Merge branch 'master' into feature/658-preview-video-links-in-admin

slovensko-digital · Nov 17, 2024 · 48c31c6 · 48c31c6
2 parents 1370899 + 7575597
commit 48c31c6
Show file tree

Hide file tree

Showing 65 changed files with 940 additions and 1,333 deletions.
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -255,7 +255,7 @@ GEM
       snaky_hash (~> 2.0)
       version_gem (~> 1.1)
     oj (3.14.2)
-    omniauth (2.1.1)
+    omniauth (2.1.2)
       hashie (>= 3.4.6)
       rack (>= 2.2.3)
       rack-protection
@@ -295,7 +295,7 @@ GEM
       que (>= 1)
       sinatra
     racc (1.7.1)
-    rack (2.2.8)
+    rack (2.2.9)
     rack-protection (3.0.5)
       rack
     rack-proxy (0.7.6)

diff --git a/app/assets/images/eid-sk.svg b/app/assets/images/eid-sk.svg
diff --git a/app/controllers/apps/ep_vote_app/application_forms_controller.rb b/app/controllers/apps/ep_vote_app/application_forms_controller.rb
@@ -1,7 +1,7 @@
 class Apps::EpVoteApp::ApplicationFormsController < ApplicationController
   helper FormatDaysHelper
   before_action :set_metadata, :check_inactive_ep_application, :disable_current_topic
-  before_action :disable_feedback, only: [:show, :delivery, :create]
+  before_action :disable_feedback, only: [:show, :delivery, :create, :send_email, :authorized_person_send]
 
   def show
     render_step('start')
@@ -12,13 +12,18 @@ def delivery
     render_step('delivery')
   end
 
-  def permanent_resident
+  def create
+    render_self
+  end
+
+  def authorized_person_send
     return render_self if request.post?
-    render_step('permanent_resident')
+    redirect_to delivery_apps_ep_vote_app_application_forms_path
   end
 
-  def create
-    render_self
+  def send_email
+    return render_self if request.post?
+    redirect_to delivery_apps_ep_vote_app_application_forms_path
   end
 
   private def render_self
@@ -34,9 +39,8 @@ def create
   private def form_params
     params.require(:apps_ep_vote_app_application_form).permit(
       :step,
-      :place_first_round,
-      :place_second_round,
-      :sk_citizen,
+      :place,
+      :citizenship,
       :delivery,
       :full_name, :pin, :nationality, :maiden_name,
       :authorized_person_full_name, :authorized_person_pin,
@@ -45,14 +49,17 @@ def create
       :delivery_street, :delivery_pobox, :delivery_municipality, :delivery_country,
       :municipality_email,
       :municipality_email_verified,
-      :permanent_resident,
-      :back
+      :sk_citizen_residency,
+      :back,
+      :eu_citizen_residency,
+      :eu_citizen_sk_resident,
+      :eu_citizen_non_sk_resident
     )
   end
 
   private def set_metadata
     @metadata.og.title = 'Žiadosť o hlasovací preukaz'
-    @metadata.og.image = 'https://volby.digital/images/share-2024.png'
+    @metadata.og.image = 'https://volby.digital/images/share-ep-2024.png'
     @metadata.og.description = 'Aj keď budete počas volieb mimo trvalého pobytu, voliť sa dá. Stačí požiadať.'
   end
 

diff --git a/app/controllers/apps/ep_vote_app_old/application_forms_controller.rb b/app/controllers/apps/ep_vote_app_old/application_forms_controller.rb
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
@@ -11,6 +11,11 @@ def create
     end
 
     if new_eid_identity?
+      unless fully_represents_subject?
+        render :insufficient_representation, locals: { eid_token: eid_token }
+        return
+      end
+
       render :new_eid_identity, locals: { eid_token: eid_token }
       return
     end
@@ -25,7 +30,18 @@ def create
     notice = user.previously_new_record? ? 'first_time_login' : 'Prihlásenie úspešné. Vitajte!'
 
     if eid_identity_approval?
-      user.update!(eid_sub: eid_sub_from_auth)
+      assertion = Upvs::Assertion.assertion(eid_token)
+
+      if assertion
+        user.update!(
+          eid_sub: eid_sub_from_auth,
+          subject_name: assertion.subject_name,
+          subject_cin: assertion.subject_cin,
+          subject_edesk_number: assertion.subject_edesk_number,
+          )
+      else
+        user.update!(eid_sub: eid_sub_from_auth)
+      end
     end
 
     unless should_keep_eid_token_in_session?(user.eid_sub)
@@ -57,7 +73,10 @@ def logout
 
   def destroy
     if should_perform_eid_logout?
-      redirect_to eid_token.generate_logout_url(expires_in: 5.minutes)
+      eid_logout_url = eid_token.generate_logout_url(expires_in: 5.minutes)
+      reset_session
+
+      redirect_to eid_logout_url
     else
       logout
     end
@@ -95,4 +114,9 @@ def after_login_redirect_path
     return session[:after_login_callback] if session[:after_login_callback]&.start_with?("/") # Only allow local redirects
     root_path
   end
+
+  def fully_represents_subject?
+    assertion = Upvs::Assertion.assertion(eid_token)
+    assertion&.fully_represents_subject?
+  end
 end