Merge pull request #655 from etalab/display_all_habilitations_of_a_re…

…quest

Init a tab for instructors to visualise habilitations

app/assets/stylesheets/components/authorization-request-events.css

@@ -3,15 +3,12 @@
 }
 
 ul.authorization-request-events li {
-  display: block;
-  position: relative;
   padding-bottom: var(--authorization-request-event-padding);
   padding-top: var(--authorization-request-event-padding);
-  border-bottom: 1px solid rgba(0,0,0,0.1);
+  border-top: 1px solid rgba(0,0,0,0.1);
 }
 
-ul.authorization-request-events li time {
-  position: absolute;
-  right: 0;
-  top: var(--authorization-request-event-padding);
-}
+
+ul.authorization-request-events li:last-of-type {
+  padding-bottom: 0;
+}

app/assets/stylesheets/components/authorization_row.css

@@ -0,0 +1,4 @@
+ul li.authorization-row {
+  display: block;
+  border-bottom: 1px solid rgba(0,0,0,0.1);
+}

app/controllers/instruction/authorizations_controller.rb

@@ -0,0 +1,17 @@
+class Instruction::AuthorizationsController < Instruction::AbstractAuthorizationRequestsController
+  def index
+    authorize [:instruction, @authorization_request], :show?
+
+    @authorizations = AuthorizationRequest
+      .find(params[:authorization_request_id])
+      .authorizations
+      .includes(:approving_instructor)
+      .order(created_at: :desc)
+  end
+
+  private
+
+  def layout_name
+    'instruction/authorization_request'
+  end
+end

app/helpers/application_helper.rb

@@ -52,15 +52,23 @@ def authorization_request_reopening_badge(extra_css_class: nil)
   end
 
   def authorization_request_stage_badge(authorization_request, css_class: nil)
+    stage_badge(authorization_request.definition.stage.type, css_class: css_class)
+  end
+
+  def authorization_stage_badge(authorization, css_class: nil)
+    stage_badge(authorization.definition.stage.type, css_class: css_class)
+  end
+
+  def stage_badge(stage_type, css_class: nil)
     content_tag(
       :span,
-      t("authorization_request.stage.#{authorization_request.definition.stage.type}"),
-      class: ['fr-badge', 'fr-badge--no-icon', authorization_request_stage_badge_class(authorization_request), css_class],
+      t("authorization_request.stage.#{stage_type}"),
+      class: ['fr-badge', 'fr-badge--no-icon', stage_badge_class(stage_type), css_class],
     )
   end
 
-  def authorization_request_stage_badge_class(authorization_request)
-    case authorization_request.definition.stage.type
+  def stage_badge_class(stage_type)
+    case stage_type
     when 'sandbox'
       'fr-badge--brown-caramel'
     when 'production'

app/models/authorization.rb

@@ -22,6 +22,20 @@ class Authorization < ApplicationRecord
     inverse_of: :authorization,
     dependent: :destroy
 
+  has_many :authorization_request_events,
+    as: :entity,
+    dependent: :nullify
+
+  has_one :approve_authorization_request_event,
+    -> { where(name: 'approve').order(created_at: :desc).limit(1) },
+    dependent: :nullify,
+    class_name: 'AuthorizationRequestEvent',
+    inverse_of: :entity
+
+  has_one :approving_instructor,
+    through: :approve_authorization_request_event,
+    source: :user
+
   scope :validated, -> { joins(:request).where(authorization_requests: { state: 'validated' }) }
 
   delegate :name, :kind, to: :request
@@ -45,7 +59,11 @@ def request_as_validated
   # rubocop:enable Metrics/AbcSize
 
   def latest?
-    request.latest_authorization == self
+    if definition.stage.exists?
+      request.latest_authorization_of_class(authorization_request_class) == self
+    else
+      request.latest_authorization == self
+    end
   end
 
   def latest
@@ -56,6 +74,10 @@ def authorization_request
     request
   end
 
+  def definition
+    authorization_request_class.constantize.definition
+  end
+
   private
 
   def affect_snapshot_documents(request_as_validated)

app/models/authorization_request.rb

@@ -91,6 +91,10 @@ def latest_authorization
     authorizations.order(created_at: :desc).limit(1).first
   end
 
