Commit graph

1500 commits

Author SHA1 Message Date
simon lehericey
5a0fb6237f 😭 AASM does not support keyword arguments
https://github.com/aasm/aasm/issues/672
2021-11-30 09:42:45 +01:00
Pierre de La Morinerie
184a401182 app: rename new_administrateur to administrateurs 2021-11-30 08:49:38 +01:00
simon lehericey
a0c0520502 avoid redirection to a deleted user 2021-11-29 15:27:17 +01:00
Kara Diaby
c75a9b6271 tests 2021-11-29 14:30:17 +01:00
kara Diaby
06540c1b93 tests 2021-11-26 09:45:13 +01:00
Martin
fdf0f18fda fix(i18n): wrap text under i18n.t
i18n(france_connect/*): replace wording with i18n

fix(lint): i18n key issue

secu(views/france_connect/particulier/merge.html.haml): sanitize france_connect_email just in case

fix(brakeman): sanitize FCI.email_france_connect when used with html_safe via an I18n.t, also add exception to brakeman
2021-11-25 17:34:37 +01:00
Martin
21894d0a0a feat(france_connect/particulier#callback): in case the FC email exists as an DC account which is an instructor or and administrator, returns early to new_session_path so he can connect with this existing account 2021-11-25 17:34:36 +01:00
Martin
ff073f8884 Add confirmation by email when merging DC/FC accounts
feat(fci.confirmation_code): add confirmation code to france_connect_informations

feat(user_mailer.france_connect_confirmation_code): add confirmation by email mail method/preview/spec, pointing to merge_mail_with_existing_account (reuse existing method)

feat(mail_merge): mail merge

feat(merge.cannot_use_france_connect): same behaviour as callback

clean(fci.confirmation_code): use same token for mail validation as merge

feat(resend_france_connect/particulier/merge_confirmation): resend email with link. also enhance some trads, cleanup halfy finished refacto

clean(tech): finalize story by plugging merge_with_new_account to email validation

fix(deadspec): was removed

fix(spec): broken after last refactoring

lint(rubocop): space before parenthesis

lint(haml-lint): yoohoooo space before =

fix(lint): scss now :D

Update app/assets/stylesheets/buttons.scss

cleanup

feat(france_connect): re-add confirm by email, with an option for confirmation by email instead of only confirmation by email

fixup! Add confirmation by email when merging DC/FC accounts

fix(lint): haml_spec failure
2021-11-25 17:34:34 +01:00
mfo
e7d9d047fe
Merge branch 'main' into 6649-etq-usager-instructeur-rendre-la-suppression-plus-visible 2021-11-24 14:07:32 +01:00
Paul Chavard
758e7d68e6 fix(graphql): fix and improuve query parsing for logs 2021-11-24 13:23:05 +03:00
simon lehericey
4efd15377c spec 2021-11-23 14:17:59 +01:00
Pierre de La Morinerie
997c197980 specs: simplify the syntax of some factories 2021-11-23 08:07:07 +01:00
Pierre de La Morinerie
09ca70eef0 specs: improve search controller specs 2021-11-23 08:07:07 +01:00
Martin
3d1533dee9 feat(users/dossiers?statut=dossiers-expirant): add dossiers-expirant tab 2021-11-19 15:14:39 +01:00
mfo
82b23b92c0
Merge branch 'main' into 6624/etq-instructeur-je-souhaite-supprimer-des-messages-envoyes-par-erreur 2021-11-17 05:41:56 +01:00
Paul Chavard
e74d599042 feat(procedure): remove duree_conservation_dossiers_hors_ds 2021-11-16 19:55:56 +03:00
Martin
f0950b592b clean(CommentaireService): extract soft delete within controller. returning an instance with an error[:base] is not persisted with validation : avoid poluting stuff 2021-11-16 16:13:11 +01:00
Martin
4042d51d1a tech(lint): rubocopify 2021-11-15 14:17:57 +01:00
Martin
d4c74b5621 feat(rc.1): refine with better translations, better design 2021-11-15 14:15:05 +01:00
Martin
3b78a9d81a feat(rc): first stable 2021-11-15 13:53:32 +01:00
Martin
8b931a57d4 feat(CommentairesController#destroy): implement destroy endpoint using CommentaireService 2021-11-15 13:18:10 +01:00
Martin
b03dc6ad5d wip(dossiers/messages/_message): poc destroy button with expected ACL support 2021-11-15 11:30:41 +01:00
Paul Chavard
da47f491b3 fix(dossier): nullify close to expiration notice timestamps when changing state 2021-11-11 12:52:58 +01:00
simon lehericey
9041e201e8 one merge at a time 2021-11-04 16:10:09 +01:00
simon lehericey
b160086cc5 update update_email to allow merge 2021-11-04 16:10:09 +01:00
simon lehericey
652b8367be accept or refuse merge 2021-11-04 16:10:09 +01:00
Pierre de La Morinerie
0a541d678d graphql_controller_spec: create several dossiers only when required
Creating dossiers is faster than creating a procedure, but still slow.
We can create a single dossier in the default case, and only create
several others when the example requires it.

