Commit graph

1457 commits

Author SHA1 Message Date
simon lehericey
f7299da1e7 launch merge process if an unlinked DS account with the same email exists 2021-10-14 14:47:50 +02:00
simon lehericey
6826bf03b0 Sign in with a user linked by france connect sub (openid)
instead of looking linked user by email because :

- follows FC recommendation to fetch ds account by openid
- the email is not a valid key as many user can share the same FCI email.

The following scenario is now working

A user A (email: 1@mail.com) uses FC to connect to DS
=> It is connected as 1@mail.com

Another user B (email: generic@mail.com) uses FC to connect
=> It is connected as generic@mail.com

The first user A change its FC email to generic@mail.com and connect to DS
=> It is still connected as 1@mail.com
2021-10-14 14:47:50 +02:00
simon lehericey
2f470b25aa spec cleaning 2021-10-14 14:47:50 +02:00
simon lehericey
77d14d4a60 forbid admin merge yet 2021-10-07 15:51:31 +02:00
simon lehericey
5009c583ea Add notice when merging account 2021-10-07 15:51:31 +02:00
simon lehericey
a480b31eb5 merge expert 2021-10-07 15:51:31 +02:00
simon lehericey
136f29524e merge instructeur 2021-10-07 15:51:31 +02:00
simon lehericey
9a6a53349f simple cases when the preexisting targeted account does not have instructeur or profile profile 2021-10-07 15:51:31 +02:00
simon lehericey
c56199e8f7 spec cleaning 2021-10-07 15:51:31 +02:00
simon lehericey
195583c0bd Enable manager specs 2021-10-07 15:51:31 +02:00
kara Diaby
919d708ec4 tests 2021-10-05 15:37:30 +02:00
simon lehericey
f662b28baf update identity_updated_at column when user identity change 2021-10-05 12:05:43 +02:00
Peng-Fei DONG
dee536fca1 app: localize CSV import for groupe instructeurs 2021-10-05 10:58:15 +02:00
simon lehericey
64351d0287 [Fix #6504] Fix exception raised when deleting a transfer 2021-10-01 12:11:03 +02:00
simon lehericey
0cd9bcb1ab fix #6495 2021-09-28 15:53:18 +02:00
Paul Chavard
5933194149 feat(log): stop logging user emails
fix #6485
2021-09-27 14:56:00 +02:00
simon lehericey
07962cc2c7 service: match remote keys 2021-09-22 12:08:24 +02:00
simon lehericey
1446660ca3 an api_particulier_token change erases previous api_particulier_sources 2021-09-21 11:21:10 -05:00
simon lehericey
c87f3f7fb6 faster jeton_particulier_controller_spec 2021-09-21 11:21:10 -05:00
simon lehericey
2e1bed8748 an admin can save its sources 2021-09-21 11:21:10 -05:00
Pierre de La Morinerie
eef90efd49 app: fix exception during password reset when the token has expired 2021-09-21 10:30:09 -05:00
simon lehericey
a7ec77f0a8 do not display the action for instructeur 2021-09-20 13:58:11 +02:00
simon lehericey
7239657a75 [Fix #6481] a user see its waiting transfers 2021-09-20 13:58:11 +02:00
simon lehericey
c34476a766 a user can transfer all its dossier 2021-09-20 13:58:11 +02:00
Paul Chavard
ad5279f4ab test(groupe_instructeur): fix groupe_instructeur controller spec 2021-09-18 11:22:35 +02:00
simon lehericey
5dbd81ebeb show api particulier sources 2021-09-17 13:50:23 +02:00
simon lehericey
1d06c15ac0 save api particulier scopes 2021-09-16 09:49:16 +02:00
simon lehericey
7ee360df30 add logic to detect empty scopes 2021-09-16 09:09:34 +02:00
simon lehericey
ee6d19e3ee an admin can save it's api particulier token
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:56:42 +02:00
simon lehericey
4c0dd43055 add jetons particulier index page
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:37:04 +02:00
Pierre de La Morinerie
5cbf939911 spec: fix syntax of get requests in archives_controller_spec
Those were generating Ruby warnings:

> warning: Using the last argument as keyword parameters is deprecated
2021-09-09 09:58:41 -05:00
Pierre de La Morinerie
80f9d4adc0 devise: use password_strength component in SuperAdmin::PasswordsController 2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
428ca8755f app: add a password_complexity component
This component will replace the previous `password_field` component.
2021-09-09 09:40:39 -05:00
Paul Chavard
74e277d0a2 feat(graphql): add an option to dossier state change mutations to disable notifications 2021-09-07 14:21:48 +02:00
Paul Chavard
9e30d5fc22 fix(virus scan): prevent virus scans in specs 2021-09-07 14:21:48 +02:00
Pierre de La Morinerie
8bb283d977 app: delete old Admin::ProceduresController 2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
a004ac59df app: move archive to NewAdministrateur::ProceduresController 2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
e7c8a9fff5 app: move clone to NewAdministrateur::ProceduresController 2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
56fa7e7cd6 app: move destroy to NewAdministrateur::ProceduresController
The code was already moved; only the route and tests were not.
2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
3e83ad454f app: move new_from_existing to NewAdministrateur::ProceduresController 2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
7729385d89 controllers: remove dead code on Admin::ProceduresController
This code has been migrated to NewAdministrateur::ProceduresController.
2021-09-02 14:51:26 -05:00
Pierre de La Morinerie
0f9d7d6b8c app: remove old Admin::InstructeursController
It was only hosting the deprecated "Instructeurs globally attached to
this admin", which wasn't used anywhere in the app anymore.
2021-09-02 14:40:36 -05:00
Pierre de La Morinerie
b80f6a9f1b spec: fix some manager tests not running 2021-08-26 11:44:47 -05:00
Paul Chavard
1399d9bba9 feat(graphql): expose demarche descriptor on dossier type
We don't want to expose full demarche type on dossiers because it would open the door for recursive queries that we want to avoid. DemarcheDescriptorType is a lightweight representation of demarche metadata.
2021-08-25 11:12:24 +02:00
Ismael MOUSSA S. (T0194673)
330333aac4 6407 - Fix flash message typo in new administrateur/groupe instructeurs controller and its related spec 2021-08-20 20:10:44 +02:00
kara Diaby
69393c2921 modify groupe instructeur controller 2021-07-27 19:38:22 +02:00
kara Diaby
9c976c6b71 fixup! tests 2021-07-27 19:38:21 +02:00
Pierre de La Morinerie
831672391e app: use a long-lived cookie for CSRF token
See the ADR document for rationale.
2021-07-20 11:11:52 +02:00
kara Diaby
0b6c7dace7 tests 2021-07-15 16:32:07 +02:00
kara Diaby
d2d046a39d fix encoding problems with cherlock Holmes gem 2021-07-13 10:58:41 +02:00
Pierre de La Morinerie
37c62ac0a3 app: display standard error page when no cookies are present
This occurs mostly when Safari attempts to perform a POST request
again (without sending any of the cookies).

In that case, our custom `422.html` page is more helpful to the user
(because it has a link to the previous page) than a "No cookies" blank
text.
2021-07-06 16:29:22 +02:00
Pierre de La Morinerie
09933454ff app: improve InvalidAuthenticityToken logging
- Log on all controllers
- Improve description of the controller action involved
- Ignore Safari bogus requests
2021-07-06 12:42:01 +02:00
Christophe Robillard
54d91335f2 remove the ability to download an 'everything' archive
there are sometimes an error that happen when building an everything
archive. The error explanation is not understood at the moment.
To deliver the archive feature quickly, we remove the 'everything' archive for
the moment
2021-07-05 11:05:07 +02:00
Paul Chavard
280e54b59d Enable test revisions 2021-07-01 15:59:07 +02:00
Pierre de La Morinerie
1faf91bdbe experts: protect password update as well as sign-up 2021-06-30 10:46:42 +02:00
Pierre de La Morinerie
6f7a2fde57 experts: fix saving password on sign-in 2021-06-30 10:46:42 +02:00
Pierre de La Morinerie
4f5c5e26ae spec: cleanup spec for Experts::AvisController 2021-06-30 10:46:42 +02:00
Paul Chavard
a4482233b8 [GraphQL] expose deleted dossiers 2021-06-24 11:51:37 +02:00
kara Diaby
309b3414d6 tests 2021-06-22 16:33:38 +02:00
Pierre de La Morinerie
5908b8019a specs: properly use xhr: true in javascript requests
This avoids an unexpected `ActionController::InvalidCrossOriginRequest`
exception to be raised when the forgery protection is disabled.
2021-06-22 13:21:55 +02:00
kara Diaby
6ebd57640c tests 2021-06-15 19:36:46 +02:00
François Vantomme
c9b1095d1e Refactor (Rubocop): replace map{ … }.compact by filter_map
In Ruby 2.7, Enumerable#filter_map has been added.
This cop identifies places where map { … }.compact can be replaced by filter_map.

