Feat: add validation and tests #170

Author: nevio18324

app/models/person.rb

@@ -63,7 +63,7 @@ class Person < ApplicationRecord
             inclusion: { in: ISO3166::Country.all.collect(&:alpha2) },
             allow_blank: true
 
-  validate :picture_size
+  validate :picture_size, :validate_url
 
   scope :list, -> { order(:name) }
 
@@ -111,10 +111,9 @@ def set_default_languages
     end
   end
 
-
-  def picture_url()
+  def picture_url
     picture_url = read_attribute(:picture_url)
-    picture_url.presence || super
+    picture_url.presence
   end
 
   private
@@ -124,4 +123,20 @@ def picture_size
 
     errors.add(:picture, :max_size_10MB)
   end
+
+  def url_valid?(picture_url)
+    return true if picture_url.nil? || picture_url.blank?
+
+    url = URI.parse(picture_url)
+    host_regex = /^(\w+\.)?#{ENV.fetch('PICTURE_HOST', 'puzzle.ch')}$/
+    url.host.match? host_regex
+  rescue URI::InvalidURIError
+    false
+  end
+
+  def validate_url
+    return if url_valid? picture_url
+
+    errors.add(:picture_url, :invalid_url)
+  end
 end

app/views/people/_form.html.haml

@@ -1,12 +1,11 @@
 = form_with model: @person do |form|
   %div.d-flex.flex-xl-row.flex-column
     %div.col-xl-3.col-12{"data-controller"=>"image-upload"}
-      - picture_src = @person.picture_url || @person.picture + Time.now.to_f
+      - picture_src = @person.picture_url || @person.picture
       %img.rounded-circle#avatar{src: picture_src, width: '141', height: '141'}
       %span.fw-normal
         = t "people.profile.image_url"
       = form.text_field :picture_url, {class: "mw-100 form-control ", "data-action" => "image-upload#changeImage", id: "avatar-url"}
-      oder
       %label.btn.btn-link.p-0{for: "avatar-uploader"}
         = t "people.profile.upload_image"
         %div.visually-hidden= form.file_field :picture, {  accept: "image/*", "data-action" => "image-upload#changeImage", id: "avatar-uploader" }

app/views/people/_profile.html.haml

@@ -5,7 +5,7 @@
     %turbo-frame{id: "#{dom_id @person}"}
       %div.d-flex.flex-xl-row.flex-column
         %div.col-xl-3.col-12
-          - picture_src = @person.picture_url || @person.picture + Time.now.to_f
+          - picture_src = @person.picture_url || @person.picture
           %img.rounded-circle{src: picture_src, width: '141', height: '141'}
           %div.mt-3
             = edit_action_link

config/locales/de-CH.yml

@@ -80,6 +80,7 @@ de-CH:
           one: Funktion
           other: Funktionä
         picture: Biud
+        picture_url: Biudadresse
         projects:
           one: Projekt
           other: Projektä
@@ -222,6 +223,7 @@ de-CH:
       chart_data_empty: Wähl e Abteilig, e Skill und es Jahr us, um d date ds zeige.
       chart_results_empty: Es si keni Snapshots gfunde worde, wo de gwählte Filter entspreche.
       invalid_date_range: muess vorem Änddatum si.
+      invalid_url: muess e validi URL si
       max_size_10MB: darf nid grösser aus 10MB si.
       max_size_error: darf nid grösser aus 10MB si.
       profile-not-found: Profiu isch nid gfungä wordä.
@@ -337,15 +339,15 @@ de-CH:
       export_form:
         anonymised_cv: Anonymisierter CV
         competences_skills: Chärnkompetenzä - Skills
-        location: 'Niderlassig (für Footer):'
-        skills_by_level: Skills nach Level
-        trainee: Trainee
         customer_code: Chundächürzu
-        department_code: Abteiligschürzu
-        project_code: Projektchürzu
         customer_code_placeholder: Ds Chundächürzu wird i dr Chopfzielä azeigt
+        department_code: Abteiligschürzu
         department_code_placeholder: Ds Abteiligschürzu wird i dr Chopfzielä azeigt
+        location: 'Niderlassig (für Footer):'
+        project_code: Projektchürzu
         project_code_placeholder: Ds Projektchürzu wird i dr Chopfzielä azeigt
+        skills_by_level: Skills nach Level
+        trainee: Trainee
     form:
       ptime_data: Diä Datä si usem Puzzle Time, drum chasch du diä nid veränderä.
     global:
@@ -370,8 +372,9 @@ de-CH:
       add_language: Sprache hinzuäfüegä
       change_image: Biud änderä
       core_competences: Chärnkompetenzä
+      image_url: Biudadrässä igä
       personals: Personaliä
-      upload_image: Biud hochladä
+      upload_image: oder es Biud hochladä
     projects:
       link:
         add: Neues Projekt

