Merge branch 'main' into feat-securisation

.github/CODEOWNERS

@@ -0,0 +1,6 @@
+.github/ @mission-apprentissage/mna
+.infra/ @mission-apprentissage/mna
+.bin/ @mission-apprentissage/mna
+server/ @mission-apprentissage/lba
+ui/ @mission-apprentissage/lba
+shared/ @mission-apprentissage/lba

.talismanrc

@@ -52,13 +52,13 @@ fileignoreconfig:
 - filename: server/tests/integration/http/passwordRoutes.test.ts
   checksum: e9869aceb9bb23877dccf1c6e2de729bfe685f7e40231c465fc40cdcc7c68c14
 - filename: server/tests/unit/security/accessTokenService.test.ts
-  checksum: 58153e7e57ef450bfbf061f322cd8b7643dba12513b183194b4eafdb166f58d3
+  checksum: 232b1bae52a4d4f961637f59b09da5e480147864c76980a2b86e77a73bb36923
 - filename: server/tests/unit/security/authorisationService.test.ts
   checksum: 581074420be582973bbfcdfafe1f700ca32f56e331911609cdc1cb2fb2626383
 - filename: shared/constants/recruteur.ts
   checksum: 28af032d2eb26aec7dd3bb1d32253f992a036626c36a92eb1e7ff07599fd0b2b
 - filename: shared/helpers/generateUri.ts
-  checksum: 6542db0d3eca959c6e81d574f8b71d4b18d2f1af21042ca5ed4dff319cd39555
+  checksum: 03ecb8627c19374e97450e5974ca6a5f51e269a8bb1cf5d372a8c2a2aca72cfa
 - filename: shared/helpers/openapi/__snapshots__/generateOpenapi.test.ts.snap
   checksum: 9358c7f8155efcfc5687be3f01ae3516a05988118304c124a3358094aa966363
 - filename: shared/helpers/openapi/generateOpenapi.test.ts
@@ -73,6 +73,8 @@ fileignoreconfig:
   checksum: f9d2657f85f9f885deddf2ed1fd006d8278d27174659f0ed5a35e4d11343bb3a
 - filename: ui/common/hooks/useAuth.ts
   checksum: 7cce935653407e000b35e98bd365a003e538aed4fed432a9a404d4f2412dd2df
+- filename: ui/components/ItemDetail/ItemDetail.tsx
+  checksum: 1fcc0442306f83b5e45bf7da67304527598d7749b9e2642c6d4628d3b4f15a9c
 - filename: ui/components/espace_pro/Admin/utilisateurs/UserList.tsx
   checksum: a50177afa593bae5707bdba29ef27b8f2ed0bc58487491bfff580e7e1f422243
 - filename: ui/components/espace_pro/Admin/utilisateurs/infoDetails/InfoDetails.tsx

server/src/common/model/schema/userRecruteur/usersRecruteur.schema.ts

@@ -1,6 +1,7 @@
 import { IUserRecruteur, IUserStatusValidation } from "shared"
+import { ETAT_UTILISATEUR } from "shared/constants/recruteur"
 
-import { ETAT_UTILISATEUR, VALIDATION_UTILISATEUR } from "../../../../services/constant.service"
+import { VALIDATION_UTILISATEUR } from "../../../../services/constant.service"
 import { model, Schema } from "../../../mongodb"
 import { mongoosePagination, Pagination } from "../_shared/mongoose-paginate"
 

server/src/http/controllers/jobs/jobs.controller.ts

@@ -84,10 +84,8 @@ export default (server: Server) => {
     "/v1/jobs/establishment",
     {
       schema: zRoutes.post["/v1/jobs/establishment"],
-      config,
       onRequest: server.auth(zRoutes.post["/v1/jobs/establishment"]),
-      attachValidation: true,
-      // TODO: AttachValidation Error ?
+      config,
     },
     async (req, res) => {
       const { body } = req
@@ -123,8 +121,8 @@ export default (server: Server) => {
     "/v1/jobs/:establishmentId",
     {
       schema: zRoutes.post["/v1/jobs/:establishmentId"],
-      config,
       onRequest: server.auth(zRoutes.post["/v1/jobs/:establishmentId"]),
+      config,
     },
     async (req, res) => {
       const { establishmentId } = req.params
@@ -179,9 +177,8 @@ export default (server: Server) => {
     "/v1/jobs/:jobId",
     {
       schema: zRoutes.patch["/v1/jobs/:jobId"],
-      config,
       onRequest: server.auth(zRoutes.patch["/v1/jobs/:jobId"]),
-      attachValidation: true,
+      config,
     },
     async (req, res) => {
       const { jobId } = req.params
@@ -201,25 +198,23 @@ export default (server: Server) => {
     "/v1/jobs/delegations/:jobId",
     {
       schema: zRoutes.get["/v1/jobs/delegations/:jobId"],
-      config,
       onRequest: server.auth(zRoutes.get["/v1/jobs/delegations/:jobId"]),
-      attachValidation: true,
-      // TODO: AttachValidation Error ?
+      config,
     },
     async (req, res) => {
       const { jobId } = req.params
-      const jobExists = await getOffre(jobId.toString())
+      const recruiter = await getOffre(jobId.toString())
 
