Merge pull request #1747 from etalab/features/espace-editeur

Bootstrap Espace éditeur
etalab · Dec 10, 2024 · 41e42b5 · 41e42b5
2 parents de66cbe + 8a337bd
commit 41e42b5
Show file tree

Hide file tree

Showing 33 changed files with 606 additions and 56 deletions.
diff --git a/app/controllers/admin/editors_controller.rb b/app/controllers/admin/editors_controller.rb
@@ -0,0 +1,5 @@
+class Admin::EditorsController < AdminController
+  def index
+    @editors = Editor.includes(:users).page(params[:page])
+  end
+end
diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb
@@ -1,9 +1,26 @@
 class Admin::UsersController < AdminController
   def index
-    @q = User.ransack(params[:q])
+    @q = User.includes(:editor).ransack(params[:q])
     @users = @q.result(distinct: true).page(params[:page])
   end
 
+  def edit
+    @user = User.find(params[:id])
+    @editors = Editor.all
+  end
+
+  def update
+    @user = User.find(params[:id])
+
+    if @user.update(user_params)
+      success_message(title: "Utilisateur #{@user.email} a bien été modifié")
+
+      redirect_to admin_users_path
+    else
+      render :edit
+    end
+  end
+
   def impersonate
     user = User.find(params[:id])
 
@@ -17,4 +34,10 @@ def stop_impersonating
 
     redirect_to admin_users_path
   end
+
+  private
+
+  def user_params
+    params.require(:user).permit(:editor_id)
+  end
 end
diff --git a/app/controllers/editor/authorization_requests_controller.rb b/app/controllers/editor/authorization_requests_controller.rb
@@ -0,0 +1,10 @@
+class Editor::AuthorizationRequestsController < EditorController
+  def index
+    @authorization_requests = current_editor
+      .authorization_requests(api: namespace)
+      .includes(:active_token)
+      .where(
+        status: 'validated'
+      ).page(params[:page])
+  end
+end
diff --git a/app/controllers/editor_controller.rb b/app/controllers/editor_controller.rb
@@ -0,0 +1,24 @@
+class EditorController < ApplicationController
+  include AuthenticatedUserManagement
+
+  before_action :user_is_editor?
+  helper_method :current_editor
+
+  layout 'editor'
+
+  protected
+
+  def current_editor
+    @current_editor ||= current_user.editor
+  end
+
+  private
+
+  def user_is_editor?
+    redirect_to_root unless current_user.editor?
+  end
+
+  def namespace
+    request.host.split('.').first
+  end
+end
diff --git a/app/helpers/external_url_helper.rb b/app/helpers/external_url_helper.rb
@@ -22,6 +22,21 @@ def datapass_base_url
     end
   end
 
+  def datapass_v2_public_authorization_request_url(authorization_request)
+    "#{datapass_v2_base_url(authorization_request.api)}/public/demandes/#{authorization_request.public_id}"
+  end
+
+  def datapass_v2_base_url(api)
+    case Rails.env
+    when 'staging'
+      "https://staging.api-#{api}.v2.datapass.api.gouv.fr"
+    when 'sandbox'
+      "https://sandbox.api-#{api}.v2.datapass.api.gouv.fr"
+    else
+      "https://api-#{api}.v2.datapass.api.gouv.fr"
+    end
+  end
+
   private
 
   def highlight_section(prolong_token_wizard)

diff --git a/app/lib/seeds.rb b/app/lib/seeds.rb
@@ -6,6 +6,7 @@ def perform
     @contact_email = '[email protected]'
     @contact = create_contact
 
+    create_editor
     create_data_for_api_entreprise
     create_data_for_api_particulier
     create_data_shared
@@ -65,6 +66,19 @@ def create_contact
     )
   end
 
+  def create_editor
+    editor = Editor.create!(
+      name: 'UMAD Corp',
+      form_uids: %w[umadcorp-form-api-entreprise umadcorp-form-api-particulier]
+    )
+    create_user(
+      email: '[email protected]',
+      first_name: 'Edouard',
+      last_name: 'Lefevre',
+      editor: editor
+    )
+  end
+
   def create_magic_link
     MagicLink.create!(email: @user.email)
   end
@@ -81,6 +95,7 @@ def create_api_entreprise_token_valid
         external_id: 102,
         status: :validated,
         first_submitted_at: 2.weeks.ago,
+        demarche: 'umadcorp-form-api-entreprise',
         siret: '12000101100010'
       }
     )
@@ -163,6 +178,7 @@ def create_api_particulier_token_valid
         intitule: 'Mairie de Bordeaux',
         external_id: 201,
         status: :validated,
+        demarche: 'umadcorp-form-api-particulier',
         first_submitted_at: 2.weeks.ago
       }
     )