config/locales/de.yml

@@ -80,6 +80,7 @@ de:
           one: Funktion
           other: Funktionen
         picture: Bild
+        picture_url: Bildadresse
         projects:
           one: Projekt
           other: Projekte
@@ -207,6 +208,7 @@ de:
       chart_data_empty: Wähle eine Abteilung, einen Skill und ein Jahr aus, um Daten anzuzeigen.
       chart_results_empty: Es wurden keine Snapshots gefunden, die den gewählten Filtern entsprechen.
       invalid_date_range: muss vor dem Enddatum sein.
+      invalid_url: muss eine valide URL sein
       max_size_10MB: darf nicht grösser als 10MB sein.
       max_size_error: darf nicht grösser als 10MB sein.
       profile-not-found: Profil konnte nicht gefunden werden.
@@ -320,15 +322,15 @@ de:
       export_form:
         anonymised_cv: Anonymisierter CV
         competences_skills: Kernkompetenzen - Skills
-        location: 'Niederlassung (für Footer):'
-        skills_by_level: Skills nach Level
-        trainee: Trainee
         customer_code: Kundenkürzel
-        department_code: Bereichskürzel
-        project_code: Projektkürzel
         customer_code_placeholder: Das Kundenkürzel wird in der Kopfzeile angezeigt
+        department_code: Bereichskürzel
         department_code_placeholder: Das Bereichskürzel wird in der Kopfzeile angezeigt
+        location: 'Niederlassung (für Footer):'
+        project_code: Projektkürzel
         project_code_placeholder: Das Projektkürzel wird in der Kopfzeile angezeigt
+        skills_by_level: Skills nach Level
+        trainee: Trainee
     form:
       ptime_data: Diese Daten stammen aus dem Puzzle Time, daher kannst du diese nicht bearbeiten.
     global:
@@ -352,10 +354,10 @@ de:
       add_function: Funktion hinzufügen
       add_language: Sprache hinzufügen
       change_image: Bild ändern
-      image_url:  Bildadresse eingeben
       core_competences: Kernkompetenzen
+      image_url: Bildadresse eingeben
       personals: Personalien
-      upload_image: Bild hochladen
+      upload_image: oder ein Bild hochladen
     projects:
       link:
         add: Neues Projekt

config/locales/en.yml

@@ -80,6 +80,7 @@ en:
           one: Function
           other: Functions
         picture: Image
+        picture_url: Image URL
         projects:
           one: Project
           other: Projects
@@ -203,6 +204,7 @@ en:
       chart_data_empty: Select a department, skill and a year to display data.
       chart_results_empty: No snapshots matching the selected filters were found.
       invalid_date_range: must be before the end date.
+      invalid_url: must be a valid URL
       max_size_10MB: must not be larger than 10MB.
       max_size_error: must not be larger than 10MB.
       profile-not-found: Profile could not be found.
@@ -316,15 +318,15 @@ en:
       export_form:
         anonymised_cv: Anonymized CV
         competences_skills: Core competencies - Skills
-        location: 'Branch office (for footer):'
-        skills_by_level: Skills by level
-        trainee: Trainee
         customer_code: Client code
-        department_code: Department code
-        project_code: Project code
         customer_code_placeholder: The customer code is displayed in the header
+        department_code: Department code
         department_code_placeholder: The department code is displayed in the header
+        location: 'Branch office (for footer):'
+        project_code: Project code
         project_code_placeholder: The project code is displayed in the header
+        skills_by_level: Skills by level
+        trainee: Trainee
     form:
       ptime_data: This data comes from Puzzle Time, therefore you cannot edit it.
     global:
@@ -349,8 +351,9 @@ en:
       add_language: Add language
       change_image: Change picture
       core_competences: Core competencies
+      image_url: Enter image URL
       personals: Personal details
-      upload_image: Upload image
+      upload_image: or Upload an image
     projects:
       link:
         add: New project

config/locales/fr.yml

@@ -80,6 +80,7 @@ fr:
           one: Fonction
           other: Fonctions
         picture: Image
+        picture_url: URL de l’image
         projects:
           one: Projet
           other: Projets
@@ -203,6 +204,7 @@ fr:
       chart_data_empty: Sélectionnez un département, une compétence et une année pour afficher les données.
       chart_results_empty: Aucun instantané correspondant aux filtres sélectionnés n'a été trouvé.
       invalid_date_range: doit être antérieure à la date de fin.
+      invalid_url: doit être une URL valide
       max_size_10MB: ne doit pas dépasser 10 Mo.
       max_size_error: ne doit pas dépasser 10 Mo.
       profile-not-found: Le profil n'a pas été trouvé.
@@ -316,15 +318,15 @@ fr:
       export_form:
         anonymised_cv: CV anonyme
         competences_skills: Compétences clés - Skills
-        location: 'Établissement (pour le pied de page) :'
-        skills_by_level: Compétences par niveau
-        trainee: Stagiaire
         customer_code: Abréviation du client
+        customer_code_placeholder: le code client s'affiche dans l'en-tête
         department_code: Abréviation du département
+        department_code_placeholder: le code département s'affiche dans l'en-tête
+        location: 'Établissement (pour le pied de page) :'
         project_code: Abréviation du projet
-        customer_code_placeholder : le code client s'affiche dans l'en-tête
-        department_code_placeholder : le code département s'affiche dans l'en-tête
-        project_code_placeholder : le code projet s'affiche dans l'en-tête
+        project_code_placeholder: le code projet s'affiche dans l'en-tête
+        skills_by_level: Compétences par niveau
+        trainee: Stagiaire
     form:
       ptime_data: Ces données proviennent de Puzzle Time, vous ne pouvez donc pas les modifier.
     global:
@@ -349,8 +351,9 @@ fr:
       add_language: Ajouter une langue
       change_image: Modifier l'image
       core_competences: Compétences clés
+      image_url: saisir l’URL de l’image
       personals: Données personnelles
-      upload_image: Télécharger une image
+      upload_image: ou télécharger une image
     projects:
       link:
         add: Nouveau projet

config/locales/it.yml

@@ -80,6 +80,7 @@ it:
           one: Funzione
           other: Funzioni
         picture: Immagine
+        picture_url: URL dell'immagine
         projects:
           one: Progetto
           other: Progetti
@@ -203,6 +204,7 @@ it:
       chart_data_empty: Selezionare un unità organizzativa, una competenza e un anno per visualizzare i dati.
       chart_results_empty: Non sono state trovate istantanee corrispondenti ai filtri selezionati.
       invalid_date_range: deve essere precedente alla data di scadenza.
+      invalid_url: deve essere un URL valido
       max_size_10MB: non deve essere più grande di 10 MB.
       max_size_error: non deve essere più grande di 10 MB.
       profile-not-found: Il profilo non è stato trovato.
@@ -316,15 +318,15 @@ it:
       export_form:
         anonymised_cv: CV anonimo
         competences_skills: Competenze di base - Capacità
-        location: 'Sede secondaria (per il piè di pagina):'
-        skills_by_level: Competenze per livello
-        trainee: Apprendista
         customer_code: Abbreviazione cliente
-        department_code: Abbreviazione reparto
-        project_code: Abbreviazione progetto
         customer_code_placeholder: il codice cliente viene visualizzato nell'intestazione
+        department_code: Abbreviazione reparto
         department_code_placeholder: il codice reparto viene visualizzato nell'intestazione
+        location: 'Sede secondaria (per il piè di pagina):'
+        project_code: Abbreviazione progetto
         project_code_placeholder: il codice progetto viene visualizzato nell'intestazione
+        skills_by_level: Competenze per livello
+        trainee: Apprendista
     form:
       ptime_data: Questi dati provengono da Puzzle Time, pertanto non è possibile modificarli.
     global:
@@ -349,8 +351,9 @@ it:
       add_language: Aggiungi lingua
       change_image: Cambia immagine
       core_competences: Competenze di base
+      image_url: Inserisci l’URL dell’immagine
       personals: Dati personali
-      upload_image: Carica immagine
+      upload_image: oppure carica un'immagine
     projects:
       link:
         add: Nuovo progetto