Speeds up this spec from 0m 57s to 0m 49s.
2021-11-03 19:38:01 +01:00
Pierre de La Morinerie
f0e045ad25 graphql_controller_spec: create all types de champs only when required
Creating a procedure with all available types de champ is slow. We can
create a simpler procedure in the default case, and only create all
types de champs when the example requires it.

Speeds up this spec from 1m 55s to 0m 57s.
2021-11-03 19:38:01 +01:00
Pierre de La Morinerie
e02251c0e5 graphql_controller_spec: populate all champs only when required
Creating a dossier with available champs populated is slow. We can
create simpler dossiers in the default case, and only populate all
champs when the example requires it.

Speeds up this spec from 2mn 20s to 1m 55s.
2021-11-03 19:38:01 +01:00
Pierre de La Morinerie
bb1bc9140d graphql_controller_spec: remove unused line 2021-11-03 19:38:01 +01:00
Pierre de La Morinerie
04159056af specs: clarify spec by replacing some context by describe 2021-11-03 19:38:01 +01:00
Pierre de La Morinerie
b06183d7bf specs: rename Dossier's with_all_champs to with_populated_champs
This better reflects what the trait is used for, and disambiguate it
from the similarly named trait in the Procedure factory.
2021-11-03 19:38:01 +01:00
Paul Chavard
c4b93f8d4a fix(groupe_instructeur): unfollow dossiers when removed from groupe instructeur 2021-10-28 14:45:52 +02:00
simon lehericey
c725999582 move merge method to user 2021-10-28 14:39:13 +02:00
Pierre de La Morinerie
a2b91c8ec6 factories: cleanup Administrateur, Instructeur and Expert factories
This changes:

- avoids relying on application code to create mock objects,
- allows to build Administrateur or Instructeurs without saving them.
2021-10-26 12:03:30 +02:00
simon lehericey
d19ad2840c rename preexisting to targeted, remove duplicated test 2021-10-19 16:12:42 +02:00
simon lehericey
52b7e85954 merge administrateur in user_controller 2021-10-19 16:12:42 +02:00
simon lehericey
44c880adc4 allow instructeur and administrateur to change their email to legit domain (#6550) 2021-10-19 15:54:57 +02:00
simon lehericey
f54dfe6ead Do not raise error if user is nil
I do not get when it happens
2021-10-19 11:21:24 +02:00
simon lehericey
933d7b8c8d merge with another preexisting account 2021-10-14 14:47:50 +02:00
simon lehericey
ce40e1127d merge with another new account 2021-10-14 14:47:50 +02:00
simon lehericey
19f81b594b merge with an existing account by using the password 2021-10-14 14:47:50 +02:00
simon lehericey
218e4633a9 securely retrieve fci 2021-10-14 14:47:50 +02:00
simon lehericey
f7299da1e7 launch merge process if an unlinked DS account with the same email exists 2021-10-14 14:47:50 +02:00
simon lehericey
6826bf03b0 Sign in with a user linked by france connect sub (openid)
instead of looking linked user by email because :

- follows FC recommendation to fetch ds account by openid
- the email is not a valid key as many user can share the same FCI email.

