commit
64da597dae
10 changed files with 20 additions and 44 deletions
|
@ -35,6 +35,7 @@ class ActiveStorage::VirusScanner
|
||||||
end
|
end
|
||||||
|
|
||||||
def metadata
|
def metadata
|
||||||
|
begin
|
||||||
download_blob_to_tempfile do |file|
|
download_blob_to_tempfile do |file|
|
||||||
if ClamavService.safe_file?(file.path)
|
if ClamavService.safe_file?(file.path)
|
||||||
{ virus_scan_result: SAFE, scanned_at: Time.zone.now }
|
{ virus_scan_result: SAFE, scanned_at: Time.zone.now }
|
||||||
|
@ -42,5 +43,8 @@ class ActiveStorage::VirusScanner
|
||||||
{ virus_scan_result: INFECTED, scanned_at: Time.zone.now }
|
{ virus_scan_result: INFECTED, scanned_at: Time.zone.now }
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
rescue StandardError => e
|
||||||
|
Raven.capture_exception(e)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -22,17 +22,6 @@ class Helpscout::API
|
||||||
})
|
})
|
||||||
end
|
end
|
||||||
|
|
||||||
def add_custom_fields(conversation_id, dossier_id, browser)
|
|
||||||
body = {
|
|
||||||
'Dossier ID': dossier_id,
|
|
||||||
'Browser': browser
|
|
||||||
}.compact.map do |key, value|
|
|
||||||
{ id: custom_fields[key], value: value }
|
|
||||||
end
|
|
||||||
|
|
||||||
call_api(:put, "#{CONVERSATIONS}/#{conversation_id}/#{FIELDS}", { fields: body })
|
|
||||||
end
|
|
||||||
|
|
||||||
def create_conversation(email, subject, text, file)
|
def create_conversation(email, subject, text, file)
|
||||||
body = {
|
body = {
|
||||||
subject: subject,
|
subject: subject,
|
||||||
|
|
|
@ -41,8 +41,6 @@ class Helpscout::FormAdapter
|
||||||
|
|
||||||
if conversation_id.present?
|
if conversation_id.present?
|
||||||
add_tags(conversation_id)
|
add_tags(conversation_id)
|
||||||
add_custom_fields(conversation_id)
|
|
||||||
|
|
||||||
true
|
true
|
||||||
else
|
else
|
||||||
false
|
false
|
||||||
|
@ -55,10 +53,6 @@ class Helpscout::FormAdapter
|
||||||
@api.add_tags(conversation_id, params[:tags])
|
@api.add_tags(conversation_id, params[:tags])
|
||||||
end
|
end
|
||||||
|
|
||||||
def add_custom_fields(conversation_id)
|
|
||||||
@api.add_custom_fields(conversation_id, params[:dossier_id], params[:browser])
|
|
||||||
end
|
|
||||||
|
|
||||||
def create_conversation
|
def create_conversation
|
||||||
response = @api.create_conversation(
|
response = @api.create_conversation(
|
||||||
params[:email],
|
params[:email],
|
||||||
|
|
|
@ -20,7 +20,7 @@ class AttestationTemplateLogoUploader < BaseUploader
|
||||||
|
|
||||||
# Add a white list of extensions which are allowed to be uploaded.
|
# Add a white list of extensions which are allowed to be uploaded.
|
||||||
# For images you might use something like this:
|
# For images you might use something like this:
|
||||||
def extension_white_list
|
def extension_whitelist
|
||||||
['jpg', 'jpeg', 'png']
|
['jpg', 'jpeg', 'png']
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -20,7 +20,7 @@ class AttestationTemplateSignatureUploader < BaseUploader
|
||||||
|
|
||||||
# Add a white list of extensions which are allowed to be uploaded.
|
# Add a white list of extensions which are allowed to be uploaded.
|
||||||
# For images you might use something like this:
|
# For images you might use something like this:
|
||||||
def extension_white_list
|
def extension_whitelist
|
||||||
['jpg', 'jpeg', 'png']
|
['jpg', 'jpeg', 'png']
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -13,11 +13,11 @@ class CommentaireFileUploader < BaseUploader
|
||||||
"uploads/#{model.class.to_s.underscore}/#{mounted_as}/#{model.id}"
|
"uploads/#{model.class.to_s.underscore}/#{mounted_as}/#{model.id}"
|
||||||
end
|
end
|
||||||
|
|
||||||
def extension_white_list
|
def extension_whitelist
|
||||||
['pdf', 'doc', 'docx', 'xls', 'xlsx', 'ppt', 'pptx', 'odt', 'ods', 'odp', 'jpg', 'jpeg', 'png', 'zip', 'txt']
|
['pdf', 'doc', 'docx', 'xls', 'xlsx', 'ppt', 'pptx', 'odt', 'ods', 'odp', 'jpg', 'jpeg', 'png', 'zip', 'txt']
|
||||||
end
|
end
|
||||||
|
|
||||||
def accept_extension_list
|
def accept_extension_list
|
||||||
extension_white_list.map { |e| ".#{e}" }.join(",")
|
extension_whitelist.map { |e| ".#{e}" }.join(",")
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -18,7 +18,7 @@ class PieceJustificativeUploader < BaseUploader