config/locales/ja.yml

@@ -80,6 +80,7 @@ ja:
           one: 職務
           other: 職務
         picture: 写真
+        picture_url: 画像のURL
         projects:
           one: プロジェクト
           other: プロジェクト
@@ -203,6 +204,7 @@ ja:
       chart_data_empty: データを表示するには、部署、スキル、年を選択してください
       chart_results_empty: 選択したフィルターに一致するスナップショットは見つかりませんでした。
       invalid_date_range: 終了日より前の日付でなければなりません。
+      invalid_url: 有効なURLである必要があります
       max_size_10MB: 10MBを超えてはいけません。
       max_size_error: 10MBを超えてはいけません。
       profile-not-found: プロフィールが見つかりませんでした。
@@ -316,15 +318,15 @@ ja:
       export_form:
         anonymised_cv: 匿名化された履歴書
         competences_skills: コアコンピタンス - スキル
-        location: 支店（フッター用）：
-        skills_by_level: レベル別スキル
-        trainee: 研修生
         customer_code: クライアント略称
-        department_code: 部門略称
-        project_code: プロジェクト略称
         customer_code_placeholder: 顧客コードはヘッダーに表示されます
+        department_code: 部門略称
         department_code_placeholder: 部門コードはヘッダーに表示されます
+        location: 支店（フッター用）：
+        project_code: プロジェクト略称
         project_code_placeholder: プロジェクトコードはヘッダーに表示されます
+        skills_by_level: レベル別スキル
+        trainee: 研修生
     form:
       ptime_data: このデータはPuzzle Timeのものです。そのため、編集できません。
     global:
@@ -349,8 +351,9 @@ ja:
       add_language: 言語を追加
       change_image: 画像を変更
       core_competences: コアコンピテンシー
+      image_url: 画像のURLを入力
       personals: 個人情報
-      upload_image: 画像をアップロード
+      upload_image: または画像をアップロード
     projects:
       link:
         add: 新しいプロジェクト

spec/features/people_spec.rb

@@ -62,6 +62,7 @@ def common_languages_translated
 
   def fill_out_person_form
     page.attach_file("avatar-uploader", Rails.root + 'app/assets/images/anonymous_profile_picture.png')
+    fill_in 'avatar-url', with: 'https://www.puzzle.ch/app/uploads/2024/04/graphic-hero.svg'
     fill_in 'person_name', with: 'Hansjakobli'
     fill_in 'person_email', with: 'hanswurst@somemail.com'
     fill_in 'person_title', with: 'Wurstexperte'
@@ -97,6 +98,7 @@ def assert_form_persisted(old_number_of_roles)
 
     person = Person.find_by(name: 'Hansjakobli')
     expect(person.picture.identifier).to eql('anonymous_profile_picture.png')
+    expect(person.picture_url).to eql('https://www.puzzle.ch/app/uploads/2024/04/graphic-hero.svg')
     expect(person.email).to eql('hanswurst@somemail.com')
     expect(person.title).to eql('Wurstexperte')
     expect(person.person_roles.count).to eql(old_number_of_roles + 1)