From d817dab7d8a206f1596faef989824737751347a8 Mon Sep 17 00:00:00 2001
From: syl-p <50445384+syl-p@users.noreply.github.com>
Date: Thu, 4 Jan 2024 15:37:55 +0100
Subject: [PATCH] feat: update user controller, active uuid for new user (#226)

* feat: update user controller, active uuid for new user

* fix: fix password-forgotten 404 return

* lint: remove shorthand rule

* fix: fix for optionnaly check access locked?

---------

Co-authored-by: Sylvain Pastor <sylvain@mbpdeatnosadmin.home>
---
 .rubocop.yml                        |  1 +
 app/controllers/users_controller.rb | 19 ++++++++-----------
 config/routes.rb                    |  2 +-
 3 files changed, 10 insertions(+), 12 deletions(-)

diff --git a/.rubocop.yml b/.rubocop.yml
index de72047c..6004acc2 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -5,3 +5,4 @@ Style/Documentation:
   Enabled: false
 Layout/LineLength:
   Max: 140
+EnforcedShorthandSyntax: never
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index abe1baaf..ce727c87 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -54,6 +54,7 @@ def update
   def check_uuid
     user = User.find_by(uuid: params[:uuid])
     return head :not_found unless user
+    return head :not_acceptable unless user.access_locked? || (params[:reset].present? && !user.access_locked?)
 
     # render user data
     render json: serialize(user)
@@ -61,19 +62,15 @@ def check_uuid
 
   def password_forgotten
     user = User.find_by(email: params[:email])
+    return head :not_found unless user
 
-    if user.present?
-      if user.access_locked?
-        render json: {}, status: :locked
-      elsif user.valid?
-        user.save
-        UserMailer.with(user: user).uuid_updated.deliver_now
-        render json: {} # change uuid
-      else
-        render json: {}, status: :not_acceptable # Not acceptable
-      end
+    if user.access_locked?
+      render json: {}, status: :locked
     else
-      render json: {}, status: :not_found
+      user.generate_uuid
+      user.save
+      UserMailer.with(user: user).uuid_updated.deliver_now
+      render json: {} # change uuid
     end
   end
 
diff --git a/config/routes.rb b/config/routes.rb
index 42dc5691..aa0b534e 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -4,7 +4,7 @@
 
   resources :users do
     collection do
-      get 'unlock_access/:uuid', to: 'users#check_uuid'
+      get 'unlock_access/:uuid(/:reset)', to: 'users#check_uuid'
       post 'password-forgotten', to: 'users#password_forgotten'
       put 'change-password', to: 'users#change_password'
     end