diff --git a/README.md b/README.md index 2dca36e79c..accae380fa 100644 --- a/README.md +++ b/README.md @@ -223,9 +223,11 @@ Some custom one shot tasks are available. To run a custom task: `mix ` -* `Transport.ImportAom`: import the aom data from the cerema -* `Transport.ImportEPCI`: import the french EPCI from data.gouv -* `Transport.OpenApiSpec`: generate an OpenAPI specification file +* `mix Transport.ImportAOMs`: import the aom data from the cerema +* `mix Transport.ImportCommunes`: import the french communes from data.gouv +* `mix Transport.ImportEPCI`: import the french EPCI from data.gouv +* `mix Transport.ImportDepartements`: import the french Départements from data.gouv +* `mix Transport.OpenApiSpec`: generate an OpenAPI specification file ## Testing emails diff --git a/apps/gbfs/mix.exs b/apps/gbfs/mix.exs index 7861ecca68..19e0a68ed8 100644 --- a/apps/gbfs/mix.exs +++ b/apps/gbfs/mix.exs @@ -11,7 +11,6 @@ defmodule GBFS.MixProject do lockfile: "../../mix.lock", elixir: "~> 1.8", elixirc_paths: elixirc_paths(Mix.env()), - compilers: [:phoenix] ++ Mix.compilers(), start_permanent: Mix.env() == :prod, deps: deps(), test_coverage: [tool: ExCoveralls], @@ -38,7 +37,7 @@ defmodule GBFS.MixProject do [ {:cachex, "~> 3.5"}, {:httpoison, "~> 2.1"}, - {:phoenix, "~> 1.6.2"}, + {:phoenix, "~> 1.7.0"}, {:sweet_xml, ">= 0.0.0"}, {:jason, ">= 0.0.0"}, {:cors_plug, "~> 3.0"}, diff --git a/apps/shared/lib/helpers.ex b/apps/shared/lib/helpers.ex index fc224103e7..f1ba55eff4 100644 --- a/apps/shared/lib/helpers.ex +++ b/apps/shared/lib/helpers.ex @@ -57,13 +57,4 @@ defmodule Helpers do dates -> dates |> Enum.max(DateTime) |> DateTime.to_iso8601() end end - - @spec admin?(map | nil) :: boolean - def admin?(%{} = user) do - user - |> Map.get("organizations", []) - |> Enum.any?(fn org -> org["slug"] == "equipe-transport-data-gouv-fr" end) - end - - def admin?(nil), do: false end diff --git a/apps/shared/mix.exs b/apps/shared/mix.exs index f1d5059ff8..18e1a6dcf8 100644 --- a/apps/shared/mix.exs +++ b/apps/shared/mix.exs @@ -46,7 +46,7 @@ defmodule Shared.MixProject do {:finch, "~> 0.8"}, # Required for the ConditionalJSONEncoder shared component, but # there is probably a way to avoid that? - {:phoenix, "~> 1.6.2"}, + {:phoenix, "~> 1.7.0"}, # The global app config references Sentry.LoggerBackend. We add it in "shared" # as an implicit dependency, to ensure `Sentry.LoggerBackend` is always defined, # otherwise running tests for an individual umbrella sub-app will raise error. diff --git a/apps/transport/client/yarn.lock b/apps/transport/client/yarn.lock index 01755e034d..7578253a6e 100644 --- a/apps/transport/client/yarn.lock +++ b/apps/transport/client/yarn.lock @@ -4041,7 +4041,7 @@ path-type@^4.0.0: integrity sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw== "phoenix@file:../../../deps/phoenix": - version "1.6.16" + version "1.7.10" "phoenix_html@file:../../../deps/phoenix_html": version "3.3.3" diff --git a/apps/transport/lib/db/commune.ex b/apps/transport/lib/db/commune.ex index a4321ed448..9a64cc35b7 100644 --- a/apps/transport/lib/db/commune.ex +++ b/apps/transport/lib/db/commune.ex @@ -4,7 +4,7 @@ defmodule DB.Commune do """ use Ecto.Schema use TypedEctoSchema - alias DB.{AOM, Departement, Region} + alias DB.{AOM, Departement, EPCI, Region} alias Geo.MultiPolygon typed_schema "commune" do @@ -20,5 +20,6 @@ defmodule DB.Commune do belongs_to(:aom_res, AOM, references: :composition_res_id) belongs_to(:region, Region) belongs_to(:departement, Departement, foreign_key: :departement_insee, references: :insee, type: :string) + belongs_to(:epci, EPCI, foreign_key: :epci_insee, references: :insee, type: :string) end end diff --git a/apps/transport/lib/db/epci.ex b/apps/transport/lib/db/epci.ex index 2b91640a8d..c4b626df09 100644 --- a/apps/transport/lib/db/epci.ex +++ b/apps/transport/lib/db/epci.ex @@ -1,19 +1,34 @@ defmodule DB.EPCI do @moduledoc """ - EPCI schema + EPCI schema. - Link the EPCI to some Communes. - The EPCI are loaded once and for all by the task transport/lib/transport/import_epci.ex + The EPCI are loaded by the task transport/lib/transport/import_epci.ex. + The EPCI imported