Merge pull request #6958 from betagouv/main

2022-02-15-01
This commit is contained in:
Pierre de La Morinerie 2022-02-15 11:40:55 +01:00 committed by GitHub
commit b35df95713
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
20 changed files with 225 additions and 134 deletions

View file

@ -276,6 +276,8 @@ class ApplicationController < ActionController::Base
matomo = Rails.application.secrets.matomo
{
cookie_domain: matomo[:cookie_domain],
domain: matomo[:domain],
enabled: matomo[:enabled],
host: matomo[:host],
key: matomo[:client_key]

View file

@ -1,4 +1,4 @@
const { enabled, host, key } = gon.matomo || {};
const { cookieDomain, domain, enabled, host, key } = gon.matomo || {};
if (enabled) {
window._paq = window._paq || [];
@ -10,8 +10,8 @@ if (enabled) {
// Configure Matomo analytics
//
window._paq.push(['setCookieDomain', '*.www.demarches-simplifiees.fr']);
window._paq.push(['setDomains', ['*.www.demarches-simplifiees.fr']]);
window._paq.push(['setCookieDomain', cookieDomain]);
window._paq.push(['setDomains', [domain]]);
// Dont store any cookies or send any tracking request when the "Do Not Track" browser setting is enabled.
window._paq.push(['setDoNotTrack', true]);
// When enabling external link tracking, consider that it will also report links to attachments.

View file

@ -1,18 +1,18 @@
class ClamavService
def self.safe_file?(file_path)
if Rails.env.development?
return true
end
return true if !Rails.configuration.x.clamav.enabled
FileUtils.chmod(0666, file_path)
client = ClamAV::Client.new
response = client.execute(ClamAV::Commands::ScanCommand.new(file_path)).first
if response.class == ClamAV::SuccessResponse
case response
when ClamAV::SuccessResponse
true
elsif response.class == ClamAV::VirusResponse
when ClamAV::VirusResponse
false
elsif response.class == ClamAV::ErrorResponse
when ClamAV::ErrorResponse
raise "ClamAV ErrorResponse : #{response.error_str}"
else
raise "ClamAV unkown response #{response.class.name}"

View file

@ -23,9 +23,7 @@
= button_to repousser_expiration_instructeur_dossier_path(dossier.procedure, dossier), class: 'button mt-2', id: 'test-instructeur-repousser-expiration' do
%span.icon.standby
= t('instructeurs.dossiers.header.banner.button_delay_expiration')
- else
- elsif dossier.en_instruction? && dossier.procedure.procedure_expires_when_termine_enabled
%p.expires_at_en_instruction
%small= t("shared.dossiers.header.expires_at.en_instruction")

View file

@ -0,0 +1,51 @@
.landing-panel
.container
%h2.landing-panel-title Ce que les utilisateurs pensent du service
%ul.quotes
%li.quote
%img.quote-quotation-mark{ :src => image_url("landing/testimonials/quotation-mark.svg"), alt: "" }
.quote-content-wrapper
%p.quote-content
Les échanges avec les usagers sont facilités, ce qui permet de réduire les délais dinstructions et de gagner en efficacité.
%p.quote-author
%span.quote-author-name Elodie Le Rhun
%br
Cheffe de bureau, DRIEA Ile-de-France
%li.quote
%img.quote-quotation-mark{ :src => image_url("landing/testimonials/quotation-mark.svg"), alt: "" }
.quote-content-wrapper
%p.quote-content
Un service qui garantit une économie de temps et beaucoup moins de manipulations des dossiers.
%p.quote-author
%span.quote-author-name Nadja Briki
%br
Déléguée de la Préfète du Pas-de-Calais
%ul.quotes
%li.quote
%img.quote-quotation-mark{ :src => image_url("landing/testimonials/quotation-mark.svg"), alt: "" }
.quote-content-wrapper
%p.quote-content
Parfait, cela fonctionne très bien ! Merci encore pour votre réactivité.
%p.quote-author
%span.quote-author-name Max A.
%br
à notre service support
%li.quote
%img.quote-quotation-mark{ :src => image_url("landing/testimonials/quotation-mark.svg"), alt: "" }
.quote-content-wrapper
%p.quote-content
★★★★★
%br
Eh les cocos, il y a la télé-procédure
%p.quote-author
%span.quote-author-name Hisham M.
%br
sur le site de la DRIEA

