_up_path_for(resource)
flash.discard(:notice) # Remove devise's default message (as we have a custom page to explain it)
new_confirmation_path(resource, :user => { email: resource.email })
end
end
Reference in a new issue View git blame Copy permalink