The following scenario is now working

A user A (email: 1@mail.com) uses FC to connect to DS
=> It is connected as 1@mail.com

Another user B (email: generic@mail.com) uses FC to connect
=> It is connected as generic@mail.com

The first user A change its FC email to generic@mail.com and connect to DS
=> It is still connected as 1@mail.com
2021-10-14 14:47:50 +02:00
simon lehericey
2f470b25aa spec cleaning 2021-10-14 14:47:50 +02:00
simon lehericey
77d14d4a60 forbid admin merge yet 2021-10-07 15:51:31 +02:00
simon lehericey
5009c583ea Add notice when merging account 2021-10-07 15:51:31 +02:00
simon lehericey
a480b31eb5 merge expert 2021-10-07 15:51:31 +02:00
simon lehericey
136f29524e merge instructeur 2021-10-07 15:51:31 +02:00
simon lehericey
9a6a53349f simple cases when the preexisting targeted account does not have instructeur or profile profile 2021-10-07 15:51:31 +02:00
simon lehericey
c56199e8f7 spec cleaning 2021-10-07 15:51:31 +02:00
simon lehericey
195583c0bd Enable manager specs 2021-10-07 15:51:31 +02:00
kara Diaby
919d708ec4 tests 2021-10-05 15:37:30 +02:00
simon lehericey
f662b28baf update identity_updated_at column when user identity change 2021-10-05 12:05:43 +02:00
Peng-Fei DONG
dee536fca1 app: localize CSV import for groupe instructeurs 2021-10-05 10:58:15 +02:00
simon lehericey
64351d0287 [Fix #6504] Fix exception raised when deleting a transfer 2021-10-01 12:11:03 +02:00
simon lehericey
0cd9bcb1ab fix #6495 2021-09-28 15:53:18 +02:00
Paul Chavard
5933194149 feat(log): stop logging user emails
fix #6485
2021-09-27 14:56:00 +02:00
simon lehericey
07962cc2c7 service: match remote keys 2021-09-22 12:08:24 +02:00
simon lehericey
1446660ca3 an api_particulier_token change erases previous api_particulier_sources 2021-09-21 11:21:10 -05:00
simon lehericey
c87f3f7fb6 faster jeton_particulier_controller_spec 2021-09-21 11:21:10 -05:00
simon lehericey
2e1bed8748 an admin can save its sources 2021-09-21 11:21:10 -05:00
Pierre de La Morinerie
eef90efd49 app: fix exception during password reset when the token has expired 2021-09-21 10:30:09 -05:00
simon lehericey
a7ec77f0a8 do not display the action for instructeur 2021-09-20 13:58:11 +02:00
simon lehericey
7239657a75 [Fix #6481] a user see its waiting transfers 2021-09-20 13:58:11 +02:00
simon lehericey
c34476a766 a user can transfer all its dossier 2021-09-20 13:58:11 +02:00
Paul Chavard
ad5279f4ab test(groupe_instructeur): fix groupe_instructeur controller spec 2021-09-18 11:22:35 +02:00
simon lehericey
5dbd81ebeb show api particulier sources 2021-09-17 13:50:23 +02:00
simon lehericey
1d06c15ac0 save api particulier scopes 2021-09-16 09:49:16 +02:00
simon lehericey
7ee360df30 add logic to detect empty scopes 2021-09-16 09:09:34 +02:00
simon lehericey
ee6d19e3ee an admin can save it's api particulier token
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:56:42 +02:00
simon lehericey
4c0dd43055 add jetons particulier index page
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:37:04 +02:00
Pierre de La Morinerie
5cbf939911 spec: fix syntax of get requests in archives_controller_spec
Those were generating Ruby warnings:

> warning: Using the last argument as keyword parameters is deprecated
2021-09-09 09:58:41 -05:00
Pierre de La Morinerie
80f9d4adc0 devise: use password_strength component in SuperAdmin::PasswordsController 2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
428ca8755f app: add a password_complexity component
This component will replace the previous `password_field` component.
2021-09-09 09:40:39 -05:00
Paul Chavard
74e277d0a2 feat(graphql): add an option to dossier state change mutations to disable notifications 2021-09-07 14:21:48 +02:00
Paul Chavard
9e30d5fc22 fix(virus scan): prevent virus scans in specs 2021-09-07 14:21:48 +02:00
Pierre de La Morinerie
8bb283d977 app: delete old Admin::ProceduresController 2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
a004ac59df app: move archive to NewAdministrateur::ProceduresController 2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
e7c8a9fff5 app: move clone to NewAdministrateur::ProceduresController 2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
56fa7e7cd6 app: move destroy to NewAdministrateur::ProceduresController
The code was already moved; only the route and tests were not.
2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
3e83ad454f app: move new_from_existing to NewAdministrateur::ProceduresController 2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
7729385d89 controllers: remove dead code on Admin::ProceduresController
This code has been migrated to NewAdministrateur::ProceduresController.
2021-09-02 14:51:26 -05:00
Pierre de La Morinerie
0f9d7d6b8c app: remove old Admin::InstructeursController
It was only hosting the deprecated "Instructeurs globally attached to
this admin", which wasn't used anywhere in the app anymore.
2021-09-02 14:40:36 -05:00
Pierre de La Morinerie
b80f6a9f1b spec: fix some manager tests not running 2021-08-26 11:44:47 -05:00
Paul Chavard
1399d9bba9 feat(graphql): expose demarche descriptor on dossier type
We don't want to expose full demarche type on dossiers because it would open the door for recursive queries that we want to avoid. DemarcheDescriptorType is a lightweight representation of demarche metadata.
2021-08-25 11:12:24 +02:00
Ismael MOUSSA S. (T0194673)
330333aac4 6407 - Fix flash message typo in new administrateur/groupe instructeurs controller and its related spec 2021-08-20 20:10:44 +02:00
kara Diaby
69393c2921 modify groupe instructeur controller 2021-07-27 19:38:22 +02:00
kara Diaby
9c976c6b71 fixup! tests 2021-07-27 19:38:21 +02:00
Pierre de La Morinerie
831672391e app: use a long-lived cookie for CSRF token
See the ADR document for rationale.
2021-07-20 11:11:52 +02:00
kara Diaby
0b6c7dace7 tests 2021-07-15 16:32:07 +02:00
kara Diaby
d2d046a39d fix encoding problems with cherlock Holmes gem 2021-07-13 10:58:41 +02:00
Pierre de La Morinerie
37c62ac0a3 app: display standard error page when no cookies are present
This occurs mostly when Safari attempts to perform a POST request
again (without sending any of the cookies).