-      if (!jobExists) {
-        return res.status(400).send({ error: true, message: "Job does not exists" })
+      if (!recruiter) {
+        throw Boom.badRequest("Job does not exists")
       }
 
-      if (!jobExists.geo_coordinates) {
-        throw Boom.internal("geo_coordinates is empty", { jobId: jobExists._id })
+      if (!recruiter.geo_coordinates) {
+        throw Boom.internal("geo_coordinates is empty", { jobId: recruiter._id })
       }
 
-      const [latitude = "", longitude = ""] = jobExists.geo_coordinates.split(",")
-      const { rome_code } = jobExists.jobs.filter(({ _id }) => _id == jobId)[0]
+      const [latitude = "", longitude = ""] = recruiter.geo_coordinates.split(",")
+      const { rome_code } = recruiter.jobs.filter(({ _id }) => _id.toString() === jobId.toString())[0]
 
       // Get related establishment from a job offer
       const etablissements = await getNearEtablissementsFromRomes({
@@ -230,6 +225,10 @@ export default (server: Server) => {
         },
       })
 
+      if (!etablissements.length) {
+        throw Boom.notFound("No delegations found")
+      }
+
       const top10 = etablissements.slice(0, 10)
 
       return res.status(200).send(top10)
@@ -240,119 +239,105 @@ export default (server: Server) => {
     "/v1/jobs/delegations/:jobId",
     {
       schema: zRoutes.post["/v1/jobs/delegations/:jobId"],
-      config,
       onRequest: server.auth(zRoutes.post["/v1/jobs/delegations/:jobId"]),
-      attachValidation: true,
-      // TODO: AttachValidation Error ?
     },
     async (req, res) => {
       const { jobId } = req.params
       const jobExists = await getOffre(jobId.toString())
 
       if (!jobExists) {
-        return res.status(400).send({ error: true, message: "Job does not exists" })
+        throw Boom.badRequest("Job does not exists")
       }
 
       const updatedRecruiter = await createJobDelegations({ jobId: jobId.toString(), etablissementCatalogueIds: req.body.establishmentIds })
 
-      res.status(200)
-      return res.send(updatedRecruiter)
+      return res.status(200).send(updatedRecruiter)
     }
   )
 
   server.post(
     "/v1/jobs/provided/:jobId",
     {
       schema: zRoutes.post["/v1/jobs/provided/:jobId"],
-      config,
       onRequest: server.auth(zRoutes.post["/v1/jobs/provided/:jobId"]),
-      // TODO: AttachValidation Error ?
+      config,
     },
     async (req, res) => {
       const { jobId } = req.params
       const job = await getJob(jobId.toString())
 
       if (!job) {
-        return res.status(400).send({ error: true, message: "Job does not exists" })
+        throw Boom.badRequest("Job does not exists")
       }
 
       if (job.job_status === POURVUE) {
-        return res.status(400).send({ error: true, message: "Job is already provided" })
+        throw Boom.badRequest("Job is already provided")
       }
 
       await provideOffre(jobId)
 
-      return res.status(204).send({})
+      return res.status(204).send()
     }
   )
 
   server.post(
     "/v1/jobs/canceled/:jobId",
     {
       schema: zRoutes.post["/v1/jobs/canceled/:jobId"],
-      config,
       onRequest: server.auth(zRoutes.post["/v1/jobs/canceled/:jobId"]),
-      // TODO: AttachValidation Error ?
+      config,
     },
     async (req, res) => {
       const { jobId } = req.params
       const job = await getJob(jobId.toString())
 
       if (!job) {
-        res.status(400)
-        return res.send({ error: true, message: "Job does not exists" })
+        throw Boom.badRequest("Job does not exists")
       }
 
       if (job.job_status === ANNULEE) {
-        res.status(400)
-        return res.send({ error: true, message: "Job is already canceled" })
+        throw Boom.badRequest("Job is already canceled")
       }
 
       await cancelOffre(jobId)
 