See: https://docs.rubocop.org/rubocop-performance/cops_performance.html#performancemapcompact
2021-06-11 15:38:09 +02:00
Christophe Robillard
41569efe9d extract estimate_weight
and rename nb_dossiers by nb_dossiers_termines
2021-06-09 10:52:38 +02:00
Paul Chavard
990ae10399 GraphQL byte_size should be BigInt 2021-06-03 10:53:17 +02:00
Paul Chavard
f076fa803e Handle GeoJSON validation errors 2021-06-02 12:43:24 +02:00
Paul Chavard
9b0dae4cc2 Fix apostrophes ‘ -> ’ 2021-05-26 18:05:14 +02:00
Paul Chavard
3b85ade440 Add compatibility cadsatre layer with old API GEO 2021-05-24 11:57:00 +02:00
Paul Chavard
e043645a88 cleanup tests 2021-05-18 11:42:10 +02:00
kara Diaby
468e9e849a tests 2021-05-18 11:42:10 +02:00
simon lehericey
5124e08ccd disable faulty manager spec 2021-05-05 21:34:57 +02:00
simon lehericey
ccce724976 refactor as created fci must have an user_id 2021-05-05 14:36:34 +02:00
Paul Chavard
f6508899de Refactor NotificationMailer 2021-05-04 12:05:06 +02:00
Christophe Robillard
f40d96fbd2 Revert "Revert "Export de tous les dossier d'une démarche""
This reverts commit d9a588b52e.
2021-04-29 17:29:47 +02:00
krichtof
d9a588b52e
Revert "Export de tous les dossier d'une démarche" 2021-04-29 16:07:18 +02:00
Christophe Robillard
9134114c2e fix rubocop offenses 2021-04-28 11:40:58 +02:00
Christophe Robillard
8bee53fe77 rend plus robuste la création de l'archive 2021-04-28 11:40:58 +02:00
Christophe Robillard
71a5e41e5b add archive_zip_globale feature flag 2021-04-28 11:40:58 +02:00
Christophe Robillard
8b2849408c instructeurs can create and download archives 2021-04-28 11:40:58 +02:00
Christophe Robillard
fba0d78153 generate pdf export inside pieces_justificatives_service 2021-04-28 11:40:58 +02:00
Paul Chavard
2a068fb9b0 Remove user feedback buttons 2021-04-22 15:40:40 +01:00
Pierre de La Morinerie
d530b272a1 password: add specific page for reset instructions 2021-04-22 14:24:15 +02:00
Pierre de La Morinerie
62051c926a app: move update_allow_decision_access to ExpertsController 2021-04-06 14:54:18 +02:00
Pierre de La Morinerie
c82c72402d app: move the experts list to ExpertsProceduresController 2021-04-06 14:29:02 +02:00
Pierre de La Morinerie
7acb4cee83 controllers: use standard action names in ExpertsProceduresController 2021-04-06 13:45:51 +02:00
Pierre de La Morinerie
3f25624a5a routes: nest ExpertsProcedures routes in a resource 2021-04-06 13:18:51 +02:00
kara Diaby
8a1cdf31e3 tests 2021-04-06 10:38:46 +02:00
Pierre de La Morinerie
6eadcf614d spec: improve the dossier_controller timestamp specs
Make the specs clearer, and better test the various timestamps.
2021-04-06 10:26:17 +02:00
Paul Chavard
fd48b86b7f Simplify export unicity check and use create_or_find_by 2021-04-01 21:14:16 +01:00
simon lehericey
5b69e087c7 fix sentry test 2021-04-01 11:57:16 +02:00
Paul Chavard
0b22788d60 experts_procedure should not be optional 2021-03-23 13:46:33 +01:00
kara Diaby
81f5a5254b tests 2021-03-18 11:38:52 +01:00
Paul Chavard
866ae256a3 Add revision dossiers filters 2021-03-17 11:53:48 +01:00
Paul Chavard
76aa7bdfe3 Add default nil value for numero_tva_intracommunautaire 2021-03-16 12:57:10 +01:00
Pierre de La Morinerie
75a1046315 active_storage: refactor concerns
Follow-up of #5953.