View file

@ -0,0 +1,37 @@
.landing-panel.users-panel
.container
%h2.landing-panel-title Ils utilisent déjà #{APPLICATION_NAME}
%ul.users
%li.user
= link_to "https://www.ecologique-solidaire.gouv.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/mtes.jpg"), alt: "Ministère de la Transition Écologique et Solidaire" }
%li.user
= link_to "https://www.iledefrance.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/region-idf.jpg"), alt: "Région Île-de-France" }
%li.user
= link_to "http://www.artisanat.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/chambres-de-metiers.jpg"), alt: "Chambres des Métiers et de l'Artisanat" }
%li.user
= link_to "http://www.cci.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/cci.jpg"), alt: "CCI de France" }
%li.user
= link_to "http://www.driea.ile-de-france.developpement-durable.gouv.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/driea-idf.jpg"), alt: "Direction Régionale et Interdépartementale de l'Équipement et de l'Aménagement" }
%ul.users
%li.user
= link_to "https://www.debatpublic.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/cndp.jpg"), alt: "Commission Nationale du Débat Public" }
%li.user
= link_to "https://www.iledefrance.ars.sante.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/ars-idf.jpg"), alt: "Agence Régionale de Santé dÎle-de-France" }
%li.user
= link_to "http://www.franceagrimer.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/france-agrimer.jpg"), alt: "FranceAgrimer" }
%li.user
= link_to "http://www.rhone.gouv.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/prefecture-rhone.jpg"), alt: "Préfecture de la région Rhône-Alpes" }
%li.user
= link_to "http://www.lillemetropole.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/mel.jpg"), alt: "Métropole Européenne de Lille" }

View file

@ -82,57 +82,7 @@
%br
à l'ensemble des services de l'État plateforme
.landing-panel
.container
%h2.landing-panel-title Ce que les utilisateurs pensent du service
%ul.quotes
%li.quote
%img.quote-quotation-mark{ :src => image_url("landing/testimonials/quotation-mark.svg"), alt: "" }
.quote-content-wrapper
%p.quote-content
Les échanges avec les usagers sont facilités, ce qui permet de réduire les délais dinstructions et de gagner en efficacité.
%p.quote-author
%span.quote-author-name Elodie Le Rhun
%br
Cheffe de bureau, DRIEA Ile-de-France
%li.quote
%img.quote-quotation-mark{ :src => image_url("landing/testimonials/quotation-mark.svg"), alt: "" }
.quote-content-wrapper
%p.quote-content
Un service qui garantit une économie de temps et beaucoup moins de manipulations des dossiers.
%p.quote-author
%span.quote-author-name Nadja Briki
%br
Déléguée de la Préfète du Pas-de-Calais
%ul.quotes
%li.quote
%img.quote-quotation-mark{ :src => image_url("landing/testimonials/quotation-mark.svg"), alt: "" }
.quote-content-wrapper
%p.quote-content
Parfait, cela fonctionne très bien ! Merci encore pour votre réactivité.
%p.quote-author
%span.quote-author-name Max A.
%br
à notre service support
%li.quote
%img.quote-quotation-mark{ :src => image_url("landing/testimonials/quotation-mark.svg"), alt: "" }
.quote-content-wrapper
%p.quote-content
★★★★★
%br
Eh les cocos, il y a la télé-procédure
%p.quote-author
%span.quote-author-name Hisham M.
%br
sur le site de la DRIEA
= render partial: "root/testimonials" if LANDING_TESTIMONIALS_ENABLED
- cache "numbers-panel", :expires_in => 3.hours do
.landing-panel.numbers-panel
@ -161,43 +111,7 @@
%br<>
des délais de traitement
.landing-panel.users-panel
.container
%h2.landing-panel-title Ils utilisent déjà #{APPLICATION_NAME}
%ul.users
%li.user
= link_to "https://www.ecologique-solidaire.gouv.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/mtes.jpg"), alt: "Ministère de la Transition Écologique et Solidaire" }
%li.user
= link_to "https://www.iledefrance.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/region-idf.jpg"), alt: "Région Île-de-France" }
%li.user
= link_to "http://www.artisanat.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/chambres-de-metiers.jpg"), alt: "Chambres des Métiers et de l'Artisanat" }
%li.user
= link_to "http://www.cci.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/cci.jpg"), alt: "CCI de France" }
%li.user
= link_to "http://www.driea.ile-de-france.developpement-durable.gouv.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/driea-idf.jpg"), alt: "Direction Régionale et Interdépartementale de l'Équipement et de l'Aménagement" }
%ul.users
%li.user
= link_to "https://www.debatpublic.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/cndp.jpg"), alt: "Commission Nationale du Débat Public" }
%li.user
= link_to "https://www.iledefrance.ars.sante.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/ars-idf.jpg"), alt: "Agence Régionale de Santé dÎle-de-France" }
%li.user
= link_to "http://www.franceagrimer.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/france-agrimer.jpg"), alt: "FranceAgrimer" }
%li.user
= link_to "http://www.rhone.gouv.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/prefecture-rhone.jpg"), alt: "Préfecture de la région Rhône-Alpes" }
%li.user
= link_to "http://www.lillemetropole.fr/", target: :blank, rel: "noopener noreferrer" do
%img.user-image{ :src => image_url("landing/users/mel.jpg"), alt: "Métropole Européenne de Lille" }
= render partial: "root/users" if LANDING_USERS_ENABLED
.landing-panel.cta-panel-2
.container

