From c1b637a2a5c48d129f8ed7a59159283564a7f7ea Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Loi=CC=88c=20Delmaire?= <loic.delmaire@gmail.com>
Date: Tue, 10 Sep 2024 10:26:12 +0200
Subject: [PATCH 1/2] Add public_id to authorization requests, affects from
 DataPass webhooks

---
 app/interactors/datapass_webhook/adapt_v2_to_v1.rb           | 1 +
 .../datapass_webhook/find_or_create_authorization_request.rb | 1 +
 ...20240910082154_add_public_id_to_authorization_requests.rb | 5 +++++
 db/schema.rb                                                 | 3 ++-
 spec/factories/authorization_requests.rb                     | 1 +
 spec/factories/datapass_webhooks_v2.rb                       | 2 ++
 spec/organizers/datapass_webhook/v2/api_entreprise_spec.rb   | 3 ++-
 7 files changed, 14 insertions(+), 2 deletions(-)
 create mode 100644 db/migrate/20240910082154_add_public_id_to_authorization_requests.rb

diff --git a/app/interactors/datapass_webhook/adapt_v2_to_v1.rb b/app/interactors/datapass_webhook/adapt_v2_to_v1.rb
index 4f4b117f9..8daf74985 100644
--- a/app/interactors/datapass_webhook/adapt_v2_to_v1.rb
+++ b/app/interactors/datapass_webhook/adapt_v2_to_v1.rb
@@ -11,6 +11,7 @@ def build_data
     {
       'pass' => {
         'id' => context.model_id,
+        'public_id' => context.public_id,
         'intitule' => generic_data['intitule'],
         'description' => generic_data['description'],
         'demarche' => context.data['form_uid'],
diff --git a/app/interactors/datapass_webhook/find_or_create_authorization_request.rb b/app/interactors/datapass_webhook/find_or_create_authorization_request.rb
index 0086ea4b9..32d0165a3 100644
--- a/app/interactors/datapass_webhook/find_or_create_authorization_request.rb
+++ b/app/interactors/datapass_webhook/find_or_create_authorization_request.rb
@@ -63,6 +63,7 @@ def extract_user_from_contact_payload(contact_payload)
 
   def authorization_request_attributes
     context.data['pass'].slice(
+      'public_id',
       'intitule',
       'description',
       'demarche',
diff --git a/db/migrate/20240910082154_add_public_id_to_authorization_requests.rb b/db/migrate/20240910082154_add_public_id_to_authorization_requests.rb
new file mode 100644
index 000000000..76651f298
--- /dev/null
+++ b/db/migrate/20240910082154_add_public_id_to_authorization_requests.rb
@@ -0,0 +1,5 @@
+class AddPublicIdToAuthorizationRequests < ActiveRecord::Migration[7.2]
+  def change
+    add_column :authorization_requests, :public_id, :uuid
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 603940117..9e3385e3b 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema[7.2].define(version: 2024_08_27_075259) do
+ActiveRecord::Schema[7.2].define(version: 2024_09_10_082154) do
   # These are extensions that must be enabled in order to support this database
   enable_extension "btree_gin"
   enable_extension "pgcrypto"
@@ -34,6 +34,7 @@
     t.string "siret"
     t.string "api", null: false
     t.string "demarche"
+    t.uuid "public_id"
     t.index ["external_id"], name: "index_authorization_requests_on_external_id", unique: true, where: "(external_id IS NOT NULL)"
   end
 
diff --git a/spec/factories/authorization_requests.rb b/spec/factories/authorization_requests.rb
index 109ef5fc3..fd2f59dc3 100644
--- a/spec/factories/authorization_requests.rb
+++ b/spec/factories/authorization_requests.rb
@@ -6,6 +6,7 @@
     status { 'draft' }
     api { 'entreprise' }
     siret { '13002526500013' }
+    public_id { SecureRandom.uuid }
 
     trait :without_external_id do
       external_id { nil }
diff --git a/spec/factories/datapass_webhooks_v2.rb b/spec/factories/datapass_webhooks_v2.rb
index 196ec3460..c60434f91 100644
--- a/spec/factories/datapass_webhooks_v2.rb
+++ b/spec/factories/datapass_webhooks_v2.rb
@@ -1,10 +1,12 @@
 FactoryBot.define do
   sequence(:datapass_webhook_v2_id, &:to_i)
+  sequence(:datapass_webhook_v2_public_id) { SecureRandom.uuid }
 
   factory :datapass_webhook_v2, class: Hash do
     initialize_with { attributes.stringify_keys }
 
     event { %w[refuse_application refuse].sample }
+    public_id { generate(:datapass_webhook_v2_public_id) }
     model_id { generate(:datapass_webhook_v2_id) }
     model_type { 'authorization_request/api_entreprise' }
     fired_at { Time.zone.now.to_i }
diff --git a/spec/organizers/datapass_webhook/v2/api_entreprise_spec.rb b/spec/organizers/datapass_webhook/v2/api_entreprise_spec.rb
index 45d1d46de..960c8a325 100644
--- a/spec/organizers/datapass_webhook/v2/api_entreprise_spec.rb
+++ b/spec/organizers/datapass_webhook/v2/api_entreprise_spec.rb
@@ -25,9 +25,10 @@
     expect { subject }.to change(UserAuthorizationRequestRole.where(role: 'contact_metier'), :count).by(1)
   end
 