Refactor the concerns with two goals:

- Getting closer from the way ActiveStorage adds its own hooks.
  Usually ActiveStorage does this using an `Attachment#after_create`
  hook, which then delegates to the blob to enqueue the job.
- Enqueuing each job only once. By hooking on `Attachment#after_create`,
  we guarantee each job will be added only once.

We then let the jobs themselves check if they are relevant or not, and
retry or discard themselves if necessary.

We also need to update the tests a bit, because Rails'
`perform_enqueued_jobs(&block)` test helper doesn't honor the `retry_on`
clause of jobs. Instead it forwards the exception to the caller – which
makes the test fail.

Instead we use the inline version of `perform_enqueued_jobs()`, without
a block, which properly ignores errors catched by retry_on.
2021-03-16 11:49:14 +01:00
Paul Chavard
00d7c3186a fix indentation 2021-03-09 14:47:23 +01:00
Paul Chavard
70500e3d56 Groupe instructeur selector default blank 2021-03-09 14:47:23 +01:00
Paul Chavard
96a832bc19 Add SerializerService 2021-03-02 12:42:22 +01:00
Pierre de La Morinerie
d9ea415d44 specs: fix rspec warning about raise_error specificity 2021-02-23 08:25:31 +01:00
Christophe Robillard
7565a25b51 rend accessible l'affectation d'un instructeur
en remplaçant select2 par ComboMultipleDropdownList
2021-02-16 16:47:14 +01:00
Christophe Robillard
c855d13994 rend accessible l'envoi de dossier par un instructeur
en remplaçant select2 par ComboMultipleDropdownList
2021-02-16 16:47:14 +01:00
kara Diaby
8310dc48bf tests 2021-02-16 09:46:18 +00:00
Paul Chavard
9ce07be1ee [GraphQL] modifier annotation 2021-02-11 17:45:14 +01:00
Christophe Robillard
a288a13805 disable france connect authentication for admin and instructeurs 2021-02-10 18:13:47 +01:00
Pierre de La Morinerie
150ddab660 zeitwerk: Api -> API 2021-02-09 13:07:30 +01:00
Judith
6d89a83d14 unused locales clean-up 2021-02-04 12:15:13 +01:00
Paul Chavard
41c3a98d7d Update Raven references to use Sentry 2021-01-28 19:46:36 +01:00
Paul Chavard
dc08993a89 Add DateTime champ to GraphQL 2021-01-14 14:08:42 +01:00
Paul Chavard
a2e87cbb56 Add attestation, justificatifs, operation_logs and bill_signatures to dossier export 2020-12-16 16:34:31 +01:00
kara Diaby
f3c4040d2d add grace period to deleted dossiers 2020-12-16 15:00:26 +01:00
simon lehericey
d2f3bb18f9 instructeur can delete a dossier UI 2020-12-16 15:00:26 +01:00
kara Diaby
00b5ad7a10 EQT instructeur, je peux supprimer un dossier terminé 2020-12-16 15:00:26 +01:00
Christophe Robillard
94b3ec942b super_admin: check password complexity client side 2020-12-15 16:26:09 +01:00
Paul Chavard
fed300bfe1 Fix and test ActiveStorage::IntegrityError on upload 2020-12-11 10:30:17 +01:00
Paul Chavard
65d650eba6 Better graphql mutation error messages 2020-12-10 18:35:24 +01:00
kara Diaby
f748ccfc9e Appelle l'API entreprise avec le token en Header 2020-12-10 17:49:49 +01:00
Paul Chavard
cac981cf42 fix warning with ruby 2.7 2020-11-25 10:46:34 +01:00
Paul Chavard
b897e0cc1c [GraphQL] add better errors when attachments are not properly used 2020-11-17 12:40:14 +01:00
Christophe Robillard
9347951cea act as an saml identity provider 2020-11-16 12:19:54 +01:00
kara Diaby
bc0f77978f add an api token verification for api entreprise 2020-11-09 16:58:24 +01:00