-      return res.status(204).send({})
+      return res.status(204).send()
     }
   )
 
   server.post(
     "/v1/jobs/extend/:jobId",
     {
       schema: zRoutes.post["/v1/jobs/extend/:jobId"],
-      config,
       onRequest: server.auth(zRoutes.post["/v1/jobs/extend/:jobId"]),
-      // TODO: AttachValidation Error ?
+      config,
     },
     async (req, res) => {
       const { jobId } = req.params
       const job = await getJob(jobId.toString())
 
       if (!job) {
-        res.status(400)
-        return res.send({ error: true, message: "Job does not exists" })
+        throw Boom.badRequest("Job does not exists")
       }
 
       if (addExpirationPeriod(dayjs()).isSame(dayjs(job.job_expiration_date), "day")) {
-        res.status(400)
-        return res.send({ error: true, message: "Job is already extended up to a month" })
+        throw Boom.badRequest("Job is already extended up to a month")
       }
 
       if (job.job_status !== ACTIVE) {
-        res.status(400)
-        return res.send({ error: true, message: "Job cannot be extended as it is not enabled" })
+        throw Boom.badRequest("Job cannot be extended as it is not active")
       }
 
       await extendOffre(jobId)
 
-      res.status(204)
-      return res.send({})
+      return res.status(204).send()
     }
   )
   server.get(
     "/v1/jobs",
     {
       schema: zRoutes.get["/v1/jobs"],
       config,
-      // TODO: AttachValidation Error ?
     },
     async (req, res) => {
       const { referer } = req.headers
@@ -378,7 +363,6 @@ export default (server: Server) => {
     {
       schema: zRoutes.get["/v1/jobs/company/:siret"],
       config,
-      // TODO: AttachValidation Error ?
     },
     async (req, res) => {
       const { siret } = req.params
@@ -409,7 +393,6 @@ export default (server: Server) => {
     {
       schema: zRoutes.get["/v1/jobs/matcha/:id"],
       config,
-      // TODO: AttachValidation Error ?
     },
     async (req, res) => {
       const { id } = req.params
@@ -449,7 +432,6 @@ export default (server: Server) => {
     {
       schema: zRoutes.post["/v1/jobs/matcha/:id/stats/view-details"],
       config,
-      // TODO: AttachValidation Error ?
     },
     async (req, res) => {
       const { id } = req.params
@@ -463,7 +445,6 @@ export default (server: Server) => {
     {
       schema: zRoutes.get["/v1/jobs/job/:id"],
       config,
-      // TODO: AttachValidation Error ?
     },
     async (req, res) => {
       const { id } = req.params

server/src/http/routes/auth/login.controller.ts

@@ -1,4 +1,5 @@
 import Boom from "boom"
+import { ETAT_UTILISATEUR } from "shared/constants/recruteur"
 import { toPublicUser, zRoutes } from "shared/index"
 
 import { getStaticFilePath } from "@/common/utils/getStaticFilePath"
@@ -7,7 +8,7 @@ import { createAuthMagicLink } from "@/services/appLinks.service"
 
 import { startSession, stopSession } from "../../../common/utils/session.service"
 import config from "../../../config"
-import { CFA, ENTREPRISE, ETAT_UTILISATEUR } from "../../../services/constant.service"
+import { CFA, ENTREPRISE } from "../../../services/constant.service"
 import { sendUserConfirmationEmail } from "../../../services/etablissement.service"
 import mailer from "../../../services/mailer.service"
 import { getUser, getUserStatus, registerUser } from "../../../services/userRecruteur.service"

server/src/http/routes/etablissementRecruteur.controller.ts

@@ -1,7 +1,7 @@
 import Boom from "boom"
 import { IUserRecruteur, toPublicUser, zRoutes } from "shared"
 import { BusinessErrorCodes } from "shared/constants/errorCodes"
-import { RECRUITER_STATUS } from "shared/constants/recruteur"
+import { ETAT_UTILISATEUR, RECRUITER_STATUS } from "shared/constants/recruteur"
 
 import { Recruiter, UserRecruteur } from "@/common/model"
 import { startSession } from "@/common/utils/session.service"
@@ -10,7 +10,7 @@ import { getUserFromRequest } from "@/security/authenticationService"
 import { getAllDomainsFromEmailList, getEmailDomain, isEmailFromPrivateCompany, isUserMailExistInReferentiel } from "../../common/utils/mailUtils"
 import { notifyToSlack } from "../../common/utils/slackUtils"
 import { getNearEtablissementsFromRomes } from "../../services/catalogue.service"
-import { CFA, ENTREPRISE, ETAT_UTILISATEUR } from "../../services/constant.service"
+import { CFA, ENTREPRISE } from "../../services/constant.service"
 import {
   entrepriseOnboardingWorkflow,
   etablissementUnsubscribeDemandeDelegation,