+  def latest_authorization_of_class(authorization_request_class)
+    authorizations.where(authorization_request_class: authorization_request_class).order(created_at: :desc).limit(1).first
+  end
+
   def events
     @events ||= AuthorizationRequestEventsQuery.new(self).perform
   end

app/models/authorization_request_event.rb

@@ -60,4 +60,10 @@ def authorization_request
   rescue NoMethodError
     entity
   end
+
+  def authorization
+    entity.authorization
+  rescue NoMethodError
+    entity
+  end
 end

app/policies/authorization_request_policy.rb

@@ -72,7 +72,8 @@ def transfer?
   end
 
   def start_next_stage?
-    record.definition.next_stage? &&
+    same_user_and_organization? &&
+      record.definition.next_stage? &&
       record.validated?
   end
 

app/views/authorization_request_forms/build/_header.html.erb

@@ -29,6 +29,17 @@
           <% end %>
         </div>
       </div>
+
+      <% if @authorization && policy([:instruction, @authorization_request]).show? %>
+        <div class="fr-pb-2w fr-pl-1w">
+          Cette habilitation est liée à la <%= link_to "demande N°#{@authorization_request.id}", instruction_authorization_request_authorizations_path(@authorization_request), class: 'fr-link' %>
+          <% if @authorization.approving_instructor %>
+            et a été validée par
+            <strong><%=@authorization.approving_instructor.email%></strong>
+          <% end %>
+
+        </div>
+      <% end %>
     </div>
   </div>
 </div>

app/views/authorization_request_forms/shared/_header_badge.erb

@@ -10,10 +10,10 @@
 
     <% if @authorization.present? %>
       <li>
-        <span class="fr-badge fr-badge--no-icon"><%= t("authorization.badge", date: @authorization.created_at.strftime('%d/%m/%Y')) %></span>
+        <span class="fr-badge fr-badge--no-icon"><%= t("authorization.id_badge", id: @authorization.id) %></span>
       </li>
       <li>
-        <span class="fr-badge fr-badge--no-icon"><%= t("authorization_request.badge", id: @authorization.request.id) %></span>
+        <span class="fr-badge fr-badge--no-icon"><%= t("authorization.date_badge", date: @authorization.created_at.strftime('%d/%m/%Y')) %></span>
       </li>
     <% elsif @authorization_request.persisted? %>
       <li>

app/views/authorization_request_forms/summary.html.erb

@@ -138,7 +138,7 @@
         <div class="fr-col-12">
           <ul class="fr-btns-group fr-btns-group--inline fr-btns-group--icon-left fr-btns-group--between">
             <li class="fr-ml-auto">
-              <%= link_to t('authorization_request_forms.form.start_next_stage'), next_authorization_request_stage_path(@authorization_request), class: %w(fr-btn) %>
+              <%= link_to t('authorization_request_forms.form.start_next_stage'), next_authorization_request_stage_path(@authorization_request), class: %w(fr-btn fr-mb-0) %>
             </li>
           </ul>
         </div>

app/views/authorization_requests/shared/_reopening_callout.html.erb

@@ -6,5 +6,5 @@
   <p class="fr-callout__text">
     <%= t(".text.#{type}") %>
   </p>
-  <%= link_to t('.link.text', authorization_id: @authorization_request.latest_authorization.id), latest_authorization_path(@authorization_request), class:"fr-btn" %>
+  <%= link_to t('.link.text', authorization_created_at: @authorization_request.latest_authorization.created_at.to_date), latest_authorization_path(@authorization_request), class:"fr-btn" %>
 </div>

app/views/authorization_requests/shared/_title.html.erb

@@ -1,4 +1,9 @@
-<% if @authorization_request.reopening? && @authorization.blank? %>
+<% if @authorization.present? %>
+  <h1 class="authorization-request-form-header__name fr-mb-2w">
+    <%= @authorization.definition.name  %>
+  </h1>
+
+<% elsif @authorization_request.reopening? %>
   <h1 class="authorization-request-form-header__name">
     <span class="fr-icon-edit-box-fill fr-icon--lg fr-text-blue-france" aria-hidden="true"></span>
     <%= t('.update') %>

app/views/instruction/authorization_request_events/_authorization_request_event.html.erb