View file

@ -19,9 +19,7 @@
= button_to users_dossier_repousser_expiration_path(dossier), class: 'button mt-2', id: 'test-user-repousser-expiration' do
%span.icon.standby
= t('users.dossiers.header.banner.button_delay_expiration', duree_conservation_dossiers_dans_ds: dossier.procedure.duree_conservation_dossiers_dans_ds)
- else
- elsif dossier.en_instruction? && dossier.procedure.procedure_expires_when_termine_enabled
%p.expires_at_en_instruction
%small= t("shared.dossiers.header.expires_at.en_instruction")

View file

@ -76,5 +76,9 @@ module TPS
}
config.skylight.probes += [:graphql]
# Custom Configuration
# @see https://guides.rubyonrails.org/configuring.html#custom-configuration
config.x.clamav.enabled = ENV.fetch("CLAMAV_ENABLED", "enabled") == "enabled"
end
end

View file

@ -28,8 +28,16 @@ BASIC_AUTH_ENABLED="disabled"
BASIC_AUTH_USERNAME=""
BASIC_AUTH_PASSWORD=""
# Object Storage for attachments
FOG_ENABLED="disabled"
# ActiveStorage service to use for attached files.
# Possible values:
# - "local": store files on the local filesystem
# - "amazon": store files remotely on an S3 storage service
# - "openstack": store files remotely on an OpenStack storage service
#
# (See config/storage.yml for the configuration of each service.)
ACTIVE_STORAGE_SERVICE="local"
# Configuration for the OpenStack storage service (if enabled)
FOG_OPENSTACK_API_KEY=""
FOG_OPENSTACK_USERNAME=""
FOG_OPENSTACK_URL=""
@ -67,6 +75,8 @@ SENTRY_DSN_JS=""
# External service: Matomo web analytics
MATOMO_ENABLED="disabled"
MATOMO_COOKIE_DOMAIN="*.www.demarches-simplifiees.fr"
MATOMO_DOMAIN="*.www.demarches-simplifiees.fr"
MATOMO_ID=""
MATOMO_HOST="matomo.example.org"
@ -88,11 +98,17 @@ SENDINBLUE_BALANCING="disabled"
SENDINBLUE_BALANCING_VALUE="50"
# Alternate SMTP Provider: Mailtrap (mail catcher for staging environments)
# When enabled, all emails will be sent using this provided
# When enabled, all emails will be sent using this provider
MAILTRAP_ENABLED="disabled"
MAILTRAP_USERNAME=""
MAILTRAP_PASSWORD=""
# Alternative SMTP Provider: Mailcatcher (Catches mail and serves it through a dream.)
# When enabled, all emails will be sent using this provider
MAILCATCHER_ENABLED="disabled"
MAILCATCHER_HOST=""
MAILCATCHER_PORT=""
# External service: live chat for admins (specific to démarches-simplifiées.fr)
CRISP_ENABLED="disabled"
CRISP_CLIENT_KEY=""
@ -138,3 +154,6 @@ ENCRYPTION_SERVICE_SALT=""
# Salt for invisible_captcha session data.
# Must be the same value for all app instances behind a load-balancer.
INVISIBLE_CAPTCHA_SECRET="kikooloool"
# Clamav antivirus usage
CLAMAV_ENABLED="disabled"