In that case, our custom `422.html` page is more helpful to the user
(because it has a link to the previous page) than a "No cookies" blank
text.
2021-07-06 16:29:22 +02:00
Pierre de La Morinerie
09933454ff app: improve InvalidAuthenticityToken logging
- Log on all controllers
- Improve description of the controller action involved
- Ignore Safari bogus requests
2021-07-06 12:42:01 +02:00
Christophe Robillard
54d91335f2 remove the ability to download an 'everything' archive
there are sometimes an error that happen when building an everything
archive. The error explanation is not understood at the moment.
To deliver the archive feature quickly, we remove the 'everything' archive for
the moment
2021-07-05 11:05:07 +02:00
Paul Chavard
280e54b59d Enable test revisions 2021-07-01 15:59:07 +02:00
Pierre de La Morinerie
1faf91bdbe experts: protect password update as well as sign-up 2021-06-30 10:46:42 +02:00
Pierre de La Morinerie
6f7a2fde57 experts: fix saving password on sign-in 2021-06-30 10:46:42 +02:00
Pierre de La Morinerie
4f5c5e26ae spec: cleanup spec for Experts::AvisController 2021-06-30 10:46:42 +02:00
Paul Chavard
a4482233b8 [GraphQL] expose deleted dossiers 2021-06-24 11:51:37 +02:00
kara Diaby
309b3414d6 tests 2021-06-22 16:33:38 +02:00
Pierre de La Morinerie
5908b8019a specs: properly use xhr: true in javascript requests
This avoids an unexpected `ActionController::InvalidCrossOriginRequest`
exception to be raised when the forgery protection is disabled.
2021-06-22 13:21:55 +02:00
kara Diaby
6ebd57640c tests 2021-06-15 19:36:46 +02:00
François Vantomme
c9b1095d1e Refactor (Rubocop): replace map{ … }.compact by filter_map
In Ruby 2.7, Enumerable#filter_map has been added.
This cop identifies places where map { … }.compact can be replaced by filter_map.

See: https://docs.rubocop.org/rubocop-performance/cops_performance.html#performancemapcompact
2021-06-11 15:38:09 +02:00
Christophe Robillard
41569efe9d extract estimate_weight
and rename nb_dossiers by nb_dossiers_termines
2021-06-09 10:52:38 +02:00
Paul Chavard
990ae10399 GraphQL byte_size should be BigInt 2021-06-03 10:53:17 +02:00
Paul Chavard
f076fa803e Handle GeoJSON validation errors 2021-06-02 12:43:24 +02:00
Paul Chavard
9b0dae4cc2 Fix apostrophes ‘ -> ’ 2021-05-26 18:05:14 +02:00
Paul Chavard
3b85ade440 Add compatibility cadsatre layer with old API GEO 2021-05-24 11:57:00 +02:00
Paul Chavard
e043645a88 cleanup tests 2021-05-18 11:42:10 +02:00
kara Diaby
468e9e849a tests 2021-05-18 11:42:10 +02:00
simon lehericey
5124e08ccd disable faulty manager spec 2021-05-05 21:34:57 +02:00
simon lehericey
ccce724976 refactor as created fci must have an user_id 2021-05-05 14:36:34 +02:00
Paul Chavard
f6508899de Refactor NotificationMailer 2021-05-04 12:05:06 +02:00
Christophe Robillard
f40d96fbd2 Revert "Revert "Export de tous les dossier d'une démarche""
This reverts commit d9a588b52e.
2021-04-29 17:29:47 +02:00
krichtof
d9a588b52e
Revert "Export de tous les dossier d'une démarche" 2021-04-29 16:07:18 +02:00
Christophe Robillard
9134114c2e fix rubocop offenses 2021-04-28 11:40:58 +02:00
Christophe Robillard
8bee53fe77 rend plus robuste la création de l'archive 2021-04-28 11:40:58 +02:00
Christophe Robillard
71a5e41e5b add archive_zip_globale feature flag 2021-04-28 11:40:58 +02:00
Christophe Robillard
8b2849408c instructeurs can create and download archives 2021-04-28 11:40:58 +02:00
Christophe Robillard
fba0d78153 generate pdf export inside pieces_justificatives_service 2021-04-28 11:40:58 +02:00
Paul Chavard
2a068fb9b0 Remove user feedback buttons 2021-04-22 15:40:40 +01:00
Pierre de La Morinerie
d530b272a1 password: add specific page for reset instructions 2021-04-22 14:24:15 +02:00
Pierre de La Morinerie
62051c926a app: move update_allow_decision_access to ExpertsController 2021-04-06 14:54:18 +02:00
Pierre de La Morinerie
c82c72402d app: move the experts list to ExpertsProceduresController 2021-04-06 14:29:02 +02:00
Pierre de La Morinerie
7acb4cee83 controllers: use standard action names in ExpertsProceduresController 2021-04-06 13:45:51 +02:00
Pierre de La Morinerie
3f25624a5a routes: nest ExpertsProcedures routes in a resource 2021-04-06 13:18:51 +02:00
kara Diaby
8a1cdf31e3 tests 2021-04-06 10:38:46 +02:00
Pierre de La Morinerie
6eadcf614d spec: improve the dossier_controller timestamp specs
Make the specs clearer, and better test the various timestamps.
2021-04-06 10:26:17 +02:00
Paul Chavard
fd48b86b7f Simplify export unicity check and use create_or_find_by 2021-04-01 21:14:16 +01:00
simon lehericey
5b69e087c7 fix sentry test 2021-04-01 11:57:16 +02:00
Paul Chavard
0b22788d60 experts_procedure should not be optional 2021-03-23 13:46:33 +01:00
kara Diaby
81f5a5254b tests 2021-03-18 11:38:52 +01:00
Paul Chavard
866ae256a3 Add revision dossiers filters 2021-03-17 11:53:48 +01:00
Paul Chavard
76aa7bdfe3 Add default nil value for numero_tva_intracommunautaire 2021-03-16 12:57:10 +01:00
Pierre de La Morinerie
75a1046315 active_storage: refactor concerns
Follow-up of #5953.

