feat: Lbac 1491 multi compte : branchement des nouvelles tables

.talismanrc

@@ -54,7 +54,7 @@ fileignoreconfig:
 - filename: server/src/security/accessTokenService.ts
   checksum: 2183e326a88ae3c10193a7033ab5fd421ce576cd1e234c323df247da335f74d7
 - filename: server/src/services/application.service.ts
-  checksum: d3ae58c0b6a9d42164b69dff4573734a6d854282974c4a10d065f2c2443f144a
+  checksum: 38021ae663db3a146c848a8d691c0c1bc9bb262a80a6f2dedf9fcdb372eef3ac
 - filename: server/src/services/eligibleTrainingsForAppointment.service.ts
   checksum: 52bfe91cc0cd07121cad6dc9490a7345dbbbeb285f11fc844a8dd8eb74fe310f
 - filename: server/src/services/userRecruteur.service.ts
@@ -121,6 +121,8 @@ fileignoreconfig:
   checksum: a50177afa593bae5707bdba29ef27b8f2ed0bc58487491bfff580e7e1f422243
 - filename: ui/components/espace_pro/Admin/utilisateurs/infoDetails/InfoDetails.tsx
   checksum: be2ad6ca5c2bd36d26cd7aebb33ab876bd32662be3735fee3b167325c284ccff
+- filename: ui/components/footer.tsx
+  checksum: d82b5a7d6905070fb32383864566fc16eae4797ca18f82782fb32c95a0d50369
 - filename: ui/pages/accessibilite.tsx
   checksum: d6a7c57500f9de5e47e305f89435b21d717f505acac7b45656931f7ecdd0fcca
 - filename: ui/pages/espace-pro/admin/eligible-trainings-for-appointment/search.tsx

cypress/e2e/create-recruiter-account-manual-validation.cy.ts

@@ -4,8 +4,8 @@ import { FlowCreationEntreprise } from "../pages/FlowCreationEntreprise"
 import { JobPage } from "../pages/JobPage"
 import { generateRandomString } from "../utils/generateRandomString"
 
-describe("create-recruiter-account-siret-inexistent", () => {
-  it("tests create-recruiter-account-siret-inexistent", () => {
+describe("create-recruiter-account-manual-validation", () => {
+  it("tests create-recruiter-account-manual-validation", () => {
     cy.viewport(1271, 721)
 
     const email = `cypress-manual-validation-${generateRandomString()}@mail.com`

cypress/e2e/create-recruiter-account.cy.ts

@@ -4,8 +4,8 @@ import { JobPage } from "../pages/JobPage"
 import { LoginBar } from "../pages/LoginBar"
 import { generateRandomString } from "../utils/generateRandomString"
 
-describe("create-recruiter-account-siret-inexistent", () => {
-  it("test create-recruiter-account-siret-inexistent", () => {
+describe("create-recruiter-account", () => {
+  it("test create-recruiter-account", () => {
     cy.viewport(1271, 721)
 
     const emailDomain = Cypress.env("ENTREPRISE_AUTOVALIDE_EMAIL_DOMAIN")

server/src/common/model/schema/jobs/jobs.schema.ts

@@ -153,6 +153,10 @@ export const jobsSchema = new Schema<IJob>(
       type: Number,
       description: "Nombre de vues sur une page de recherche",
     },
+    managed_by: {
+      type: String,
+      description: "Id de l'utilisateur gérant l'offre",
+    },
   },
   {
     versionKey: false,

server/src/common/model/schema/user/user.schema.ts

@@ -33,7 +33,7 @@ export const userSchema = new Schema<IUser>(
     role: {
       type: String,
       default: null,
-      description: "candidat | cfa | administrator",
+      description: "candidat | administrator",
     },
     last_action_date: {
       type: Date,

server/src/http/controllers/etablissementRecruteur.controller.ts

@@ -1,13 +1,18 @@
 import Boom from "boom"
-import { IUserRecruteur, toPublicUser, zRoutes } from "shared"
+import { assertUnreachable, toPublicUser, zRoutes } from "shared"
 import { BusinessErrorCodes } from "shared/constants/errorCodes"
-import { ETAT_UTILISATEUR, RECRUITER_STATUS } from "shared/constants/recruteur"
+import { RECRUITER_STATUS } from "shared/constants/recruteur"
+import { UserEventType } from "shared/models/user2.model"
+import { getLastStatusEvent } from "shared/utils/getLastStatusEvent"
 
