85 lines
2.4 KiB
Ruby
85 lines
2.4 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class RecoveriesController < ApplicationController
|
|
before_action :ensure_agent_connect_is_used, except: [:nature, :post_nature, :support]
|
|
before_action :ensure_collectivite_territoriale, except: [:nature, :post_nature, :support]
|
|
|
|
def nature
|
|
end
|
|
|
|
def post_nature
|
|
if nature_params == 'collectivite'
|
|
redirect_to identification_recovery_path
|
|
else
|
|
redirect_to support_recovery_path(error: :other_nature)
|
|
end
|
|
end
|
|
|
|
def identification
|
|
@structure_name = structure_name
|
|
end
|
|
|
|
def post_identification
|
|
# cipher previous_user email
|
|
# to avoid leaks in the url
|
|
ciphered_email = cipher(previous_email)
|
|
|
|
redirect_to selection_recovery_path(ciphered_email:)
|
|
end
|
|
|
|
def selection
|
|
@previous_email = uncipher(params[:ciphered_email])
|
|
|
|
previous_user = User.find_by(email: @previous_email)
|
|
|
|
@recoverables = RecoveryService
|
|
.recoverable_procedures(previous_user:, siret:)
|
|
|
|
redirect_to support_recovery_path(error: :no_dossier) if @recoverables.empty?
|
|
end
|
|
|
|
def post_selection
|
|
previous_user = User.find_by(email: previous_email)
|
|
|
|
RecoveryService.recover_procedure!(previous_user:,
|
|
next_user: current_user,
|
|
siret:,
|
|
procedure_ids:)
|
|
|
|
redirect_to terminee_recovery_path
|
|
end
|
|
|
|
def terminee
|
|
end
|
|
|
|
def support
|
|
end
|
|
|
|
private
|
|
|
|
def nature_params = params[:nature]
|
|
def siret = current_instructeur.last_agent_connect_information.siret
|
|
def previous_email = params[:previous_email]
|
|
def procedure_ids = params[:procedure_ids].map(&:to_i)
|
|
|
|
def cipher(email) = message_verifier.generate(email, purpose: :agent_files_recovery, expires_in: 1.hour)
|
|
def uncipher(email) = message_verifier.verified(email, purpose: :agent_files_recovery) rescue nil
|
|
|
|
def structure_name
|
|
# we know that the structure exists because
|
|
# of the ensure_collectivite_territoriale guard
|
|
APIRechercheEntreprisesService.new.call(siret:).value![:nom_complet]
|
|
end
|
|
|
|
def ensure_agent_connect_is_used
|
|
if current_instructeur&.last_agent_connect_information.nil?
|
|
redirect_to support_recovery_path(error: :must_use_agent_connect)
|
|
end
|
|
end
|
|
|
|
def ensure_collectivite_territoriale
|
|
if !APIRechercheEntreprisesService.collectivite_territoriale?(siret:)
|
|
redirect_to support_recovery_path(error: 'not_collectivite_territoriale')
|
|
end
|
|
end
|
|
end
|