are only "à fiscalité propre". This excludes Etablissements Publics Territoriaux. + This allows to have a 1 to 1 relation between a commune and an EPCI. """ use Ecto.Schema use TypedEctoSchema + import Ecto.Changeset typed_schema "epci" do - field(:code, :string) + field(:insee, :string) field(:nom, :string) + field(:type, :string) + field(:mode_financement, :string) + field(:geom, Geo.PostGIS.Geometry) :: Geo.MultiPolygon.t() + has_many(:communes, DB.Commune, foreign_key: :epci_insee) + end - # for the moment we don't need a link relational link to the Commune table, - # so we only store an array of insee code - field(:communes_insee, {:array, :string}, default: []) + def changeset(epci, attrs) do + epci + |> cast(attrs, [:insee, :nom, :geom, :type, :mode_financement]) + |> validate_required([:insee, :nom, :geom, :type, :mode_financement]) + |> validate_inclusion(:type, allowed_types()) + |> validate_inclusion(:mode_financement, allowed_mode_financement()) end + + defp allowed_types, + do: ["Communauté d'agglomération", "Communauté urbaine", "Communauté de communes", "Métropole", "Métropole de Lyon"] + + defp allowed_mode_financement, do: ["Fiscalité professionnelle unique", "Fiscalité additionnelle"] end diff --git a/apps/transport/lib/jobs/dataset_now_on_nap_notification_job.ex b/apps/transport/lib/jobs/dataset_now_on_nap_notification_job.ex index c7b133f52f..67f57f5f0f 100644 --- a/apps/transport/lib/jobs/dataset_now_on_nap_notification_job.ex +++ b/apps/transport/lib/jobs/dataset_now_on_nap_notification_job.ex @@ -27,8 +27,7 @@ defmodule Transport.Jobs.DatasetNowOnNAPNotificationJob do Phoenix.View.render_to_string(TransportWeb.EmailView, "dataset_now_on_nap.html", dataset_url: TransportWeb.Router.Helpers.dataset_url(TransportWeb.Endpoint, :details, dataset.slug), dataset_custom_title: dataset.custom_title, - contact_email_address: Application.get_env(:transport, :contact_email), - espace_producteur_url: TransportWeb.Router.Helpers.page_url(TransportWeb.Endpoint, :espace_producteur) + contact_email_address: Application.get_env(:transport, :contact_email) ) ) diff --git a/apps/transport/lib/jobs/update_contacts_job.ex b/apps/transport/lib/jobs/update_contacts_job.ex index 0202cc4e6a..9a2c8513f0 100644 --- a/apps/transport/lib/jobs/update_contacts_job.ex +++ b/apps/transport/lib/jobs/update_contacts_job.ex @@ -25,12 +25,23 @@ defmodule Transport.Jobs.UpdateContactsJob do DB.Contact.base_query() |> where([contact: c], c.datagouv_user_id in ^ids) |> DB.Repo.all() - |> Enum.each(fn %DB.Contact{datagouv_user_id: datagouv_user_id} = contact -> - {:ok, %{"organizations" => organizations}} = Datagouvfr.Client.User.get(datagouv_user_id) + |> Enum.each(&update_contact/1) + end + + defp update_contact(%DB.Contact{datagouv_user_id: datagouv_user_id} = contact) do + # https://doc.data.gouv.fr/api/reference/#/users/get_user + # 404 status code: User not found + # 410 status code: User is not active or has been deleted + case Datagouvfr.Client.User.get(datagouv_user_id) do + {:ok, %{"organizations" => organizations}} -> + contact + |> DB.Contact.changeset(%{organizations: organizations}) + |> DB.Repo.update!() - contact - |> DB.Contact.changeset(%{organizations: organizations}) - |> DB.Repo.update!() - end) + {:error, reason} when reason in [:not_found, :gone] -> + contact + |> DB.Contact.changeset(%{organizations: [], datagouv_user_id: nil}) + |> DB.Repo.update!() + end end end diff --git a/apps/transport/lib/mix/tasks/transport/import_aoms.ex b/apps/transport/lib/mix/tasks/transport/import_aoms.ex index ee3e79b9fa..90ac21ee39 100644 --- a/apps/transport/lib/mix/tasks/transport/import_aoms.ex +++ b/apps/transport/lib/mix/tasks/transport/import_aoms.ex @@ -1,4 +1,4 @@ -defmodule Mix.Tasks.Transport.ImportAoms do +defmodule Mix.Tasks.Transport.ImportAOMs do @moduledoc """ Import the AOM files and updates the database. @@ -13,7 +13,7 @@ defmodule Mix.Tasks.Transport.ImportAoms do This is a one shot import task, run when the AOM have changed, at least every year. - The import can be launched through mix transport.import_aoms + The import can be launched through mix Transport.ImportAOMs """ @shortdoc "Refreshes the database table `aom` with the latest data" diff --git a/apps/transport/lib/mix/tasks/transport/import_communes.ex b/apps/transport/lib/mix/tasks/transport/import_communes.ex index b858422e78..c7dc73e479 100644 --- a/apps/transport/lib/mix/tasks/transport/import_communes.ex +++ b/apps/transport/lib/mix/tasks/transport/import_communes.ex @@ -1,6 +1,6 @@ defmodule Mix.Tasks.Transport.ImportCommunes do @moduledoc """ - Import or updates commune data (list, geometry) from official sources. Run with `mix transport.import_communes`. + Import or updates commune data (list, geometry) from official sources. Run with `mix Transport.ImportCommunes`. """ @shortdoc "Refreshes the database table `commune` with the latest data" diff --git a/apps/transport/lib/mix/tasks/transport/import_epci.ex b/apps/transport/lib/mix/tasks/transport/import_epci.ex index abcfddffb3..77595efb4a 100644 --- a/apps/transport/lib/mix/tasks/transport/import_epci.ex +++ b/apps/transport/lib/mix/tasks/transport/import_epci.ex @@ -1,47 +1,45 @@ defmodule Mix.Tasks.Transport.ImportEPCI do @moduledoc """ Import the EPCI file to get the relation between the cities and the EPCI + Run: mix transport.importEPCI """ use Mix.Task import Ecto.Query alias Ecto.Changeset - alias DB.{EPCI, Repo} + alias DB.{Commune, EPCI, Repo} require Logger @epci_file "https://unpkg.com/@etalab/decoupage-administratif@3.1.1/data/epci.json" + @epci_geojson_url "http://etalab-datasets.geo.data.gouv.fr/contours-administratifs/2023/geojson/epci-100m.geojson" - def run(params) do - Logger.info("importing epci") + def run(_params) do + Logger.info("Importing EPCIs") - if params[:no_start] do - HTTPoison.start() - else - Mix.Task.run("app.start", []) - end + Mix.Task.run("app.start") - with {:ok, %HTTPoison.Response{status_code: 200, body: body}} <- HTTPoison.get(@epci_file), - {:ok, json} <- Jason.decode(body) do - json |> Enum.each(&insert_epci/1) - - # Remove EPCIs that have been removed - epci_codes = Enum.map(json, & &1["code"]) - EPCI |> where([e], e.code not in ^epci_codes) |> Repo.delete_all() - - nb_epci = Repo.aggregate(EPCI, :count, :id) - Logger.info("#{nb_epci} are now in database") - :ok - else - e -> - Logger.warning("impossible to fetch epci file, error #{inspect(e)}") - :error - end + %{status: 200, body: json} = Req.get!(@epci_file, connect_options: [timeout: 15_000], receive_timeout: 15_000) + check_communes_list(json) + geojsons = geojson_by_insee() + + json |> Enum.each(&insert_epci(&1, geojsons)) + json |> Enum.each(&update_communes_epci/1) + + # Remove EPCIs that have been removed + epci_codes = json |> Enum.map(& &1["code"]) + EPCI |> where([e], e.insee not in ^epci_codes) |> Repo.delete_all() + + nb_epci = Repo.aggregate(EPCI, :count, :id) + Logger.info("#{nb_epci} are now in database") + Logger.info("Ensure valid geometries and rectify if needed.") + ensure_valid_geometries() + :ok end @spec get_or_create_epci(binary()) :: EPCI.t() defp get_or_create_epci(code) do EPCI - |> Repo.get_by(code: code) + |> Repo.get_by(insee: code) |> case do nil -> %EPCI{} @@ -51,21 +49,82 @@ defmodule Mix.Tasks.Transport.ImportEPCI do end end - @spec insert_epci(map()) :: any() - defp insert_epci(%{"code" => code, "nom" => nom, "membres" => m}) do + @spec insert_epci(map(), map()) :: any() + defp insert_epci(%{"code" => code, "nom" => nom, "type" => type, "modeFinancement" => mode_financement}, geojsons) do code |> get_or_create_epci() - |> Changeset.change(%{ - code: code, + |> EPCI.changeset(%{ + insee: code, nom: nom, - communes_insee: get_insees(m) + type: normalize_type(type), + mode_financement: normalize_mode_financement(mode_financement), + geom: build_geometry(geojsons, code) }) |> Repo.insert_or_update() end + defp check_communes_list(body) do + all_communes = + body + |> Enum.map(fn epci -> + epci["membres"] |> Enum.map(& &1["code"]) + end) + |> List.flatten() + + duplicate_communes = all_communes -- Enum.uniq(all_communes) + + if duplicate_communes != [] do + raise "One or multiple communes belong to different EPCIs. List: #{duplicate_communes}" + end + end + + defp update_communes_epci(%{"code" => code, "membres" => m}) do + communes_arr = get_insees(m) + communes = Repo.all(from(c in Commune, where: c.insee in ^communes_arr)) + + communes + |> Enum.each(fn commune -> + commune + |> Changeset.change(epci_insee: code) + |> Repo.update() + end) + + :ok + end + @spec get_insees([map()]) :: [binary()] defp get_insees(members) do members |> Enum.map(fn m -> m["code"] end) end + + defp geojson_by_insee do + %{status: 200, body: body} = + Req.get!