Christophe Robillard
5562e65bf3 refacto: rename administration to super_admin 2020-11-05 16:03:55 +01:00
Christophe Robillard
2a0ebd062a enable 2FA for manager
when trying to access manager, if superadmin did'nt enable otp, he/she is redirected to a page to enable 2FA. When superadmin is enabling 2FA, he has to to scan a qrcode with the 2FA application client. And afterwards, the superadmin has to log in with email, password and OTP code.
2020-11-05 16:03:55 +01:00
Christophe Robillard
6c2eb22960 remove github authentication for manager 2020-11-05 16:03:55 +01:00
Kara Diaby
0bd48999bd
Revert "feat/5635 - Supprime la possibilité pour l'expert invité d'envoyer un message" 2020-10-12 09:24:34 +02:00
kara Diaby
6636b7f14c Supprime la possibilité pour l'expert invité d'envoyer un message à l'usager 2020-10-08 11:14:09 +02:00
Paul Chavard
0aa06d0197 [GraphQL] expose dossier pdf, geojson and attestation 2020-10-06 21:54:43 +02:00
kara Diaby
9207cc5aa5 Ajoute un flag pour qu'un expert ne puisse pas inviter une autre personne à donner son avis sur un dossier 2020-10-02 18:57:29 +02:00
kara Diaby
57adb90c8f add the possibility for administrator to refuse external review on a specific procedure 2020-10-01 10:55:19 +02:00
clemkeirua
67b8bf4754 smaller font-size for large footers in attestation 2020-09-30 14:05:12 +02:00
kara Diaby
e174079850 fix send a copy link 2020-09-30 10:03:08 +02:00
Paul Chavard
061a743759 [GraphQL] Add archiver mutation 2020-09-22 08:34:38 +00:00
clemkeirua
005c244438 fixup! add fix for nil values on numeroVoie and typeVoie 2020-09-22 10:17:54 +02:00
clemkeirua
7ba8ab9e6a maj du schema json 2020-09-22 10:14:55 +02:00
clemkeirua
412a87e532 add fix for nil values on numeroVoie and typeVoie 2020-09-22 09:43:44 +02:00
clemkeirua
1173f1e459 add default values when nil 2020-09-22 09:43:44 +02:00
clemkeirua
adb2a91640 add a broken test case 2020-09-22 09:43:44 +02:00
clemkeirua
4c17acf349 ajout du code effectif entreprise dans une spec graphql nominale 2020-09-22 09:43:44 +02:00
clemkeirua
f96377d878 refactor Dossier#with_notifications 2020-09-21 08:28:42 +00:00
clemkeirua
d01a53eb72 remove :cached_notifications gate 2020-09-21 08:28:42 +00:00
clemkeirua
2b23eefee2 fix tests that now requir an admin user to have a strong password 2020-09-18 11:16:34 +02:00
clemkeirua
6643b598c3 remove :administrateur_graphql 2020-09-17 09:24:50 +02:00
clemkeirua
01ac4d7e19 remove operation_log_serialize_subject 2020-09-17 09:24:50 +02:00
kara Diaby
13e4589905 Publications page to the new UI (admin) 2020-09-16 09:15:44 +02:00
clemkeirua
a62907f33b add more tests for phone numbers 2020-09-09 09:00:03 +02:00
clemkeirua
52d5a52ff9 test fonctionnel notifications avis 2020-09-08 15:40:42 +00:00
clemkeirua
bfd24e8aee test fonctionnel notification annotations privees 2020-09-08 15:40:42 +00:00
clemkeirua
b7b61e79ab test fonctionnel notification champ 2020-09-08 15:40:42 +00:00
clemkeirua
1fafcad401 test fonctionnel notifications commentaire 2020-09-08 15:40:42 +00:00
Paul Chavard
91bc2db594 Expose revisions on GraphQL API 2020-09-08 10:54:13 +02:00
kara Diaby
ae61c279af migrate emails text editor to new interface 2020-09-03 14:42:22 +02:00
Paul Chavard
6a33a8e48b update controllers specs to use revisions 2020-09-02 11:26:26 +02:00