server/src/http/routes/user.controller.ts

@@ -1,12 +1,13 @@
 import Boom from "boom"
+import { ETAT_UTILISATEUR } from "shared/constants/recruteur"
 import { IJob, getUserStatus, zRoutes } from "shared/index"
 
 import { stopSession } from "@/common/utils/session.service"
 
 import { Recruiter, UserRecruteur } from "../../common/model/index"
 import { getStaticFilePath } from "../../common/utils/getStaticFilePath"
 import config from "../../config"
-import { ENTREPRISE, ETAT_UTILISATEUR, RECRUITER_STATUS } from "../../services/constant.service"
+import { ENTREPRISE, RECRUITER_STATUS } from "../../services/constant.service"
 import { activateEntrepriseRecruiterForTheFirstTime, deleteFormulaire, getFormulaire, reactivateRecruiter } from "../../services/formulaire.service"
 import mailer from "../../services/mailer.service"
 import { getUserAndRecruitersDataForOpcoUser } from "../../services/user.service"
@@ -211,7 +212,7 @@ export default (server: Server) => {
     "/user/:userId/history",
     {
       schema: zRoutes.put["/user/:userId/history"],
-      preHandler: [],
+      onRequest: [server.auth(zRoutes.put["/user/:userId/history"])],
     },
     async (req, res) => {
       const history = req.body

server/src/jobs/jobs.ts

@@ -1,7 +1,8 @@
+import { ETAT_UTILISATEUR } from "shared/constants/recruteur"
+
 import { createMongoDBIndexes } from "@/common/model"
 import { IInternalJobsCronTask, IInternalJobsSimple } from "@/common/model/schema/internalJobs/internalJobs.types"
 import { create as createMigration, status as statusMigration, up as upMigration } from "@/jobs/migrations/migrations"
-import { ETAT_UTILISATEUR } from "@/services/constant.service"
 
 import { getLoggerWithContext } from "../common/logger"
 import config from "../config"

server/src/jobs/lba_recruteur/formulaire/misc/UpdateEmailToLowerCase.ts

@@ -1,7 +1,9 @@
+import { ETAT_UTILISATEUR } from "shared/constants/recruteur"
+
 import { logger } from "../../../../common/logger"
 import { Recruiter, UserRecruteur } from "../../../../common/model/index"
 import { asyncForEach } from "../../../../common/utils/asyncUtils"
-import { ETAT_UTILISATEUR, RECRUITER_STATUS, VALIDATION_UTILISATEUR } from "../../../../services/constant.service"
+import { RECRUITER_STATUS, VALIDATION_UTILISATEUR } from "../../../../services/constant.service"
 import { runScript } from "../../../scriptWrapper"
 
 function hasUpperCase(str) {

server/src/jobs/lba_recruteur/opco/relanceOpco.ts

@@ -1,11 +1,11 @@
 import { IUserRecruteur } from "shared"
+import { ETAT_UTILISATEUR } from "shared/constants/recruteur"
 
 import { getStaticFilePath } from "@/common/utils/getStaticFilePath"
 
 import { UserRecruteur } from "../../../common/model/index"
 import { asyncForEach } from "../../../common/utils/asyncUtils"
 import config from "../../../config"
-import { ETAT_UTILISATEUR } from "../../../services/constant.service"
 import mailer from "../../../services/mailer.service"
 
 /**

server/src/jobs/lba_recruteur/user/misc/updateMissingActivationState.ts

@@ -1,10 +1,11 @@
 import Boom from "boom"
+import { ETAT_UTILISATEUR } from "shared/constants/recruteur"
 
 import { logger } from "../../../../common/logger"
 import { UserRecruteur } from "../../../../common/model/index"
 import { asyncForEach } from "../../../../common/utils/asyncUtils"
 import { notifyToSlack } from "../../../../common/utils/slackUtils"
-import { ENTREPRISE, ETAT_UTILISATEUR } from "../../../../services/constant.service"
+import { ENTREPRISE } from "../../../../services/constant.service"
 import { autoValidateCompany } from "../../../../services/etablissement.service"
 import { activateEntrepriseRecruiterForTheFirstTime, getFormulaire } from "../../../../services/formulaire.service"
 import { sendWelcomeEmailToUserRecruteur, updateUser } from "../../../../services/userRecruteur.service"