Implement new user dashboard

Have to change request specs, we have 2 redirects now

Closes https://linear.app/pole-api/issue/API-2120

Author: skelz0r

app/controllers/dashboard_controller.rb

@@ -1,3 +1,20 @@
 class DashboardController < AuthenticatedUserController
-  def index; end
+  layout 'dashboard'
+
+  def index
+    redirect_to dashboard_show_path(id: 'moi')
+  end
+
+  def show
+    case params[:id]
+    when 'moi'
+      @authorization_requests = policy_scope(AuthorizationRequest).where(applicant: current_user)
+    when 'organisation'
+      @authorization_requests = policy_scope(AuthorizationRequest)
+    when 'mentions'
+      @authorization_requests = AuthorizationRequestsMentionsQuery.new(current_user).perform
+    else
+      redirect_to dashboard_show_path(id: 'moi')
+    end
+  end
 end

app/policies/application_policy.rb

@@ -37,6 +37,8 @@ def destroy?
   delegate :current_organization, to: :user
 
   class Scope
+    delegate :current_organization, to: :user
+
     def initialize(user, scope)
       @user = user
       @scope = scope

app/policies/authorization_request_policy.rb

@@ -35,4 +35,10 @@ def unicity_constraint_violated?
   def another_authorization_request_with_same_type_exists?
     current_organization.authorization_requests.where(type: record.to_s).any?
   end
+
+  class Scope < Scope
+    def resolve
+      scope.where(organization: current_organization)
+    end
+  end
 end

app/views/dashboard/index.html.erb

@@ -0,0 +1,21 @@
+<% if @authorization_requests.any? %>
+  <% if @authorization_requests.changes_requested.any? %>
+    <%= render partial: 'authorization_requests', locals: { authorization_requests: @authorization_requests.changes_requested, kind: 'changes_requested' } %>
+  <% end %>
+
+  <% if @authorization_requests.validated_or_refused.any? %>
+    <%= render partial: 'authorization_requests', locals: { authorization_requests: @authorization_requests.validated_or_refused, kind: 'validated_or_refused' } %>
+  <% end %>
+
+  <% if @authorization_requests.drafts.any? %>
+    <%= render partial: 'authorization_requests', locals: { authorization_requests: @authorization_requests.drafts, kind: 'draft' } %>
+  <% end %>
+
+  <% if @authorization_requests.in_instructions.any? %>
+    <%= render partial: 'authorization_requests', locals: { authorization_requests: @authorization_requests.in_instructions, kind: 'pending' } %>
+  <% end %>
+<% else %>
+  <h3 class="center">
+    <%= t(".no_authorization_requests.#{params[:id]}") %>
+  </h3>
+<% end %>

app/views/dashboard/show.html.erb

@@ -0,0 +1,58 @@
+<%= content_for(:body) do %>
+  <div class="sub-header">
+    <h1 class="fr-m-0">
+      <%= t('.title') %>
+    </h1>
+
+    <div>
+      <% if current_user.instructor? %>
+        <%= link_to t('.instruction_cta'), instruction_path, class: %w(fr-btn fr-btn--secondary fr-icon-file-add-fill fr-btn--icon-left) %>
+      <% end %>
+      <%= link_to t('.new_authorization_request'), authorization_requests_path, class: %w(fr-btn fr-btn--secondary fr-icon-add-line fr-btn--icon-left) %>
+    </div>
+  </div>
+
+  <% tabs = ['moi', 'organisation', 'mentions'] %>
+
+  <div class="fr-tabs fr-pt-5w">
+    <ul class="fr-tabs__list" role="tablist" aria-label="Menu secondaire">
+      <% tabs.each do |id| %>
+        <% path = dashboard_show_path(id:) %>
+
+        <li role="presentation">
+          <%=
+            link_to t(".tabs.#{id}.title"),
+              path,
+              class: [
+                'fr-tabs__tab',
+              ],
+              role: 'tab',
+              id: "tab-#{id}",
+              tabindex: current_page?(path) ? '0' : '-1',
+              data: {
+                turbo_frame: "tab-#{id}-panel",
+              },
+              aria: {
+                selected: current_page?(path),
+                controls: "tab-#{id}-panel"
+              }
+          %>
+        </li>
+      <% end %>
+    </ul>
+
+    <% tabs.each do |id| %>
+      <% path = dashboard_show_path(id:) %>
+
+      <turbo-frame id="tab-<%= id %>-panel" class="fr-tabs__panel fr-tabs__panel--selected" role="tabpanel" aria-labelledby="tab-<%= id %>" tabindex="0" data-turbo-action="advance">
+        <% if current_page?(path) %>
+          <%= yield %>
+        <% else %>
+          <%= render partial: 'shared/loader' %>
+        <% end %>
+      </turbo-frame>
+    <% end %>
+  </div>
+<% end %>
+
+<%= render template: 'layouts/application' %>