View file

@ -102,3 +102,7 @@ MATOMO_IFRAME_URL="https://matomo.example.org/index.php?module=CoreAdminHome&act
# PROVIDER_LOGO_ALT="Logo DINUM"
# PROVIDER_LOGO_HEIGHT="161"
# PROVIDER_LOGO_WIDTH="138"
# Landing page sections
# LANDING_TESTIMONIALS_ENABLED="enabled"
# LANDING_USERS_ENABLED="enabled"

View file

@ -40,7 +40,7 @@ Rails.application.configure do
config.action_mailer.raise_delivery_errors = false
# Store uploaded files on the local file system (see config/storage.yml for options).
config.active_storage.service = ENV['FOG_ENABLED'] == 'enabled' ? :openstack : :local
config.active_storage.service = ENV.fetch("ACTIVE_STORAGE_SERVICE").to_sym
# Print deprecation notices to the Rails logger.
config.active_support.deprecation = :log
@ -77,15 +77,12 @@ Rails.application.configure do
# Action Mailer settings
config.action_mailer.delivery_method = :letter_opener
config.action_mailer.default_url_options = {
host: 'localhost',
port: 3000
}
config.action_mailer.asset_host = "http://" + ENV['APP_HOST']
config.action_mailer.default_url_options = { host: ENV.fetch("APP_HOST") }
config.action_mailer.asset_host = "http://" + ENV.fetch("APP_HOST")
Rails.application.routes.default_url_options = {
host: 'localhost',
port: 3000
host: ENV.fetch("APP_HOST"),
protocol: :http
}
# Use Content-Security-Policy-Report-Only headers
@ -111,4 +108,6 @@ Rails.application.configure do
if ENV['IGN_CARTE_REFERER']
config.hosts << ENV['IGN_CARTE_REFERER']
end
config.hosts << ENV.fetch("APP_HOST")
end

View file

@ -89,7 +89,8 @@ Rails.application.configure do
elsif ENV['SENDINBLUE_ENABLED'] == 'enabled'
config.action_mailer.delivery_method = :sendinblue
elsif ENV['MAILCATCHER_ENABLED'] == 'enabled'
config.action_mailer.delivery_method = :mailcatcher
else
config.action_mailer.delivery_method = :mailjet
end
@ -106,7 +107,7 @@ Rails.application.configure do
# the I18n.default_locale when a translation cannot be found).
config.i18n.fallbacks = true
config.active_storage.service = :openstack
config.active_storage.service = ENV.fetch("ACTIVE_STORAGE_SERVICE").to_sym
# Send deprecation notices to registered listeners.
config.active_support.deprecation = :notify

View file

@ -0,0 +1,3 @@
# Hide or show the landing page sections
LANDING_TESTIMONIALS_ENABLED = ENV.fetch("LANDING_TESTIMONIALS_ENABLED", "enabled") == "enabled"
LANDING_USERS_ENABLED = ENV.fetch("LANDING_USERS_ENABLED", "enabled") == "enabled"

View file

@ -0,0 +1,13 @@
if ENV.fetch('MAILCATCHER_ENABLED') == 'enabled'
ActiveSupport.on_load(:action_mailer) do
module Mailcatcher
class SMTP < ::Mail::SMTP; end
end
ActionMailer::Base.add_delivery_method :mailcatcher, Mailcatcher::SMTP
ActionMailer::Base.mailcatcher_settings = {
address: ENV.fetch("MAILCATCHER_HOST"),
port: ENV.fetch("MAILCATCHER_PORT")
}
end
end

View file

@ -54,6 +54,8 @@ defaults: &defaults
smtp_key: <%= ENV['SENDINBLUE_SMTP_KEY'] %>
api_v3_key: <%= ENV['SENDINBLUE_API_V3_KEY'] %>
matomo:
cookie_domain: "<%= ENV['MATOMO_COOKIE_DOMAIN'] %>"
domain: "<%= ENV['MATOMO_DOMAIN'] %>"
enabled: <%= ENV['MATOMO_ENABLED'] == 'enabled' %>
host: <%= ENV['MATOMO_HOST'] %>
client_key: <%= ENV['MATOMO_ID'] %>