-  it 'creates an authorization request with entreprise api and demarche' do
+  it 'creates an authorization request with entreprise api, demarche and public id' do
     expect(subject.authorization_request.api).to eq('entreprise')
     expect(subject.authorization_request.demarche).to eq('api-entreprise')
+    expect(subject.authorization_request.public_id).to be_present
   end
 
   describe 'when contact metier is empty (non-regression test)' do

From 22b3b86d486c783af175b01fe31c371b5d5074b5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Loi=CC=88c=20Delmaire?= <loic.delmaire@gmail.com>
Date: Tue, 10 Sep 2024 10:33:11 +0200
Subject: [PATCH 2/2] API Particulier: add direct link to public page within
 reporters emails

---
 app/mailers/api_particulier/reporters_mailer.rb | 17 +++++++++++++++++
 .../reporters_mailer/approve.text.erb           |  2 ++
 .../reporters_mailer/submit.text.erb            |  2 ++
 .../api_particulier/reporters_mailer_spec.rb    |  8 +++++++-
 4 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/app/mailers/api_particulier/reporters_mailer.rb b/app/mailers/api_particulier/reporters_mailer.rb
index 930674aec..cb47bb9dd 100644
--- a/app/mailers/api_particulier/reporters_mailer.rb
+++ b/app/mailers/api_particulier/reporters_mailer.rb
@@ -1,6 +1,8 @@
 class APIParticulier::ReportersMailer < APIParticulierMailer
   skip_before_action :attach_logos
 
+  helper_method :datapass_v2_public_authorization_request_url
+
   %w[
     submit
     approve
@@ -23,6 +25,21 @@ class APIParticulier::ReportersMailer < APIParticulierMailer
 
   private
 
+  def datapass_v2_public_authorization_request_url(authorization_request)
+    "#{datapass_v2_base_url(authorization_request.api)}/public/demandes/#{authorization_request.public_id}"
+  end
+
+  def datapass_v2_base_url(api)
+    case Rails.env
+    when 'staging'
+      "https://staging.api-#{api}.v2.datapass.api.gouv.fr"
+    when 'sandbox'
+      "https://sandbox.api-#{api}.v2.datapass.api.gouv.fr"
+    else
+      "https://api-#{api}.v2.datapass.api.gouv.fr"
+    end
+  end
+
   def reporter_emails(groups)
     reporters_config.values_at(*groups).flatten
   end
diff --git a/app/views/api_particulier/reporters_mailer/approve.text.erb b/app/views/api_particulier/reporters_mailer/approve.text.erb
index 32e2a43e3..364a0e7a5 100644
--- a/app/views/api_particulier/reporters_mailer/approve.text.erb
+++ b/app/views/api_particulier/reporters_mailer/approve.text.erb
@@ -2,6 +2,8 @@ Bonjour,
 
 La demande déposée sur DataPass par <%= @authorization_request.demandeur.full_name %> (<%= @authorization_request.demandeur.email %>) pour le compte de l'organisation https://annuaire-entreprises.data.gouv.fr/etablissement/<%= @authorization_request.siret %> a été validée.
 
+Vous pouvez consulter cette demande sur le lien suivant: <%= datapass_v2_public_authorization_request_url(@authorization_request) %>
+
 Vous pouvez consulter la liste des demandes relatives aux données associé aux groupes où vous êtes abonné sur le lien suivant : <%= api_particulier_dashboard_reporter_url %>
 
 Cordialement,
diff --git a/app/views/api_particulier/reporters_mailer/submit.text.erb b/app/views/api_particulier/reporters_mailer/submit.text.erb
index 8492955de..dd1069569 100644
--- a/app/views/api_particulier/reporters_mailer/submit.text.erb
+++ b/app/views/api_particulier/reporters_mailer/submit.text.erb
@@ -2,6 +2,8 @@ Bonjour,
 
 <%= @authorization_request.demandeur.full_name %> (<%= @authorization_request.demandeur.email %>) a soumis une nouvelle demande d'habilitation sur DataPass pour le compte de l'organisation https://annuaire-entreprises.data.gouv.fr/etablissement/<%= @authorization_request.siret %>.
 
+Vous pouvez consulter cette demande sur le lien suivant: <%= datapass_v2_public_authorization_request_url(@authorization_request) %>
+
 Vous pouvez consulter la liste des demandes relatives aux données associé aux groupes où vous êtes abonné sur le lien suivant : <%= api_particulier_dashboard_reporter_url %>
 
 Cordialement,
diff --git a/spec/mailers/api_particulier/reporters_mailer_spec.rb b/spec/mailers/api_particulier/reporters_mailer_spec.rb
index 69d9a77c7..e630f7cde 100644
--- a/spec/mailers/api_particulier/reporters_mailer_spec.rb
+++ b/spec/mailers/api_particulier/reporters_mailer_spec.rb
@@ -4,8 +4,14 @@
   end
 
   describe '#submit' do
+    let(:authorization_request) { create(:authorization_request, :with_demandeur) }
+
     subject(:mail) do
-      described_class.with(groups: %w[cnaf_ men_], authorization_request: create(:authorization_request, :with_demandeur)).submit
+      described_class.with(groups: %w[cnaf_ men_], authorization_request:).submit
+    end
+
+    it 'has a link to public id' do
+      expect(mail.body.encoded).to include(authorization_request.public_id)
     end
 
     it 'sends an email to reporters associated to these groups' do