app/views/layouts/dashboard.html.erb

@@ -34,6 +34,18 @@ fr:
         - annuaire-entreprises.data.gouv.fr
         - data.gouv.fr
 
+    dashboard:
+      title: Accueil
+      instruction_cta: Espace instruction
+      new_authorization_request: Demander une nouvelle habilitation
+      tabs:
+        moi:
+          title: Mes demandes ou habilitations
+        organisation:
+          title: Les demandes ou habilitations de l'organisation
+        mentions:
+          title: Mes mentions
+
     instruction:
       authorization_request:
         tabs:
@@ -65,11 +77,11 @@ fr:
       title: Se connecter
 
   dashboard:
-    index:
-      title: Accueil
-      instruction_cta: Espace instruction
-      new_authorization_request: Demander une nouvelle habilitation
-      no_authorization_requests: Vous n'avez aucun habilitations ou demandes en cours.
+    show:
+      no_authorization_requests:
+        moi: Vous n'avez aucune habilitation ou demande en cours.
+        organisation: Votre organization ne possède aucune habilitation ou demande en cours.
+        mentions: Vous n'êtes mentionné dans aucune habilitation ou demande en cours.
     authorization_requests:
       validated_or_refused_title: Mes habilitations
       draft_title: Demandes en brouillon

config/locales/fr.yml

@@ -7,6 +7,7 @@
   get 'compte/deconnexion', to: 'sessions#destroy', as: :signout
 
   get '/tableau-de-bord', to: 'dashboard#index', as: :dashboard
+  get '/tableau-de-bord/:id', to: 'dashboard#show', as: :dashboard_show
 
   get '/compte', to: 'profile#edit', as: :profile
   patch '/compte', to: 'profile#update'

config/routes.rb

@@ -52,16 +52,31 @@
 
     visit instruction_authorization_request_path(authorization_request)
   else
-    authorization_request = create_authorization_requests_with_status(type, status, 1, current_user).first
+    authorization_request = create_authorization_requests_with_status(type, status, 1, applicant: current_user).first
 
     visit authorization_request_path(authorization_request)
   end
 end
 
-# https://rubular.com/r/AiBmvod6e8ssvO
-Quand(/(j'ai|il y a) (\d+) demandes? d'habilitation "([^"]+)" ?(?:en )?(.+)?/) do |who, count, type, status|
-  applicant = who == 'j\'ai' ? current_user : nil
-  create_authorization_requests_with_status(type, status, count, applicant)
+# https://rubular.com/r/t8v2hsttNnb9h3
+Quand(/(j'ai|il y a|mon organisation a) (\d+) demandes? d'habilitation "([^"]+)" ?(?:en )?(.+)?/) do |who, count, type, status|
+  applicant = case who
+              when 'j\'ai'
+                current_user
+              when 'mon organisation a'
+                create(:user, current_organization: current_user.current_organization)
+              end
+
+  create_authorization_requests_with_status(type, status, count, applicant:)
+end
+
+Quand(/je suis mentionné dans (\d+) demandes? d'habilitation "([^"]+)" en tant que "([^"]+)"/) do |count, type, role_humanized|
+  role = role_humanized.parameterize.underscore
+  options = {
+    "#{role}_email": current_user.email,
+  }
+
+  create_authorization_requests_with_status(type, nil, count, options)
 end
 