Refactor the concerns with two goals:

- Getting closer from the way ActiveStorage adds its own hooks.
  Usually ActiveStorage does this using an `Attachment#after_create`
  hook, which then delegates to the blob to enqueue the job.
- Enqueuing each job only once. By hooking on `Attachment#after_create`,
  we guarantee each job will be added only once.

We then let the jobs themselves check if they are relevant or not, and
retry or discard themselves if necessary.

We also need to update the tests a bit, because Rails'
`perform_enqueued_jobs(&block)` test helper doesn't honor the `retry_on`
clause of jobs. Instead it forwards the exception to the caller – which
makes the test fail.

Instead we use the inline version of `perform_enqueued_jobs()`, without
a block, which properly ignores errors catched by retry_on.
2021-03-16 11:49:14 +01:00
Paul Chavard
00d7c3186a fix indentation 2021-03-09 14:47:23 +01:00
Paul Chavard
70500e3d56 Groupe instructeur selector default blank 2021-03-09 14:47:23 +01:00
Paul Chavard
96a832bc19 Add SerializerService 2021-03-02 12:42:22 +01:00
Pierre de La Morinerie
d9ea415d44 specs: fix rspec warning about raise_error specificity 2021-02-23 08:25:31 +01:00
Christophe Robillard
7565a25b51 rend accessible l'affectation d'un instructeur
en remplaçant select2 par ComboMultipleDropdownList
2021-02-16 16:47:14 +01:00
Christophe Robillard
c855d13994 rend accessible l'envoi de dossier par un instructeur
en remplaçant select2 par ComboMultipleDropdownList
2021-02-16 16:47:14 +01:00
kara Diaby
8310dc48bf tests 2021-02-16 09:46:18 +00:00
Paul Chavard
9ce07be1ee [GraphQL] modifier annotation 2021-02-11 17:45:14 +01:00
Christophe Robillard
a288a13805 disable france connect authentication for admin and instructeurs 2021-02-10 18:13:47 +01:00
Pierre de La Morinerie
150ddab660 zeitwerk: Api -> API 2021-02-09 13:07:30 +01:00
Judith
6d89a83d14 unused locales clean-up 2021-02-04 12:15:13 +01:00
Paul Chavard
41c3a98d7d Update Raven references to use Sentry 2021-01-28 19:46:36 +01:00
Paul Chavard
dc08993a89 Add DateTime champ to GraphQL 2021-01-14 14:08:42 +01:00