View file

@ -4,25 +4,51 @@ describe ClamavService do
subject { ClamavService.safe_file?(path_file) }
before do
client = double("ClamAV::Client", execute: [response])
allow(ClamAV::Client).to receive(:new).and_return(client)
allow(FileUtils).to receive(:chmod).with(0666, path_file).and_return(true)
context "when ClamAV is enabled" do
before do
@saved_clamav = Rails.configuration.x.clamav.enabled
Rails.configuration.x.clamav.enabled = true
client = double("ClamAV::Client", execute: [response])
allow(ClamAV::Client).to receive(:new).and_return(client)
allow(FileUtils).to receive(:chmod).with(0666, path_file).and_return(true)
end
after do
Rails.configuration.x.clamav.enabled = @saved_clamav
end
context 'When response type is ClamAV::SuccessResponse' do
let(:response) { ClamAV::SuccessResponse.new("OK") }
it { expect(subject).to eq(true) }
end
context 'When response type is ClamAV::VirusResponse' do
let(:response) { ClamAV::VirusResponse.new("KO", "VirusN4ame") }
it { expect(subject).to eq(false) }
end
context 'When response type is ClamAV::ErrorResponse' do
let(:response) { ClamAV::ErrorResponse.new("File not found") }
it { expect { subject }.to raise_error("ClamAV ErrorResponse : File not found") }
end
end
context 'When response type is ClamAV::SuccessResponse' do
let(:response) { ClamAV::SuccessResponse.new("OK") }
it { expect(subject).to eq(true) }
end
context "when ClamAV is disabled" do
before do
@saved_clamav = Rails.configuration.x.clamav.enabled
Rails.configuration.x.clamav.enabled = false
end
context 'When response type is ClamAV::VirusResponse' do
let(:response) { ClamAV::VirusResponse.new("KO", "VirusN4ame") }
it { expect(subject).to eq(false) }
end
after do
Rails.configuration.x.clamav.enabled = @saved_clamav
end
context 'When response type is ClamAV::ErrorResponse' do
let(:response) { ClamAV::ErrorResponse.new("File not found") }
it { expect { subject }.to raise_error("ClamAV ErrorResponse : File not found") }
it do
expect(ClamAV::Client).not_to receive(:new)
expect(FileUtils).not_to receive(:chmod)
expect(subject).to eq(true)
end
end
end
end

View file

@ -23,6 +23,16 @@ describe 'instructeur/dossiers/expiration_banner.html.haml', type: :view do
it 'render estimated expiration date' do
expect(subject).not_to have_selector('.expires_at')
end
context 'with dossier.en_instruction?' do
let(:state) { :en_instruction }
let(:attributes) { {} }
it 'does not render estimated expiration date' do
expect(subject).not_to have_selector('p.expires_at_en_instruction',
text: I18n.t("shared.dossiers.header.expires_at.en_instruction"))
end
end
end
context 'with procedure having procedure_expires_when_termine_enabled enabled' do

View file

@ -24,6 +24,16 @@ describe 'users/dossiers/expiration_banner.html.haml', type: :view do
it 'render estimated expiration date' do
expect(subject).not_to have_selector('.expires_at')
end
context 'with dossier.en_instruction?' do
let(:state) { :en_instruction }
let(:attributes) { {} }
it 'does not render estimated expiration date' do
expect(subject).not_to have_selector('p.expires_at_en_instruction',
text: I18n.t("shared.dossiers.header.expires_at.en_instruction"))
end
end
end
context 'with procedure having procedure_expires_when_termine_enabled enabled' do

View file

@ -6345,9 +6345,9 @@ folder-walker@^3.2.0:
from2 "^2.1.0"
follow-redirects@^1.0.0:
version "1.14.7"
resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.14.7.tgz#2004c02eb9436eee9a21446a6477debf17e81685"
integrity sha512-+hbxoLbFMbRKDwohX8GkTataGqO6Jb7jGwpAlwgy2bIz25XtRm7KEzJM76R1WiNT5SwZkX4Y75SwBolkpmE7iQ==
version "1.14.8"
resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.14.8.tgz#016996fb9a11a100566398b1c6839337d7bfa8fc"
integrity sha512-1x0S9UVJHsQprFcEC/qnNzBLcIxsjAV905f/UkQxbclCsoTWlacCNOpQa/anodLl2uaEKFhfWOvM2Qg77+15zA==
for-in@^1.0.2:
version "1.0.2"