✨ (api): add PATCH validate-certification-instructions route

api/src/certification/enrolment/application/certification-candidate-route.js

@@ -2,6 +2,7 @@ import JoiDate from '@joi/date';
 import BaseJoi from 'joi';
 const Joi = BaseJoi.extend(JoiDate);
 import { authorization } from '../../../../lib/application/preHandlers/authorization.js';
+import { securityPreHandlers } from '../../../shared/application/security-pre-handlers.js';
 import { identifiersType } from '../../../shared/domain/types/identifiers-type.js';
 import { certificationCandidateController } from './certification-candidate-controller.js';
 
@@ -167,6 +168,29 @@ const register = async function (server) {
         ],
       },
     },
+    {
+      method: 'PATCH',
+      path: '/api/certification-candidates/{certificationCandidateId}/validate-certification-instructions',
+      config: {
+        validate: {
+          params: Joi.object({
+            certificationCandidateId: identifiersType.certificationCandidateId,
+          }),
+        },
+        pre: [
+          {
+            method: securityPreHandlers.checkUserIsCandidate,
+            assign: 'authorizationCheck',
+          },
+        ],
+        handler: certificationCandidateController.validateCertificationInstructions,
+        tags: ['api', 'certification-candidates'],
+        notes: [
+          'Cette route est restreinte aux utilisateurs authentifiés',
+          'Elle permet à un candidat de valider les instructions de certification',
+        ],
+      },
+    },
   ]);
 };
 

api/tests/certification/enrolment/acceptance/application/certification-candidate-route_test.js

@@ -74,4 +74,48 @@ describe('Acceptance | Controller | Session | certification-candidate-route', fu
       );
     });
   });
+
+  describe('PATCH /api/certification-candidates/{certificationCandidateId}/validate-certification-instructions', function () {
+    it('should respond with a 200', async function () {
+      // given
+      const certificationCenterId = databaseBuilder.factory.buildCertificationCenter().id;
+      const sessionId = databaseBuilder.factory.buildSession({ certificationCenterId }).id;
+      const candidateUserId = databaseBuilder.factory.buildUser().id;
+      const candidateId = databaseBuilder.factory.buildCertificationCandidate({
+        id: 1001,
+        sessionId,
+        userId: candidateUserId,
+        hasSeenCertificationInstructions: false,
+      }).id;
+
+      await databaseBuilder.commit();
+
+      // when
+      const options = {
+        method: 'PATCH',
+        url: `/api/certification-candidates/${candidateId}/validate-certification-instructions`,
+        payload: {},
+        headers: { authorization: generateValidRequestAuthorizationHeader(candidateUserId, 'pix') },
+      };
+
+      // when
+      const response = await server.inject(options);
+
+      // then
+      expect(response.statusCode).to.equal(200);
+      expect(response.result).to.deep.equal({
+        data: {
+          attributes: {
+            birthdate: '2000-01-04',
+            'first-name': 'first-name',
+            'has-seen-certification-instructions': true,
+            'last-name': 'last-name',
+            'session-id': sessionId,
+          },
+          id: '1001',
+          type: 'certification-candidates',
+        },
+      });
+    });
+  });
 });

api/tests/certification/enrolment/unit/application/certification-candidate-route_test.js

@@ -2,6 +2,7 @@ import { authorization } from '../../../../../lib/application/preHandlers/author
 import { NotFoundError } from '../../../../../lib/domain/errors.js';
 import { certificationCandidateController } from '../../../../../src/certification/enrolment/application/certification-candidate-controller.js';
 import * as moduleUnderTest from '../../../../../src/certification/enrolment/application/certification-candidate-route.js';
+import { securityPreHandlers } from '../../../../../src/shared/application/security-pre-handlers.js';
 import { expect, HttpTestServer, sinon } from '../../../../test-helper.js';
 
 describe('Unit | Application | Sessions | Routes', function () {
@@ -273,6 +274,46 @@ describe('Unit | Application | Sessions | Routes', function () {
     });
   });
 
+  describe('PATCH /api/certification-candidates/{certificationCandidateId}/validate-certification-instructions', function () {
+    describe('when the user is not authorized', function () {
+      it('should return 403', async function () {
+        // given
+        sinon.stub(securityPreHandlers, 'checkUserIsCandidate').callsFake((request, h) =>
+          h
+            .response({ errors: new Error('forbidden') })
+            .code(403)
+            .takeover(),
+        );
+        const httpTestServer = new HttpTestServer();
+        await httpTestServer.register(moduleUnderTest);
+
+        const response = await httpTestServer.request(
+          'PATCH',
+          '/api/certification-candidates/3/validate-certification-instructions',
+        );
+
+        // then
+        expect(response.statusCode).to.equal(403);
+      });
+    });
+
+    it('should return 200', async function () {
+      // given
+      sinon.stub(securityPreHandlers, 'checkUserIsCandidate').returns(true);
+      sinon.stub(certificationCandidateController, 'validateCertificationInstructions').returns('ok');
+      const httpTestServer = new HttpTestServer();
+      await httpTestServer.register(moduleUnderTest);
+
+      // when
+      const response = await httpTestServer.request(
+        'PATCH',
+        '/api/certification-candidates/3/validate-certification-instructions',
+      );
+      // then
+      expect(response.statusCode).to.equal(200);
+    });
+  });
+
   describe('id validation', function () {
     // eslint-disable-next-line mocha/no-setup-in-describe
     [