@@ -1,27 +1,44 @@
-<li id="<%= dom_id(authorization_request_event) %>" class="authorization-request-event">
-  <%=
-    content_tag(
-      :span,
-      '',
-      class: [
-        "fr-icon-#{t(".#{authorization_request_event.name}.icon", default: 'error-warning-line')}",
-        "fr-text-#{t(".#{authorization_request_event.name}.color", default: 'info')}",
-      ]
-    )
-  %>
+<li id="<%= dom_id(authorization_request_event) %>" class="fr-grid-row">
+  <div class="fr-mr-1w">
+    <%=
+      content_tag(
+        :span,
+        '',
+        class: [
+          "fr-icon-#{t(".#{authorization_request_event.name}.icon", default: 'error-warning-line')}",
+          "fr-text-#{t(".#{authorization_request_event.name}.color", default: 'info')}",
+        ]
+      )
+    %>
+  </div>
 
-  <%=
-    t(
-      ".#{authorization_request_event.name}.text",
-      **{
-        user_full_name: authorization_request_event.user_full_name,
-        text: authorization_request_event.text,
-        copied_from_authorization_request_id: authorization_request_event.copied_from_authorization_request_id,
-      }.compact
-    ).html_safe
-  %>
+  <div class="fr-col">
+    <%=
+      t(
+        ".#{authorization_request_event.name}.text",
+        **{
+          user_full_name: authorization_request_event.user_full_name,
+          text: authorization_request_event.text,
+          copied_from_authorization_request_id: authorization_request_event.copied_from_authorization_request_id,
+        }.compact
+      ).html_safe
+    %>
 
-  <%= time_tag authorization_request_event.created_at do %>
-    <%= authorization_request_event.created_at.strftime("%d/%m/%Y") %>
-  <% end %>
+    <% if authorization_request_event.name == 'approve' %>
+      <div class="fr-mt-1w">
+        <%= link_to(
+          t('.approve.view_authorization'),
+          authorization_request_authorization_path(authorization_request_event.authorization_request, authorization_request_event.authorization),
+          target: '_blank',
+          class: 'fr-link'
+        ) %>
+      </div>
+    <% end %>
+  </div>
+
+  <div>
+    <%= time_tag authorization_request_event.created_at do %>
+      <%= authorization_request_event.created_at.strftime("%d/%m/%Y") %>
+    <% end %>
+  </div>
 </li>

app/views/instruction/authorizations/index.html.erb

@@ -0,0 +1,40 @@
+<h3> <%= t('.title') %> </h3>
+
+<ul class="fr-mt-2w fr-p-0">
+  <% @authorizations.each do |authorization| %>
+    <li class="authorization-row fr-mb-4w fr-pb-2w">
+      <div class="fr-grid-row fr-grid-row--middle">
+        <div class="fr-col">
+          <ul class="fr-badge-group">
+            <li>
+              <span class="fr-badge fr-badge--no-icon">
+                <%= t("authorization.id_badge", id: authorization.id) %>
+              </span>
+            </li>
+            <li>
+              <span class="fr-badge fr-badge--no-icon">
+                <%= t("authorization.date_badge", date: authorization.created_at.strftime('%d/%m/%Y')) %>
+              </span>
+            </li>
+
+            <% if authorization.definition.stage.exists? %>
+              <li>
+                <%= authorization_stage_badge(authorization) %>
+              </li>
+            <% end %>
+          </ul>
+
+          <% if authorization.approving_instructor.present? %>
+            <div>
+              Validé par <strong><%= authorization.approving_instructor.email %></strong>
+            </div>
+          <% end %>
+        </div>
+
+        <div>
+          <%= link_to t('.show_cta'), authorization_request_authorization_path(@authorization_request, authorization), class: "fr-btn" %>
+        </div>
+      </div>
+    </li>
+  <% end %>
+</ul>

app/views/layouts/instruction/authorization_request.html.erb

@@ -42,6 +42,10 @@
         authorization_request_events: instruction_authorization_request_events_path(@authorization_request),
         messages: instruction_authorization_request_messages_path(@authorization_request),
       }
+
+      if @authorization_request.authorizations.any?
+        tabs[:authorizations] = instruction_authorization_request_authorizations_path(@authorization_request)
+      end
     %>
 
     <div class="fr-tabs" data-controller="auto-height">