(@epci_geojson_url, connect_options: [timeout: 15_000], receive_timeout: 15_000) + + body + # Req doesn’t decode GeoJSON body automatically as it does for JSON + |> Jason.decode!() + |> Map.fetch!("features") + |> Map.new(fn record -> {record["properties"]["code"], record["geometry"]} end) + end + + defp build_geometry(geojsons, insee) do + {:ok, geom} = Geo.PostGIS.Geometry.cast(Map.fetch!(geojsons, insee)) + %{geom | srid: 4326} + end + + defp ensure_valid_geometries, + do: Repo.query!("UPDATE epci SET geom = ST_MakeValid(geom) WHERE NOT ST_IsValid(geom);") + + @spec normalize_type(binary()) :: binary() + defp normalize_type("CA"), do: "Communauté d'agglomération" + defp normalize_type("CU"), do: "Communauté urbaine" + defp normalize_type("CC"), do: "Communauté de communes" + defp normalize_type("METRO"), do: "Métropole" + defp normalize_type("MET69"), do: "Métropole de Lyon" + + @spec normalize_mode_financement(binary()) :: binary() + defp normalize_mode_financement("FPU"), do: "Fiscalité professionnelle unique" + defp normalize_mode_financement("FA"), do: "Fiscalité additionnelle" end diff --git a/apps/transport/lib/transport/import_data.ex b/apps/transport/lib/transport/import_data.ex index a2fa7cf59e..619fcf50db 100644 --- a/apps/transport/lib/transport/import_data.ex +++ b/apps/transport/lib/transport/import_data.ex @@ -6,7 +6,7 @@ defmodule Transport.ImportData do alias Datagouvfr.Client.CommunityResources alias Helpers alias Opendatasoft.UrlExtractor - alias DB.{Dataset, EPCI, LogsImport, Repo, Resource} + alias DB.{Commune, Dataset, LogsImport, Repo, Resource} alias Transport.Shared.ResourceSchema require Logger import Ecto.Query @@ -261,16 +261,10 @@ defmodule Transport.ImportData do ] }) do # For the EPCI we get the list of cities contained by the EPCI - EPCI - |> Repo.get_by(code: code) - |> case do - nil -> - Logger.warning("impossible to find epci #{code}, no cities associated to the dataset") - [] - - epci -> - epci.communes_insee - end + Commune + |> where([c], c.epci_insee == ^code) + |> select([c], c.insee) + |> Repo.all() end def read_datagouv_zone(%{"features" => [%{"id" => id} | _]}) do diff --git a/apps/transport/lib/transport_web.ex b/apps/transport/lib/transport_web.ex index 5a7a64b74a..49f54031e2 100644 --- a/apps/transport/lib/transport_web.ex +++ b/apps/transport/lib/transport_web.ex @@ -16,6 +16,8 @@ defmodule TransportWeb do below. Instead, define any helper function in modules and import those modules here. """ + def static_paths, + do: ~w(js css fonts images data favicon.ico documents BingSiteAuth.xml google5be4b09db1274976.html demo_rt.html) def controller do quote do @@ -26,6 +28,8 @@ defmodule TransportWeb do import TransportWeb.PaginationHelpers alias TransportWeb.ErrorView import Phoenix.LiveView.Controller + + unquote(verified_routes()) end end @@ -54,6 +58,12 @@ defmodule TransportWeb do end end + def view_helpers do + quote do + unquote(verified_routes()) + end + end + def router do quote do use Phoenix.Router @@ -78,6 +88,15 @@ defmodule TransportWeb do end end + def verified_routes do + quote do + use Phoenix.VerifiedRoutes, + endpoint: TransportWeb.Endpoint, + router: TransportWeb.Router, + statics: TransportWeb.static_paths() + end + end + @doc """ When used, dispatch to the appropriate controller/view/etc. """ diff --git a/apps/transport/lib/transport_web/controllers/page_controller.ex b/apps/transport/lib/transport_web/controllers/page_controller.ex index 7d2240185e..7cf023916a 100644 --- a/apps/transport/lib/transport_web/controllers/page_controller.ex +++ b/apps/transport/lib/transport_web/controllers/page_controller.ex @@ -186,7 +186,10 @@ defmodule TransportWeb.PageController do {conn, []} end - conn |> assign(:datasets, datasets) |> render("espace_producteur.html") + conn + |> assign(:datasets, datasets) + |> TransportWeb.Session.set_is_producer(datasets) + |> render("espace_producteur.html") end defp aoms_with_dataset do diff --git a/apps/transport/lib/transport_web/controllers/session_controller.ex b/apps/transport/lib/transport_web/controllers/session_controller.ex index 84a517089a..09338610da 100644 --- a/apps/transport/lib/transport_web/controllers/session_controller.ex +++ b/apps/transport/lib/transport_web/controllers/session_controller.ex @@ -127,24 +127,17 @@ defmodule TransportWeb.SessionController do end def save_current_user(%Plug.Conn{} = conn, %{} = user_params) do - conn |> put_session(:current_user, user_params |> user_params_for_session()) + conn + |> put_session(:current_user, user_params_for_session(user_params)) + |> TransportWeb.Session.set_is_producer(user_params) + |> TransportWeb.Session.set_is_admin(user_params) end - @doc """ - iex> pan_org = %{"slug" => "equipe-transport-data-gouv-fr", "name" => "PAN"} - iex> other_org = %{"slug" => "foo-inc", "name" => "Foo Inc"} - iex> user_params_for_session(%{"foo" => "bar", "organizations" => [pan_org, other_org]}) - %{"foo" => "bar", "organizations" => [pan_org]} - """ - def user_params_for_session(%{} = params) do - Map.put( - params, - "organizations", - Enum.filter( - params["organizations"], - &match?(%{"slug" => "equipe-transport-data-gouv-fr"}, &1) - ) - ) + defp user_params_for_session(%{} = params) do + # Remove the list of `organizations` from the final map: it's already stored in the database + # and maintained up-to-date by `Transport.Jobs.UpdateContactsJob` + # and it can be too big to be stored in a cookie + Map.delete(params, "organizations") end defp get_redirect_path(%Plug.Conn{} = conn) do diff --git a/apps/transport/lib/transport_web/endpoint.ex b/apps/transport/lib/transport_web/endpoint.ex index f3eebe58c4..37c3e11afc 100644 --- a/apps/transport/lib/transport_web/endpoint.ex +++ b/apps/transport/lib/transport_web/endpoint.ex @@ -22,7 +22,7 @@ defmodule TransportWeb.Endpoint do at: "/", from: :transport, gzip: Mix.env() == :prod, - only: ~w(js css fonts images data favicon.ico documents BingSiteAuth.xml google5be4b09db1274976.html demo_rt.html) + only: TransportWeb.static_paths() ) # Code reloading can be explicitly enabled under the diff --git a/apps/transport/lib/transport_web/live/backoffice/jobs_live.ex b/apps/transport/lib/transport_web/live/backoffice/jobs_live.ex index db0f7b4025..c8b2a46239 100644 --- a/apps/transport/lib/transport_web/live/backoffice/jobs_live.ex +++ b/apps/transport/lib/transport_web/live/backoffice/jobs_live.ex @@ -33,9 +33,10 @@ defmodule TransportWeb.Backoffice.JobsLive do # https://hexdocs.pm/phoenix_live_view/security-model.html#disconnecting-all-instances-of-a-given-live-user # def ensure_admin_auth_or_redirect(socket, current_user, func) do - if current_user && TransportWeb.Router.is_transport_data_gouv_member?(current_user) do + socket = assign(socket, current_user: current_user) + + if TransportWeb.Session.is_admin?(socket) do # We track down the current admin so that it can be used by next actions - socket = assign(socket, current_admin_user: current_user) # Then call the remaining code, which is expected to return the socket func.(socket) else diff --git a/apps/transport/lib/transport_web/live/backoffice/proxy_config_live.ex b/apps/transport/lib/transport_web/live/backoffice/proxy_config_live.ex index 23bcffdaa1..587988f655 100644 --- a/apps/transport/lib/transport_web/live/backoffice/proxy_config_live.ex +++ b/apps/transport/lib/transport_web/live/backoffice/proxy_config_live.ex @@ -4,6 +4,7 @@ defmodule TransportWeb.Backoffice.ProxyConfigLive do """ use Phoenix.LiveView alias Transport.Telemetry + import TransportWeb.Backoffice.JobsLive, only: [ensure_admin_auth_or_redirect: 3] import TransportWeb.Router.Helpers # The number of past days we want to report on (as a positive integer). @@ -20,25 +21,6 @@ defmodule TransportWeb.Backoffice.ProxyConfigLive do end)} end - # - # If one calls "redirect" and does not leave immediately, the remaining code will - # be executed, opening security issues. This method goal is to minimize this risk. - # See https://hexdocs.pm/phoenix_live_view/security-model.html for overall docs. - # - # Also, disconnect will have to be handled: - # https://hexdocs.pm/phoenix_live_view/security-model.html#disconnecting-all-instances-of-a-given-live-user - # - defp ensure_admin_auth_or_redirect(socket, current_user, func) do - if current_user && TransportWeb.Router.is_transport_data_gouv_member?