146 lines
3.3 KiB
Ruby
146 lines
3.3 KiB
Ruby
module Administrateurs
|
|
class APITokensController < AdministrateurController
|
|
include ActionView::RecordIdentifier
|
|
|
|
before_action :authenticate_administrateur!
|
|
before_action :set_api_token, only: [:edit, :update, :destroy]
|
|
|
|
def nom
|
|
@name = name
|
|
end
|
|
|
|
def autorisations
|
|
@name = name
|
|
@libelle_id_procedures = current_administrateur
|
|
.procedures
|
|
.order(:libelle)
|
|
.pluck(:libelle, :id)
|
|
.map { |libelle, id| ["#{id} - #{libelle}", id] }
|
|
end
|
|
|
|
def securite
|
|
end
|
|
|
|
def create
|
|
if params[:networkFiltering] == "customNetworks" && invalid_network?
|
|
return redirect_to securite_admin_api_tokens_path(all_params.merge(invalidNetwork: true))
|
|
end
|
|
|
|
@api_token, @packed_token = APIToken.generate(current_administrateur)
|
|
|
|
@api_token.update!(name:, write_access:,
|
|
allowed_procedure_ids:, authorized_networks:, expires_at:)
|
|
|
|
@curl_command = curl_command(@packed_token, @api_token.procedure_ids.first)
|
|
end
|
|
|
|
def edit
|
|
end
|
|
|
|
def update
|
|
if invalid_network?
|
|
@invalid_network = true
|
|
return render :edit
|
|
end
|
|
|
|
if @api_token.eternal? && networks.empty?
|
|
flash[:alert] = "Vous ne pouvez pas supprimer les restrictions d'accès à l'API d'un jeton permanent."
|
|
return render :edit
|
|
end
|
|
|
|
@api_token.update!(name:, authorized_networks: networks)
|
|
|
|
flash[:notice] = "Le jeton d'API a été mis à jour."
|
|
redirect_to profil_path
|
|
end
|
|
|
|
def destroy
|
|
@api_token.destroy
|
|
|
|
render turbo_stream: turbo_stream.remove(dom_id(@api_token))
|
|
end
|
|
|
|
private
|
|
|
|
def curl_command(packed_token, procedure_id)
|
|
<<~EOF
|
|
curl \\
|
|
-H 'Content-Type: application/json' \\
|
|
-H 'Authorization: Bearer #{packed_token}' \\
|
|
--data '{ "query": "{ demarche(number: #{procedure_id}) { title } }" }' \\
|
|
'#{api_v2_graphql_url}'
|
|
EOF
|
|
end
|
|
|
|
def all_params
|
|
[:name, :access, :target, :targets, :networkFiltering, :networks, :lifetime, :customLifetime]
|
|
.index_with { |param| params[param] }
|
|
end
|
|
|
|
def authorized_networks
|
|
if params[:networkFiltering] == "customNetworks"
|
|
networks
|
|
else
|
|
[]
|
|
end
|
|
end
|
|
|
|
def invalid_network?
|
|
params[:networks]
|
|
.split
|
|
.any? do
|
|
begin
|
|
IPAddr.new(_1)
|
|
false
|
|
rescue
|
|
true
|
|
end
|
|
end
|
|
end
|
|
|
|
def networks
|
|
params[:networks]
|
|
.split
|
|
.map { begin IPAddr.new(_1) rescue nil end }
|
|
.compact
|
|
end
|
|
|
|
def set_api_token
|
|
@api_token = current_administrateur.api_tokens.find(params[:id])
|
|
end
|
|
|
|
def name
|
|
params[:name]
|
|
end
|
|
|
|
def write_access
|
|
params[:access] == "read_write"
|
|
end
|
|
|
|
def allowed_procedure_ids
|
|
if params[:target] == "custom"
|
|
current_administrateur
|
|
.procedure_ids
|
|
.intersection(params[:targets].map(&:to_i))
|
|
else
|
|
nil
|
|
end
|
|
end
|
|
|
|
def expires_at
|
|
case params[:lifetime]
|
|
in 'oneWeek'
|
|
1.week.from_now.to_date
|
|
in 'custom'
|
|
[
|
|
Date.parse(params[:customLifetime]),
|
|
1.year.from_now
|
|
].min
|
|
in 'infinite' if authorized_networks.present?
|
|
nil
|
|
else
|
|
1.week.from_now.to_date
|
|
end
|
|
end
|
|
end
|
|
end
|