diff --git a/app/mailers/api_particulier/reporters_mailer.rb b/app/mailers/api_particulier/reporters_mailer.rb
@@ -1,4 +1,6 @@
 class APIParticulier::ReportersMailer < APIParticulierMailer
+  include ExternalUrlHelper
+
   skip_before_action :attach_logos
 
   helper_method :datapass_v2_public_authorization_request_url
@@ -25,21 +27,6 @@ class APIParticulier::ReportersMailer < APIParticulierMailer
 
   private
 
-  def datapass_v2_public_authorization_request_url(authorization_request)
-    "#{datapass_v2_base_url(authorization_request.api)}/public/demandes/#{authorization_request.public_id}"
-  end
-
-  def datapass_v2_base_url(api)
-    case Rails.env
-    when 'staging'
-      "https://staging.api-#{api}.v2.datapass.api.gouv.fr"
-    when 'sandbox'
-      "https://sandbox.api-#{api}.v2.datapass.api.gouv.fr"
-    else
-      "https://api-#{api}.v2.datapass.api.gouv.fr"
-    end
-  end
-
   def reporter_emails(groups)
     reporters_config.values_at(*groups).flatten
   end

diff --git a/app/models/editor.rb b/app/models/editor.rb
@@ -0,0 +1,12 @@
+class Editor < ApplicationRecord
+  has_many :users,
+    dependent: :nullify
+
+  validates :name, presence: true
+
+  def authorization_requests(api:)
+    AuthorizationRequest
+      .where(api:)
+      .where(demarche: form_uids)
+  end
+end
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -6,6 +6,9 @@ class User < ApplicationRecord
 
   has_many :tokens, through: :authorization_requests
 
+  belongs_to :editor,
+    optional: true
+
   validates :email,
     presence: true,
     uniqueness: { case_sensitive: false },
@@ -59,6 +62,10 @@ def sanitize_email
     self.email = email.downcase.strip
   end
 
+  def editor?
+    editor.present?
+  end
+
   def admin?
     if Rails.env.production?
       Rails.application.credentials.admin_emails.include?(email)

diff --git a/app/views/admin/editors/index.html.erb b/app/views/admin/editors/index.html.erb
@@ -0,0 +1,59 @@
+<div class="fr-table fr-table--bordered fr-table--layout-fixed">
+  <table>
+    <caption>
+      Éditeurs
+    </caption>
+    <thead>
+      <tr>
+        <%
+          [
+            'ID',
+            'Nom',
+            'Formulaires',
+            'Emails',
+          ].each do |attr|
+        %>
+          <th scope="col">
+            <%= attr %>
+          </th>
+        <% end %>
+      </tr>
+    </thead>
+
+    <tbody>
+      <% @editors.each do |editor| %>
+        <tr id="<%= dom_id(editor) %>" class="editor">
+          <td class="editor-id">
+            <%= editor.id %>
+          </td>
+          <td class="editor-name">
+            <%= editor.name %>
+          </td>
+          <td class="editor-form_uids">
+            <ul>
+              <% editor.form_uids.each do |form_uid| %>
+                <% url = "#{datapass_v2_base_url(namespace)}/formulaires/#{form_uid}/demande/nouveau" %>
+                <li>
+                  <%= link_to form_uid, url, target: '_blank' %>
+                </li>
+              <% end %>
+            </ul>
+          </td>
+          <td class="editor-emails">
+            <% if editor.users %>
+              <ul>
+                <% editor.users.each do |user| %>
+                  <li>
+                    <%= user.email %>
+                  </li>
+                <% end %>
+              </ul>
+            <% end %>
+          </td>
+        </tr>
+      <% end %>
+    </tbody>
+  </table>
+</div>
+
+<%= paginate @editors %>
diff --git a/app/views/admin/users/edit.html.erb b/app/views/admin/users/edit.html.erb
@@ -0,0 +1,13 @@
+<%= form_for(@user, url: [:admin, @user]) do |f| %>
+  <div class="fr-input-group">
+    <%= f.label :email, class: %w[fr-label] %>
+    <%= f.text_field :email, disabled: true, class: %w[fr-input] %>
+  </div>
+
+  <div class="fr-select-group">
+    <%= f.label :editor, class: %w[fr-label] %>
+    <%= f.collection_select :editor_id, @editors, :id, :name, { include_blank: true }, { class: %w[fr-select] } %>
+  </div>
+
+  <%= f.button :submit, class: %[fr-btn], id: 'submit' %>
+<% end %>
diff --git a/app/views/admin/users/index.html.erb b/app/views/admin/users/index.html.erb
@@ -17,11 +17,11 @@
       <tr>
         <%
           [
-            'ID',
             'Prénom',
             'Nom',
             'Email',
             'Organizations',
+            'Éditeur associé',
             'DataPass ID',
             'Actions',
           ].each do |attr|
@@ -36,9 +36,6 @@
     <tbody>
       <% @users.each do |user| %>
         <tr id="<%= dom_id(user) %>" class="user">
-          <td class="user-id">
-            <%= user.id %>
-          </td>
           <td class="user-first_name">
             <%= user.first_name %>
           </td>
@@ -62,7 +59,14 @@
             <% end %>
           </td>
 
