DGNum/demarches-normaliennes
11
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity
demarches-normaliennes/app/models/procedure_presentation.rb
Frederic Merizen 30ef6e6d95 [#2750] No need to validate table and column 
Because they are pre-validated by rails on the model
2018-10-10 09:07:57 +02:00

224 lines
7 KiB
Ruby
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

class ProcedurePresentation < ApplicationRecord
EXTRA_SORT_COLUMNS = {
'notifications' => Set['notifications'],
'self' => Set['id', 'state']
}
belongs_to :assign_to
delegate :procedure, to: :assign_to
validate :check_allowed_displayed_fields
validate :check_allowed_sort_column
validate :check_allowed_sort_order
validate :check_allowed_filter_columns
def fields
fields = [
field_hash('Créé le', 'self', 'created_at'),
field_hash('Mis à jour le', 'self', 'updated_at'),
field_hash('Demandeur', 'user', 'email')
]
if !procedure.for_individual || (procedure.for_individual && procedure.individual_with_siret)
fields.push(
field_hash('SIREN', 'etablissement', 'entreprise_siren'),
field_hash('Forme juridique', 'etablissement', 'entreprise_forme_juridique'),
field_hash('Nom commercial', 'etablissement', 'entreprise_nom_commercial'),
field_hash('Raison sociale', 'etablissement', 'entreprise_raison_sociale'),
field_hash('SIRET siège social', 'etablissement', 'entreprise_siret_siege_social'),
field_hash('Date de création', 'etablissement', 'entreprise_date_creation')
)
fields.push(
field_hash('SIRET', 'etablissement', 'siret'),
field_hash('Libellé NAF', 'etablissement', 'libelle_naf'),
field_hash('Code postal', 'etablissement', 'code_postal')
)
end
explanatory_types_de_champ = [:header_section, :explication].map{ |k| TypeDeChamp.type_champs.fetch(k) }
fields.concat procedure.types_de_champ
.reject { |tdc| explanatory_types_de_champ.include?(tdc.type_champ) }
.map { |type_de_champ| field_hash(type_de_champ.libelle, 'type_de_champ', type_de_champ.id.to_s) }
fields.concat procedure.types_de_champ_private
.reject { |tdc| explanatory_types_de_champ.include?(tdc.type_champ) }
.map { |type_de_champ| field_hash(type_de_champ.libelle, 'type_de_champ_private', type_de_champ.id.to_s) }
fields
end
def fields_for_select
fields.map do |field|
[field['label'], "#{field['table']}/#{field['column']}"]
end
end
def displayed_field_values(dossier)
displayed_fields.map { |field| get_value(dossier, field['table'], field['column']) }
end
def sorted_ids(dossiers, gestionnaire)
table = sort['table']
column = sanitized_column(sort)
order = sort['order']
case table
when 'notifications'
dossiers_id_with_notification = gestionnaire.notifications_for_procedure(procedure)
if order == 'desc'
return dossiers_id_with_notification +
(dossiers.order('dossiers.updated_at desc').ids - dossiers_id_with_notification)
else
return (dossiers.order('dossiers.updated_at asc').ids - dossiers_id_with_notification) +
dossiers_id_with_notification
end
when 'self'
return dossiers
.order("#{column} #{order}")
.pluck(:id)
when 'type_de_champ', 'type_de_champ_private'
return dossiers
.includes(table == 'type_de_champ' ? :champs : :champs_private)
.where("champs.type_de_champ_id = #{sort['column'].to_i}")
.order("champs.value #{order}")
.pluck(:id)
else
return dossiers
.includes(table)
.order("#{column} #{order}")
.pluck(:id)
end
end
def filtered_ids(dossiers, statut)
filters[statut].map do |filter|
table = filter['table']
column = sanitized_column(filter)
case table
when 'self'
dossiers.where("? ILIKE ?", filter['column'], "%#{filter['value']}%")
when 'france_connect_information'
dossiers
.includes(user: :france_connect_information)
.where("? ILIKE ?", "france_connect_informations.#{filter['column']}", "%#{filter['value']}%")
when 'type_de_champ', 'type_de_champ_private'
relation = table == 'type_de_champ' ? :champs : :champs_private
dossiers
.includes(relation)
.where("champs.type_de_champ_id = ?", filter['column'].to_i)
.where("champs.value ILIKE ?", "%#{filter['value']}%")
when 'etablissement'
if filter['column'] == 'entreprise_date_creation'
date = filter['value'].to_date rescue nil
dossiers
.includes(table)
.where("#{column} = ?", date)
else
dossiers
.includes(table)
.where("#{column} ILIKE ?", "%#{filter['value']}%")
end
when 'user'
dossiers
.includes(table)
.where("#{column} ILIKE ?", "%#{filter['value']}%")
end.pluck(:id)
end.reduce(:&)
end
private
def check_allowed_displayed_fields
displayed_fields.each do |field|
table = field['table']
column = field['column']
if !valid_column?(table, column)
errors.add(:filters, "#{table}.#{column} nest pas une colonne permise")
end
end
end
def check_allowed_sort_column
table = sort['table']
column = sort['column']
if !valid_sort_column?(table, column)
errors.add(:sort, "#{table}.#{column} nest pas une colonne permise")
end
end
def check_allowed_sort_order
order = sort['order']
if !["asc", "desc"].include?(order)
errors.add(:sort, "#{order} nest pas une ordre permis")
end
end
def check_allowed_filter_columns
filters.each do |_, columns|
columns.each do |column|
table = column['table']
column = column['column']
if !valid_column?(table, column)
errors.add(:filters, "#{table}.#{column} nest pas une colonne permise")
end
end
end
end
def get_value(dossier, table, column)
case table
when 'self'
dossier.send(column)
when 'user'
dossier.user.send(column)
when 'etablissement'
dossier.etablissement&.send(column)
when 'type_de_champ'
dossier.champs.find { |c| c.type_de_champ_id == column.to_i }.value
when 'type_de_champ_private'
dossier.champs_private.find { |c| c.type_de_champ_id == column.to_i }.value
end
end
def field_hash(label, table, column)
{
'label' => label,
'table' => table,
'column' => column
}
end
def valid_column?(table, column)
valid_columns_for_table(table).include?(column)
end
def valid_columns_for_table(table)
@column_whitelist ||= fields
.group_by { |field| field['table'] }
.map { |table, fields| [table, Set.new(fields.map { |field| field['column'] }) ] }
.to_h
@column_whitelist[table] || []
end
def sanitized_column(field)
table = field['table']
table = ActiveRecord::Base.connection.quote_column_name((table == 'self' ? 'dossier' : table).pluralize)
column = ActiveRecord::Base.connection.quote_column_name(field['column'])
table + '.' + column
end
def dossier_field_service
@dossier_field_service ||= DossierFieldService.new
end
def valid_sort_column?(table, column)
valid_column?(table, column) || EXTRA_SORT_COLUMNS[table]&.include?(column)
end
end
Reference in a new issue View git blame Copy permalink