|
||||||
|
|
||||||
# Add a white list of extensions which are allowed to be uploaded.
|
# Add a white list of extensions which are allowed to be uploaded.
|
||||||
# For images you might use something like this:
|
# For images you might use something like this:
|
||||||
def extension_white_list
|
def extension_whitelist
|
||||||
['pdf', 'doc', 'docx', 'xls', 'xlsx', 'ppt', 'pptx', 'odt', 'ods', 'odp', 'jpg', 'jpeg', 'png']
|
['pdf', 'doc', 'docx', 'xls', 'xlsx', 'ppt', 'pptx', 'odt', 'ods', 'odp', 'jpg', 'jpeg', 'png']
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -20,7 +20,7 @@ class ProcedureLogoUploader < BaseUploader
|
||||||
|
|
||||||
# Add a white list of extensions which are allowed to be uploaded.
|
# Add a white list of extensions which are allowed to be uploaded.
|
||||||
# For images you might use something like this:
|
# For images you might use something like this:
|
||||||
def extension_white_list
|
def extension_whitelist
|
||||||
['jpg', 'jpeg', 'png']
|
['jpg', 'jpeg', 'png']
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -1,18 +1,11 @@
|
||||||
Rails.application.config.content_security_policy do |policy|
|
Rails.application.config.content_security_policy do |policy|
|
||||||
# En cas de non respect d'une des règles, faire un POST sur cette URL
|
# En cas de non respect d'une des règles, faire un POST sur cette URL
|
||||||
policy.report_uri "https://e30e0ed9c14194254481124271b34a72.report-uri.com/r/d/csp/reportOnly"
|
policy.report_uri "https://demarches-simplifiees.report-uri.com/r/d/csp/reportOnly"
|
||||||
# Whitelist image
|
# Whitelist image
|
||||||
policy.img_src :self, "https://*.openstreetmap.org"
|
policy.img_src :self, "*.openstreetmap.org", "static.demarches-simplifiees.fr", "*.cloud.ovh.net", "stats.data.gouv.fr"
|
||||||
# Whitelist JS: nous, sendinblue et matomo, et… miniprofiler :(
|
# Whitelist JS: nous, sendinblue et matomo
|
||||||
if Rails.env.development?
|
# miniprofiler et nous avons quelques boutons inline :(
|
||||||
# https://github.com/MiniProfiler/rack-mini-profiler/issues/327
|
policy.script_src :self, "*.sibautomation.com", "stats.data.gouv.fr", "*.sendinblue.com", :unsafe_eval, :unsafe_inline
|
||||||
policy.script_src :self, "https://sibautomation.com", "//stats.data.gouv.fr", :unsafe_eval, :unsafe_inline
|
|
||||||
else
|
|
||||||
policy.script_src :self, "https://sibautomation.com", "//stats.data.gouv.fr"
|
|
||||||
end
|
|
||||||
# Génération d'un nonce pour les balises script inline qu'on maitrise (Gon)
|
|
||||||
Rails.application.config.content_security_policy_nonce_generator = -> _request { SecureRandom.base64(16) }
|
|
||||||
|
|
||||||
# Pour les CSS, on a beaucoup de style inline et quelques balises <style>
|
# Pour les CSS, on a beaucoup de style inline et quelques balises <style>
|
||||||
# c'est trop compliqué pour être rectifié immédiatement (et sans valeur ajoutée:
|
# c'est trop compliqué pour être rectifié immédiatement (et sans valeur ajoutée:
|
||||||
# c'est hardcodé dans les vues, donc pas injectable).
|
# c'est hardcodé dans les vues, donc pas injectable).
|
||||||
|
|
|
@ -62,8 +62,6 @@ describe Helpscout::FormAdapter do
|
||||||
.with(email, subject, text, nil)
|
.with(email, subject, text, nil)
|
||||||
expect(api).to have_received(:add_tags)
|
expect(api).to have_received(:add_tags)
|
||||||
.with(conversation_id, tags)
|
.with(conversation_id, tags)
|
||||||
expect(api).to have_received(:add_custom_fields)
|
|
||||||
.with(conversation_id, nil, nil)
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -102,8 +100,6 @@ describe Helpscout::FormAdapter do
|
||||||
.with(email, subject, text, nil)
|
.with(email, subject, text, nil)
|
||||||
expect(api).to have_received(:add_phone_number)
|
expect(api).to have_received(:add_phone_number)
|
||||||
.with(email, phone)
|
.with(email, phone)
|
||||||
expect(api).to have_received(:add_custom_fields)
|
|
||||||
.with(conversation_id, nil, nil)
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue