Merge pull request #1775 from etalab/editeurs/copy-token

Editors (with the feature enabled) can copy tokens

app/lib/seeds.rb

@@ -69,7 +69,8 @@ def create_contact
   def create_editor
     editor = Editor.create!(
       name: 'UMAD Corp',
-      form_uids: %w[umadcorp-form-api-entreprise umadcorp-form-api-particulier]
+      form_uids: %w[umadcorp-form-api-entreprise umadcorp-form-api-particulier],
+      copy_token: true
     )
     create_user(
       email: 'editeur@yopmail.com',

app/views/admin/editors/index.html.erb

@@ -10,6 +10,7 @@
             'ID',
             'Nom',
             'Formulaires',
+            'Features',
             'Emails',
           ].each do |attr|
         %>
@@ -39,6 +40,11 @@
               <% end %>
             </ul>
           </td>
+          <td class="editor-feature-enabled">
+            <ul>
+              <li>Copier jeton : <%= editor.copy_token? ? '✅' : '❌' %></li>
+            </ul>
+          </td>
           <td class="editor-emails">
             <% if editor.users %>
               <ul>

app/views/editor/authorization_requests/index.html.erb

@@ -44,6 +44,14 @@
             <% if authorization_request.token %>
               <%= render partial: 'shared/tokens/detail_short', locals: { token: authorization_request.token.decorate } %>
             <% end %>
+            <% if current_editor.copy_token? %>
+              <div class="copy-token" data-controller="clipboard" data-clipboard-alert-message-value="Jeton copié">
+                <%= button_tag 'Copier le jeton', class: 'fr-btn fr-btn--sm fr-icon-window-fill fr-btn--icon-right', id: dom_id(authorization_request.token, :copy_token_button), data: { action: 'click->clipboard#copy' } %>
+
+                <% hashed_value = true_user == current_user ? authorization_request.token.rehash : 'NotAValidValue' %>
+                <input id="<%= dom_id(authorization_request.token, :token_hash) %>" class="fr-input" style="position: absolute; left: -9999px" type="text" data-clipboard-target="source" readonly value="<%= hashed_value %>" />
+              </div>
+            <% end %>
           </td>
           <td class="authorization_request-siret">
             <a href="https://annuaire-entreprises.data.gouv.fr/etablissement/<%= authorization_request.siret %>" target="_blank">

db/migrate/20250110090753_add_can_copy_token_to_editors.rb

@@ -0,0 +1,5 @@
+class AddCanCopyTokenToEditors < ActiveRecord::Migration[8.0]
+  def change
+    add_column :editors, :copy_token, :boolean, default: false, null: false
+  end
+end

spec/features/editor/authorization_requests_spec.rb

@@ -1,6 +1,7 @@
 RSpec.describe 'Editor: authorization requests', app: :api_entreprise do
   let(:user) { create(:user, editor:) }
-  let(:editor) { create(:editor, form_uids: %w[form1 form2]) }
+  let(:editor) { create(:editor, copy_token:, form_uids: %w[form1 form2]) }
+  let(:copy_token) { false }
 
   before do
     login_as(user)
@@ -32,6 +33,30 @@
 
       expect(page).to have_content('Nouveau jeton à utiliser')
     end
+
+    describe 'copy token behaviour' do
+      context 'when editor has no copy token' do
+        let(:copy_token) { false }
+
+        it 'does not have copy token button' do
+          visit editor_authorization_requests_path
+
+          expect(page).to have_no_css('.copy-token')
+          expect(page.html).not_to include(valid_authorization_requests.first.token.rehash)
+        end
+      end
+
+      context 'when editor can copy token' do
+        let(:copy_token) { true }
+
+        it 'has a button to copy token' do
+          visit editor_authorization_requests_path
+
+          expect(page).to have_css('.copy-token', count: 2)
+          expect(page.html).to include(valid_authorization_requests.first.token.rehash)
+        end
+      end
+    end
   end
 
   describe 'search' do