-import { Recruiter, UserRecruteur } from "@/common/model"
+import { Cfa, Recruiter } from "@/common/model"
 import { startSession } from "@/common/utils/session.service"
 import config from "@/config"
+import { user2ToUserForToken } from "@/security/accessTokenService"
 import { getUserFromRequest } from "@/security/authenticationService"
 import { generateDepotSimplifieToken } from "@/services/appLinks.service"
+import { getPublicUserRecruteurPropsOrError } from "@/services/roleManagement.service"
+import { getUser2ByEmail, validateUser2Email } from "@/services/user2.service"
 
 import { getAllDomainsFromEmailList, getEmailDomain, isEmailFromPrivateCompany, isUserMailExistInReferentiel } from "../../common/utils/mailUtils"
 import { notifyToSlack } from "../../common/utils/slackUtils"
@@ -21,17 +26,16 @@ import {
   getOrganismeDeFormationDataFromSiret,
   sendUserConfirmationEmail,
   validateCreationEntrepriseFromCfa,
-  validateEtablissementEmail,
 } from "../../services/etablissement.service"
 import {
   autoValidateUser,
-  createUser,
-  getUser,
-  getUserStatus,
+  createOrganizationUser,
+  getUserRecruteurByEmail,
+  isUserEmailChecked,
   sendWelcomeEmailToUserRecruteur,
   setUserHasToBeManuallyValidated,
   updateLastConnectionDate,
-  updateUser,
+  updateUser2Fields,
 } from "../../services/userRecruteur.service"
 import { Server } from "../server"
 
@@ -72,7 +76,7 @@ export default (server: Server) => {
         throw Boom.badRequest(cfaVerification.message)
       }
 
-      const result = await getEntrepriseDataFromSiret({ siret, cfa_delegated_siret })
+      const result = await getEntrepriseDataFromSiret({ siret, type: cfa_delegated_siret ? CFA : ENTREPRISE })
 
       if ("error" in result) {
         throw Boom.badRequest(result.message, result)
@@ -125,18 +129,18 @@ export default (server: Server) => {
    * Retourne les entreprises gérées par un CFA
    */
   server.get(
-    "/etablissement/cfa/:userRecruteurId/entreprises",
+    "/etablissement/cfa/:cfaId/entreprises",
     {
-      schema: zRoutes.get["/etablissement/cfa/:userRecruteurId/entreprises"],
-      onRequest: [server.auth(zRoutes.get["/etablissement/cfa/:userRecruteurId/entreprises"])],
+      schema: zRoutes.get["/etablissement/cfa/:cfaId/entreprises"],
+      onRequest: [server.auth(zRoutes.get["/etablissement/cfa/:cfaId/entreprises"])],
     },
     async (req, res) => {
-      const { userRecruteurId } = req.params
-      const cfa = await UserRecruteur.findOne({ _id: userRecruteurId }).lean()
+      const { cfaId } = req.params
+      const cfa = await Cfa.findOne({ _id: cfaId }).lean()
       if (!cfa) {
-        throw Boom.notFound(`Aucun CFA ayant pour id ${userRecruteurId.toString()}`)
+        throw Boom.notFound(`Aucun CFA ayant pour id ${cfaId.toString()}`)
       }
-      const cfa_delegated_siret = cfa.establishment_siret
+      const cfa_delegated_siret = cfa.siret
       if (!cfa_delegated_siret) {
         throw Boom.internal(`inattendu : le cfa n'a pas de champ cfa_delegated_siret`)
       }
@@ -154,7 +158,8 @@ export default (server: Server) => {
       schema: zRoutes.post["/etablissement/creation"],
     },
     async (req, res) => {
-      switch (req.body.type) {
+      const { type } = req.body
+      switch (type) {
         case ENTREPRISE: {
           const siret = req.body.establishment_siret
           const cfa_delegated_siret = req.body.cfa_delegated_siret ?? undefined
@@ -163,14 +168,14 @@ export default (server: Server) => {
             if (result.errorCode === BusinessErrorCodes.ALREADY_EXISTS) throw Boom.forbidden(result.message, result)
             else throw Boom.badRequest(result.message, result)
           }
-          const token = generateDepotSimplifieToken(result.user)
-          return res.status(200).send({ ...result, token })
+          const token = generateDepotSimplifieToken(user2ToUserForToken(result.user), result.formulaire.establishment_id)
+          return res.status(200).send({ formulaire: result.formulaire, user: result.user, token, validated: result.validated })
         }
         case CFA: {
           const { email, establishment_siret } = req.body
           const formatedEmail = email.toLocaleLowerCase()
           // check if user already exist
-          const userRecruteurOpt = await getUser({ email: formatedEmail })
+          const userRecruteurOpt = await getUserRecruteurByEmail(formatedEmail)
           if (userRecruteurOpt) {
             throw Boom.forbidden("L'adresse mail est déjà associée à un compte La bonne alternance.")
           }
@@ -179,44 +184,45 @@ export default (server: Server) => {
           const { contacts } = siretInfos
 
           // Creation de l'utilisateur en base de données
-          let newCfa: IUserRecruteur = await createUser({ ...req.body, ...siretInfos, is_email_checked: false })
+          const creationResult = await createOrganizationUser({ ...req.body, ...siretInfos, is_email_checked: false })
+          const userCfa = creationResult.user
 
           const slackNotification = {
             subject: "RECRUTEUR",
-            message: `Nouvel OF en attente de validation - ${config.publicUrl}/espace-pro/administration/users/${newCfa._id}`,
+            message: `Nouvel OF en attente de validation - ${config.publicUrl}/espace-pro/administration/users/${userCfa._id}`,
           }
           if (!contacts.length) {
             // Validation manuelle de l'utilisateur à effectuer pas un administrateur
-            newCfa = await setUserHasToBeManuallyValidated(newCfa._id)
+            await setUserHasToBeManuallyValidated(creationResult)
             await notifyToSlack(slackNotification)
-            return res.status(200).send({ user: newCfa })
+            return res.status(200).send({ user: userCfa })
           }
           if (isUserMailExistInReferentiel(contacts, email)) {
             // Validation automatique de l'utilisateur
-            newCfa = await autoValidateUser(newCfa._id)
-            await sendUserConfirmationEmail(newCfa)
+            await autoValidateUser(creationResult)
+            await sendUserConfirmationEmail(userCfa)
             // Keep the same structure as ENTREPRISE
-            return res.status(200).send({ user: newCfa })
+            return res.status(200).send({ user: userCfa })
           }
           if (isEmailFromPrivateCompany(formatedEmail)) {
             const domains = getAllDomainsFromEmailList(contacts.map(({ email }) => email))
             const userEmailDomain = getEmailDomain(formatedEmail)
             if (userEmailDomain && domains.includes(userEmailDomain)) {
               // Validation automatique de l'utilisateur
-              newCfa = await autoValidateUser(newCfa._id)
-              await sendUserConfirmationEmail(newCfa)
+              await autoValidateUser(creationResult)
+              await sendUserConfirmationEmail(userCfa)
               // Keep the same structure as ENTREPRISE
-              return res.status(200).send({ user: newCfa })
+              return res.status(200).send({ user: userCfa })
             }
           }
           // Validation manuelle de l'utilisateur à effectuer pas un administrateur
-          newCfa = await setUserHasToBeManuallyValidated(newCfa._id)
+          await setUserHasToBeManuallyValidated(creationResult)
           await notifyToSlack(slackNotification)
           // Keep the same structure as ENTREPRISE
-          return res.status(200).send({ user: newCfa })
+          return res.status(200).send({ user: userCfa })
         }
         default: {
-          throw Boom.badRequest("unsupported type")
+          assertUnreachable(type)
         }
       }
     }
@@ -250,11 +256,10 @@ export default (server: Server) => {
     },
     async (req, res) => {
       const { _id, ...rest } = req.body
-      const exists = await UserRecruteur.findOne({ email: req.body.email?.toLocaleLowerCase(), _id: { $ne: _id } })
-      if (exists) {
+      const result = await updateUser2Fields(req.params.id, rest)
+      if ("error" in result) {
         throw Boom.badRequest("L'adresse mail est déjà associée à un compte La bonne alternance.")
       }
-      await updateUser({ _id: req.params.id }, rest)
       return res.status(200).send({ ok: true })
     }
   )
@@ -266,30 +271,25 @@ export default (server: Server) => {
       onRequest: [server.auth(zRoutes.post["/etablissement/validation"])],
     },
     async (req, res) => {
-      const user = getUserFromRequest(req, zRoutes.post["/etablissement/validation"]).value
-
-      // Validate email
-      const userRecruteur = await validateEtablissementEmail(user.identity.email.toLocaleLowerCase())
+      const userFromRequest = getUserFromRequest(req, zRoutes.post["/etablissement/validation"]).value
+      const email = userFromRequest.identity.email.toLocaleLowerCase()
 