 # https://rubular.com/r/dRUFmK5dzDpjJv

features/step_definitions/authorization_requests_steps.rb

@@ -24,25 +24,25 @@ def extract_state_from_french_status(status)
 end
 
 # rubocop:disable Metrics/MethodLength
-def create_authorization_requests_with_status(type, status = nil, count = 1, applicant = nil)
-  applicant ||= FactoryBot.create(:user)
+def create_authorization_requests_with_status(type, status = nil, count = 1, attributes = {})
+  attributes[:applicant] ||= FactoryBot.create(:user)
 
   if status
     FactoryBot.create_list(
       :authorization_request,
       count,
       extract_state_from_french_status(status),
       find_factory_trait_from_name(type),
-      applicant:,
-      organization: applicant.current_organization,
+      organization: attributes[:applicant].current_organization,
+      **attributes,
     )
   else
     FactoryBot.create_list(
       :authorization_request,
       count,
       find_factory_trait_from_name(type),
-      applicant:,
-      organization: applicant.current_organization,
+      organization: attributes[:applicant].current_organization,
+      **attributes,
     )
   end
 end

features/support/authorization_request_helpers.rb

@@ -8,10 +8,31 @@ Fonctionnalité: Tableau de bord
     Sachant que je suis un demandeur
     Et que je me connecte
 
-  Scénario: Je vois l'ensemble des habilitations quelque soit leur état
+  Scénario: Je vois sur l'écran principal l'ensemble de mes habilitations quelque soit leur état
     Quand j'ai 1 demande d'habilitation "API Entreprise" en brouillon
     Et j'ai 1 demande d'habilitation "API Entreprise" en attente
     Et j'ai 1 demande d'habilitation "API Entreprise" refusée
     Et j'ai 1 demande d'habilitation "API Entreprise" validée
+    Et que mon organisation a 1 demande d'habilitation "API Entreprise"
     Et que je vais sur la page du tableau de bord
     Alors je vois 4 demandes d'habilitation
+
+  Scénario: Je ne vois pas sur l'écran principal les habilitations de mon organisation
+    Quand mon organisation a 1 demande d'habilitation "API Entreprise"
+    Et que je vais sur la page du tableau de bord
+    Alors je vois 0 demande d'habilitation
+
+  Scénario: Je vois toutes les habilitations de mon organization
+    Quand mon organisation a 2 demandes d'habilitation "API Entreprise"
+    Et que j'ai 1 demande d'habilitation "API Particulier"
+    Et que je vais sur la page du tableau de bord
+    Et que je clique sur "Les demandes ou habilitations de l'organisation"
+    Alors je vois 3 demandes d'habilitations
+
+  Scénario: Je vois les habilitations où je suis mentionné
+    Quand j'ai 3 demandes d'habilitation "API Entreprise"
+    Et que mon organisation a 2 demandes d'habilitation "API Entreprise"
+    Et que je suis mentionné dans 1 demande d'habilitation "API Entreprise" en tant que "Contact métier"
+    Et que je vais sur la page du tableau de bord
+    Et que je clique sur "Mes mentions"
+

features/tableau_de_bord.feature

@@ -133,7 +133,7 @@
           submit_habilitation
         }.to change { authorization_request.reload.state }.to('submitted')
 
-        expect(page).to have_current_path(dashboard_path)
+        expect(page).to have_current_path(/#{dashboard_path}/)
       end
     end
 

spec/features/authorization_requests/multiple_steps_spec.rb

@@ -28,7 +28,7 @@
       it 'does not allow access' do
         visit authorization_request_form_path(form_uid: authorization_request_form.uid, id: authorization_request.id)
 
-        expect(page).to have_current_path(dashboard_path, ignore_query: true)
+        expect(page).to have_current_path(/#{dashboard_path}/)
       end
     end
   end

spec/features/authorization_requests/submit_spec.rb

@@ -27,7 +27,7 @@
     it 'can not access the instruction space' do
       visit_instruction
 
-      2.times { follow_redirect! }
+      3.times { follow_redirect! }
 
       expect(response.body).to include('pas le droit')
     end

spec/requests/instruction_access_spec.rb

@@ -25,7 +25,7 @@ def sign_in(user)
   it do
     subject
 
-    follow_redirect!
+    2.times { follow_redirect! }
 
     expect(response.body).to include('pas le droit')
   end