(current_user) do - # We track down the current admin so that it can be used by next actions - socket = assign(socket, current_admin_user: current_user) - # Then call the remaining code, which is expected to return the socket - func.(socket) - else - redirect(socket, to: "/login") - end - end - defp schedule_next_update_data do Process.send_after(self(), :update_data, 1000) end @@ -57,8 +39,7 @@ defmodule TransportWeb.Backoffice.ProxyConfigLive do end def handle_event("refresh_proxy_config", _value, socket) do - if socket.assigns.current_admin_user, do: config_module().clear_config_cache!() - + config_module().clear_config_cache!() {:noreply, socket} end diff --git a/apps/transport/lib/transport_web/router.ex b/apps/transport/lib/transport_web/router.ex index fb968c2c3c..a1a9b7f64d 100644 --- a/apps/transport/lib/transport_web/router.ex +++ b/apps/transport/lib/transport_web/router.ex @@ -12,6 +12,7 @@ defmodule TransportWeb.Router do plug(:canonical_host) plug(:accepts, ["html"]) plug(:fetch_session) + plug(:fetch_flash) plug(:fetch_live_flash) plug(:protect_from_forgery) plug(TransportWeb.Plugs.PutLocale) @@ -314,6 +315,7 @@ defmodule TransportWeb.Router do end defp assign_current_user(conn, _) do + # `current_user` is set by TransportWeb.SessionController.user_params_for_session/1 assign(conn, :current_user, get_session(conn, :current_user)) end @@ -352,13 +354,6 @@ defmodule TransportWeb.Router do end end - # NOTE: method visibility set to public because we need to call the same logic from LiveView - def is_transport_data_gouv_member?(current_user) do - current_user - |> Map.get("organizations", []) - |> Enum.any?(fn org -> org["slug"] == "equipe-transport-data-gouv-fr" end) - end - # Check that a secret key is passed in the URL in the `export_key` query parameter defp check_export_secret_key(%Plug.Conn{params: params} = conn, _) do export_key_value = Map.get(params, "export_key", "") @@ -375,7 +370,7 @@ defmodule TransportWeb.Router do end defp transport_data_gouv_member(%Plug.Conn{} = conn, _) do - if is_transport_data_gouv_member?(conn.assigns[:current_user]) do + if TransportWeb.Session.is_admin?(conn) do conn else conn diff --git a/apps/transport/lib/transport_web/session.ex b/apps/transport/lib/transport_web/session.ex new file mode 100644 index 0000000000..9408470f66 --- /dev/null +++ b/apps/transport/lib/transport_web/session.ex @@ -0,0 +1,64 @@ +defmodule TransportWeb.Session do + @moduledoc """ + Web session getters and setters. + """ + import Ecto.Query + import Plug.Conn + + @is_admin_key_name "is_admin" + @is_producer_key_name "is_producer" + + @doc """ + Are you a data producer? + + You're a data producer if you're a member of an organization with an active dataset + on transport.data.gouv.fr. + This is set when you log in and refreshed when you visit your "Espace producteur". + """ + @spec set_is_producer(Plug.Conn.t(), map() | [DB.Dataset.t()]) :: Plug.Conn.t() + def set_is_producer(%Plug.Conn{} = conn, %{"organizations" => _} = params) do + set_session_attribute_attribute(conn, @is_producer_key_name, is_producer?(params)) + end + + def set_is_producer(%Plug.Conn{} = conn, datasets_for_user) when is_list(datasets_for_user) do + is_producer = not Enum.empty?(datasets_for_user) + set_session_attribute_attribute(conn, @is_producer_key_name, is_producer) + end + + @doc """ + Are you a transport.data.gouv.fr admin? + You're an admin if you're a member of the PAN organization on data.gouv.fr. + """ + def set_is_admin(%Plug.Conn{} = conn, %{"organizations" => _} = params) do + set_session_attribute_attribute(conn, @is_admin_key_name, is_admin?(params)) + end + + def is_admin?(%{"organizations" => orgs}) do + Enum.any?(orgs, &(&1["slug"] == "equipe-transport-data-gouv-fr")) + end + + def is_admin?