-          <td class="user-organizations">
+          <td class="user-editor">
+            <% if user.editor %>
+              <%= user.editor.name %>
+            <% end %>
+
+            <%= link_to "Modifier l'éditeur associé", edit_admin_user_path(user), id: dom_id(user, :edit) %>
+          </td>
+          <td class="user-datapass">
             <% if user.authorization_requests.where(api: namespace).any? %>
               <ul>
                 <% user.authorization_requests.where(api: namespace).each do |authorization_request| %>
@@ -76,7 +80,7 @@
 
           <td class="user-actions">
             <% if current_user != user %>
-              <%= button_to 'Se connecter en tant que cet utilisateur', impersonate_admin_user_path(user), data: { turbo: false }, class: 'fr-btn', id: dom_id(user, :impersonate) %>
+              <%= button_to 'Se connecter en tant que cet utilisateur', impersonate_admin_user_path(user), data: { turbo: false }, class: 'fr-btn fr-btn--sm', id: dom_id(user, :impersonate) %>
             <% end %>
           </td>
         </tr>

diff --git a/app/views/editor/authorization_requests/index.html.erb b/app/views/editor/authorization_requests/index.html.erb
@@ -0,0 +1,48 @@
+<div class="fr-table fr-table--bordered fr-table--layout-fixed">
+  <table>
+    <caption>
+      Habilitations
+    </caption>
+    <thead>
+      <tr>
+        <%
+          [
+            'DataPass ID',
+            'Intitule',
+            'Jeton principal',
+            'Organization',
+          ].each do |attr|
+        %>
+          <th scope="col">
+            <%= attr %>
+          </th>
+        <% end %>
+      </tr>
+    </thead>
+
+    <tbody>
+      <% @authorization_requests.each do |authorization_request| %>
+        <tr id="<%= dom_id(authorization_request) %>" class="authorization-request">
+          <td class="authorization_request-external_id">
+            <%= link_to("DataPass ##{authorization_request.external_id}", "#{datapass_v2_base_url(authorization_request.api)}/public/demandes/#{authorization_request.public_id}", target: '_blank')%>
+          </td>
+          <td class="authorization_request-intitule">
+            <%= authorization_request.intitule %>
+          </td>
+          <td class="authorization_request-token">
+            <% if authorization_request.token %>
+              <%= render partial: 'shared/tokens/detail_short', locals: { token: authorization_request.token.decorate } %>
+            <% end %>
+          </td>
+          <td class="authorization_request-siret">
+            <a href="https://annuaire-entreprises.data.gouv.fr/etablissement/<%= authorization_request.siret %>" target="_blank">
+              <%= authorization_request.siret %>
+            </a>
+          </td>
+        </tr>
+      <% end %>
+    </tbody>
+  </table>
+</div>
+
+<%= paginate @authorization_requests %>
diff --git a/app/views/layouts/admin.html.erb b/app/views/layouts/admin.html.erb
@@ -18,7 +18,7 @@
   <body>
     <%= render partial: 'shared/admin/header' %>
 
-    <div class="fr-container fr-mb-5w fr-mt-5w">
+    <div class="fr-container fr-mb-5w fr-my-5w">
       <turbo-frame id="alerts">
         <%= render partial: 'shared/alerts' %>
       </turbo-frame>