-      if (!userRecruteur) {
+      const user = await getUser2ByEmail(email)
+      if (!user) {
         throw Boom.badRequest("La validation de l'adresse mail a échoué. Merci de contacter le support La bonne alternance.")
       }
-
-      const isUserAwaiting = getUserStatus(userRecruteur.status) === ETAT_UTILISATEUR.ATTENTE
-
-      if (!isUserAwaiting) {
-        await sendWelcomeEmailToUserRecruteur(userRecruteur)
+      const userStatus = getLastStatusEvent(user.status)?.status
+      if (userStatus === UserEventType.DESACTIVE) {
+        throw Boom.forbidden("Votre compte est désactivé. Merci de contacter le support La bonne alternance.")
       }
-
-      const connectedUser = await updateLastConnectionDate(userRecruteur.email)
-
-      if (!connectedUser) {
-        throw Boom.forbidden()
+      if (!isUserEmailChecked(user)) {
+        await validateUser2Email(user._id.toString())
+        await sendWelcomeEmailToUserRecruteur(user)
       }
 
-      await startSession(userRecruteur.email, res)
-
-      return res.status(200).send(toPublicUser(connectedUser))
+      await updateLastConnectionDate(email)
+      await startSession(email, res)
+      return res.status(200).send(toPublicUser(user, await getPublicUserRecruteurPropsOrError(user._id, true)))
     }
   )
 }

server/src/http/controllers/formulaire.controller.ts

@@ -1,8 +1,10 @@
 import Boom from "boom"
 import { zRoutes } from "shared/index"
 
-import { UserRecruteur } from "@/common/model"
+import { getUserFromRequest } from "@/security/authenticationService"
 import { generateOffreToken } from "@/services/appLinks.service"
+import { getUser2ByEmail } from "@/services/user2.service"
+import { getUserRecruteurById } from "@/services/userRecruteur.service"
 
 import { getApplicationsByJobId } from "../../services/application.service"
 import { entrepriseOnboardingWorkflow } from "../../services/etablissement.service"
@@ -21,7 +23,6 @@ import {
   provideOffre,
   updateFormulaire,
 } from "../../services/formulaire.service"
-import { getUser } from "../../services/userRecruteur.service"
 import { Server } from "../server"
 
 export default (server: Server) => {
@@ -105,7 +106,7 @@ export default (server: Server) => {
     async (req, res) => {
       const { userId: userRecruteurId } = req.params
       const { establishment_siret, email, last_name, first_name, phone, opco, idcc } = req.body
-      const userRecruteurOpt = await getUser({ _id: userRecruteurId })
+      const userRecruteurOpt = await getUserRecruteurById(userRecruteurId)
       if (!userRecruteurOpt) {
         throw Boom.badRequest("Nous n'avons pas trouvé votre compte utilisateur")
       }
@@ -202,6 +203,7 @@ export default (server: Server) => {
     },
     async (req, res) => {
       const { establishment_id } = req.params
+      const user = getUserFromRequest(req, zRoutes.post["/formulaire/:establishment_id/offre"]).value
       const {
         is_disabled_elligible,
         job_type,
@@ -231,13 +233,15 @@ export default (server: Server) => {
           rome_code,
           rome_label,
         },
+        user,
         establishment_id,
       })
       const job = updatedFormulaire.jobs.at(0)
       if (!job) {
         throw new Error("unexpected")
       }
-      return res.status(200).send({ recruiter: updatedFormulaire })
+      const token = generateOffreToken(user, job)
+      return res.status(200).send({ recruiter: updatedFormulaire, token })
     }
   )
 
@@ -253,6 +257,12 @@ export default (server: Server) => {
     },
     async (req, res) => {
       const { establishment_id } = req.params
+      const tokenUser = getUserFromRequest(req, zRoutes.post["/formulaire/:establishment_id/offre/by-token"]).value
+      const { email } = tokenUser.identity
+      const user = await getUser2ByEmail(email)
+      if (!user) {
+        throw Boom.internal(`inattendu : impossible de récupérer l'utilisateur de type token ayant pour email=${email}`)
+      }
       const {
         is_disabled_elligible,
         job_type,
@@ -267,10 +277,6 @@ export default (server: Server) => {
         rome_code,
         rome_label,
       } = req.body
-      const userRecruteur = await UserRecruteur.findOne({ establishment_id }).lean()
-      if (!userRecruteur) {
-        throw Boom.notFound()
-      }
       const updatedFormulaire = await createJob({
         job: {
           is_disabled_elligible,
@@ -287,12 +293,13 @@ export default (server: Server) => {
           rome_label,
         },
         establishment_id,
+        user,
       })
       const job = updatedFormulaire.jobs.at(0)
       if (!job) {
         throw new Error("unexpected")
       }
-      const token = generateOffreToken(userRecruteur, job)
+      const token = generateOffreToken(user, job)
       return res.status(200).send({ recruiter: updatedFormulaire, token })
     }
   )