(%Plug.Conn{} = conn) do + conn |> current_user() |> Map.get(@is_admin_key_name, false) + end + + def is_admin?(%Phoenix.LiveView.Socket{assigns: %{current_user: current_user}}) do + Map.get(current_user, @is_admin_key_name, false) + end + + def is_producer?(%Plug.Conn{} = conn) do + conn |> current_user() |> Map.get(@is_producer_key_name, false) + end + + def is_producer?(%{"organizations" => orgs}) do + org_ids = Enum.map(orgs, & &1["id"]) + DB.Dataset.base_query() |> where([dataset: d], d.organization_id in ^org_ids) |> DB.Repo.exists?() + end + + @spec set_session_attribute_attribute(Plug.Conn.t(), binary(), boolean()) :: Plug.Conn.t() + defp set_session_attribute_attribute(%Plug.Conn{} = conn, key, value) do + current_user = current_user(conn) + conn |> put_session(:current_user, Map.put(current_user, key, value)) + end + + defp current_user(%Plug.Conn{} = conn), do: get_session(conn, :current_user, %{}) +end diff --git a/apps/transport/lib/transport_web/templates/dataset/_dataset_scores_chart.html.heex b/apps/transport/lib/transport_web/templates/dataset/_dataset_scores_chart.html.heex index ecd59d75fa..1818a4a7f3 100644 --- a/apps/transport/lib/transport_web/templates/dataset/_dataset_scores_chart.html.heex +++ b/apps/transport/lib/transport_web/templates/dataset/_dataset_scores_chart.html.heex @@ -1,4 +1,4 @@ -
+

<%= dgettext("page-dataset-details", "Dataset scores") %>

diff --git a/apps/transport/lib/transport_web/templates/dataset/details.html.heex b/apps/transport/lib/transport_web/templates/dataset/details.html.heex index b974b4e859..60304c0b54 100644 --- a/apps/transport/lib/transport_web/templates/dataset/details.html.heex +++ b/apps/transport/lib/transport_web/templates/dataset/details.html.heex @@ -16,7 +16,7 @@

<%= @dataset.custom_title %>

- <%= if admin?(assigns[:current_user]) do %> + <%= if TransportWeb.Session.is_admin?(@conn) do %> <%= link("backoffice", to: backoffice_page_path(@conn, :edit, @dataset.id)) %> <%= render("_dataset_scores.html", dataset_scores: @dataset_scores, locale: locale) %> diff --git a/apps/transport/lib/transport_web/templates/dataset/index.html.heex b/apps/transport/lib/transport_web/templates/dataset/index.html.heex index b483ecb67c..ac240d3be1 100644 --- a/apps/transport/lib/transport_web/templates/dataset/index.html.heex +++ b/apps/transport/lib/transport_web/templates/dataset/index.html.heex @@ -183,7 +183,7 @@ <%= dataset.custom_title %> - <%= if admin?(assigns[:current_user]) do %> + <%= if TransportWeb.Session.is_admin?(@conn) do %> <%= link("backoffice", to: backoffice_page_path(@conn, :edit, dataset.id)) %> diff --git a/apps/transport/lib/transport_web/templates/email/dataset_now_on_nap.html.md b/apps/transport/lib/transport_web/templates/email/dataset_now_on_nap.html.md index 2a317c8305..b9dc325a5e 100644 --- a/apps/transport/lib/transport_web/templates/email/dataset_now_on_nap.html.md +++ b/apps/transport/lib/transport_web/templates/email/dataset_now_on_nap.html.md @@ -2,7 +2,7 @@ Bonjour, Votre jeu de données [<%= @dataset_custom_title %>](<%= @dataset_url %>) a bien été référencé sur le Point d’Accès National aux données de transport, [transport.data.gouv.fr](https://transport.data.gouv.fr). -Rendez-vous sur votre [Espace Producteur](<%= @espace_producteur_url %>) pour mettre à jour vos données ou vous inscrire à des notifications en cas de péremption, d’indisponibilité ou d’erreurs bloquantes sur votre jeu de données. +Rendez-vous sur votre <%= link_for_espace_producteur(:dataset_now_on_nap) %> pour mettre à jour vos données ou vous inscrire à des notifications en cas de péremption, d’indisponibilité ou d’erreurs bloquantes sur votre jeu de données. Si vous avez des questions, n’hésitez pas à contacter notre équipe à l’adresse : <%= @contact_email_address %>. diff --git a/apps/transport/lib/transport_web/templates/email/producer_with_subscriptions.html.md b/apps/transport/lib/transport_web/templates/email/producer_with_subscriptions.html.md index 7705861efd..5cca911d5e 100644 --- a/apps/transport/lib/transport_web/templates/email/producer_with_subscriptions.html.md +++ b/apps/transport/lib/transport_web/templates/email/producer_with_subscriptions.html.md @@ -11,7 +11,7 @@ Vous êtes inscrit à des notifications concernant les jeux de données suivants <% end %> -Les notifications vous permettent d’être alerté en cas d’expiration, d’indisponibilité et d’erreurs de vos données. Rendez-vous sur votre [Espace Producteur](<%= TransportWeb.Router.Helpers.page_url(TransportWeb.Endpoint, :espace_producteur) %>) pour les gérer de manière autonome. +Les notifications vous permettent d’être alerté en cas d’expiration, d’indisponibilité et d’erreurs de vos données. Rendez-vous sur votre <%= link_for_espace_producteur(:periodic_reminder_producer_with_subscriptions) %> pour les gérer de manière autonome. <%= if @has_other_producers_subscribers do %> Les autres personnes inscrites à ces notifications sont : <%= @other_producers_subscribers %>. diff --git a/apps/transport/lib/transport_web/templates/email/producer_without_subscriptions.html.md b/apps/transport/lib/transport_web/templates/email/producer_without_subscriptions.html.md index 8ab2bdc9d7..8218430aa6 100644 --- a/apps/transport/lib/transport_web/templates/email/producer_without_subscriptions.html.md +++ b/apps/transport/lib/transport_web/templates/email/producer_without_subscriptions.html.md @@ -13,7 +13,7 @@ Le saviez-vous ? Il est possible de vous inscrire à des notifications concernan Les notifications vous permettent d’être alerté en cas d’expiration, d’indisponibilité et d’erreurs de vos données. -Pour vous inscrire, rien de plus simple : rendez-vous sur votre [Espace Producteur](<%= TransportWeb.Router.Helpers.page_url(TransportWeb.Endpoint, :espace_producteur) %>) dans le menu “Recevoir des notifications”. +Pour vous inscrire, rien de plus simple : rendez-vous sur votre <%= link_for_espace_producteur(:periodic_reminder_producer_without_subscriptions) %> dans le menu “Recevoir des notifications”. Nous restons disponibles pour vous accompagner si besoin. diff --git a/apps/transport/lib/transport_web/templates/email/resource_unavailable_producer.html.md b/apps/transport/lib/transport_web/templates/email/resource_unavailable_producer.html.md index a564e000ef..8211f13122 100644 --- a/apps/transport/lib/transport_web/templates/email/resource_unavailable_producer.html.md +++ b/apps/transport/lib/transport_web/templates/email/resource_unavailable_producer.html.md @@ -7,7 +7,7 @@ Il semble que vous ayez supprimé puis créé une nouvelle ressource : l’URL d Pour les prochaines mises à jour, afin de garantir une URL stable, nous vous invitons à remplacer votre ressource obsolète par la nouvelle. -Pour cela, rendez-vous sur votre [Espace Producteur](<%= TransportWeb.Router.Helpers.page_url(TransportWeb.Endpoint, :espace_producteur) %>) à partir duquel vous pourrez procéder à ces mises à jour. +Pour cela, rendez-vous sur votre <%= link_for_espace_producteur(:resource_unavailable_producer) %> à partir duquel vous pourrez procéder à ces mises à jour. Retrouvez la procédure pas à pas [sur notre documentation](https://doc.transport.data.gouv.fr/producteurs/mettre-a-jour-des-donnees). <% else %> diff --git a/apps/transport/lib/transport_web/templates/layout/_breaking_news.html.heex b/apps/transport/lib/transport_web/templates/layout/_breaking_news.html.heex index 5d611647fb..85af107542 100644 --- a/apps/transport/lib/transport_web/templates/layout/_breaking_news.html.heex +++ b/apps/transport/lib/transport_web/templates/layout/_breaking_news.html.heex @@ -1,7 +1,7 @@ -
- <%= @conn |> get_flash(:breaking_news_info) |> markdown_to_safe_html!() %> +
+ <%= @flash |> Phoenix.Flash.get(:breaking_news_info) |> markdown_to_safe_html!() %>
-
- <%= @conn |> get_flash(:breaking_news_error) |> markdown_to_safe_html!() %> +
+ <%= @flash |> Phoenix.Flash.get(:breaking_news_error) |> markdown_to_safe_html!() %>
diff --git a/apps/transport/lib/transport_web/templates/layout/_header.html.heex b/apps/transport/lib/transport_web/templates/layout/_header.html.heex index 2600d62e83..7b1f6e1071 100644 --- a/apps/transport/lib/transport_web/templates/layout/_header.html.heex +++ b/apps/transport/lib/transport_web/templates/layout/_header.html.heex @@ -81,9 +81,14 @@ <% end %>