Commit graph

1318 commits

Author SHA1 Message Date
Pierre de La Morinerie
8427f0eb75 config: flip config.action_dispatch.use_cookies_with_metadata
This makes cookies more secure, by adding an automatic "purpose" field
to each cookie.

Cookies generated by Rails 5 are still forward-compatible. However
from now on the generated cookies will not be backward-compatible with
Rails 6.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
e8fa65f79d config: flip config.action_view.default_enforce_utf8
This prevents charset workaround on IE 8 and lower. We don't support
these browsers anyway, so we can flip the feature off.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
a1be888f7c config: use Rails 5.2 config defaults 2020-08-05 16:48:29 +02:00
Pierre de La Morinerie
0d55919fab config: use Rails 5.1 defaults
New or changed defaults are:

- config.assets.unknown_asset_fallback: false
- config.action_view.form_with_generates_remote_forms: true
2020-08-05 13:02:56 +02:00
Kara Diaby
4afc07c677
Merge pull request #5403 from tchak/add-carte-ign
Add carte ign
2020-08-03 11:04:32 +02:00
jpoulvel
bf94cc021b
Merge pull request #5424 from betagouv/new_design_edit_attestation
New design page admin/attestation_templates/edit
2020-07-31 11:18:22 +02:00
Paul Chavard
4c87e547b3 Put IGN map behind a feature flag 2020-07-30 17:22:28 +02:00
Paul Chavard
f1cbc9846e Add carte ign 2020-07-30 16:58:20 +02:00
Keirua
b3e98048f9
Merge pull request #5418 from betagouv/mise-en-avant-france-connect
#5428 - France connect avant les boutons de login/signup
2020-07-30 10:32:12 +02:00
jpoulvel
62e04a6ca9
Merge branch 'dev' into new_design_edit_attestation 2020-07-30 09:53:09 +02:00
kara Diaby
d4c6e501c6 Ajoute la liste des démarches de l'interface administrateur sur la nouvelle UI 2020-07-29 15:35:52 +02:00
Judith
5df3838173 - tranferred controllers from admin to mew_administrateur
- removed admin/attestation_templates views
- changed routes accordingly
2020-07-29 12:26:27 +02:00
Keirua
347dbe4c87
Merge pull request #5417 from betagouv/cleanup-incident-janvier
Suppression du message d'alerte suite aux problèmes d'upload
2020-07-29 11:00:12 +02:00
clemkeirua
b8eea05163 ajout de traductions 2020-07-29 09:27:16 +02:00
clemkeirua
db0d230531 add cdn.jsdeliver.net to the CSP 2020-07-27 16:54:46 +02:00
clemkeirua
de1df85462 suppression du message d'alerte suite aux problèmes d'upload 2020-07-27 10:32:03 +02:00
Fabrice Gangler
1352cde321 Feat: allow emails senders to be configured in .env file
Refs: #5408
2020-07-24 10:50:55 +02:00
clemkeirua
7e085c657d specific deactivation of rubocop DS/ApplicationName rule 2020-07-23 16:20:16 +02:00
clemkeirua
c658428441 added application name in config/ 2020-07-23 16:17:54 +02:00
clemkeirua
c1208add62 remplacement de demarches-simplifiees.fr par un paramètre dans les vues 2020-07-23 16:16:36 +02:00
clemkeirua
31a262efef extraction d'urls doc/faq/… dans url.rb 2020-07-23 16:16:36 +02:00
clemkeirua
3340a2b091 ajout du nom d'application tot au demarrage
The application name is used in the views, but also in the initializers and in the config/ directory

According to rails doc (https://guides.rubyonrails.org/v6.0/configuring.html#locations-for-initialization-code),
if we want to do some things before the initializers and the environment, the only place to do so is in config/application.rb
2020-07-23 16:16:36 +02:00
Paul Chavard
8b9e73a30a
Merge pull request #5382 from adullact/feat_status-page-customisation
#5379 - Allow status page URL to be configured in the .env file
2020-07-22 22:10:58 +02:00
Paul Chavard
35461f0159 Add revisions migrations 2020-07-21 19:35:30 +02:00
Keirua
b2aa90b729
Merge pull request #5392 from betagouv/fix-CI-accessibility-errors
Fix CI accessibility errors
2020-07-21 17:15:45 +02:00
krichtof
8c5308b9dc
Merge pull request #5396 from betagouv/5395-relancer-expert
5395 instructeur : relance un expert pour une demande d'avis
2020-07-21 15:02:53 +02:00
Christophe Robillard
689a51588f translations for avis list view 2020-07-21 10:46:55 +02:00
Fabrice Gangler
62672c02e0 move STATUS_PAGE_URL into env.example.optional 2020-07-20 16:37:31 +02:00
Fabrice Gangler
f7402afa06 add env.example.optional 2020-07-20 16:31:02 +02:00
Christophe Robillard
d9cb5c067f relance un expert 2020-07-20 16:26:16 +02:00
Christophe Robillard
bde8fe2c5d update wording for revoke 2020-07-20 16:08:35 +02:00
Pierre de La Morinerie
b192b48fc7 config: use Rails 5.0 options
Stop overriding Rails 5.0 options, and use the framework defaults.

(Except for `active_record.belongs_to_required_by_default`, which is a
lot of work and will be fixed later.)
2020-07-20 15:54:48 +02:00
clemkeirua
c0cf8b1341 fix display of labels for datetime on screenreaders 2020-07-20 11:37:01 +02:00
Gangler Fabrice
39feca251d allow status page URL to be configured in .env 2020-07-17 15:53:49 +02:00
Christophe Robillard
3ea34834a7 revoke expert avis 2020-07-16 21:05:11 +02:00
kara Diaby
9dc542af09 Revert "Revert "Feat/5287 - New design for admin procedure detail""
This reverts commit cf5eb3f251.
2020-07-15 17:00:03 +02:00
Christophe Robillard
8111babdd6 user: revoque un invité sur un dossier 2020-07-14 18:25:31 +02:00
Kara Diaby
cf5eb3f251
Revert "Feat/5287 - New design for admin procedure detail" 2020-07-13 11:36:42 +02:00
kara Diaby
7f3b38cfee Merge admin dashboard to new design for procedure details 2020-07-09 12:18:22 +02:00
clemkeirua
60c3047e4f mise à jour de doc pour se passer d'overmind 2020-07-09 09:32:09 +02:00
Christophe Robillard
2c56511204 validate api_entreprise_token 2020-07-08 18:59:22 +02:00
Christophe Robillard
8f9d6d2871 show which instructeur took decision and when
and also replace "sans suite" by "classé sans suite"
2020-07-08 18:15:15 +02:00
Pierre de La Morinerie
58c97efde4 config: enable debug assets in development
Historically, debug assets were disabled because they made reloading
pages very slow. This seems fixed by Rails 6.
2020-07-08 17:48:21 +02:00
clemkeirua
68b37cf6aa config: make default Rails 5 config explicit 2020-07-08 11:00:12 +02:00
Pierre de La Morinerie
e2b8545222 config: fix missing default list of allowed HTML tags
See https://github.com/rails/rails/issues/39586
2020-07-07 18:03:56 +02:00
Paul Chavard
6a24c3f812 Rails app:update 2020-07-07 18:03:56 +02:00
Judith
9793128f61 'Services' routes moved under 'new_administrateur' scope and '/admn' added in their url 2020-07-07 14:08:01 +00:00
Judith
782706537d Changed the routes to pass all new design admin pages under
'new_administrateur' scope, except 'services'.
As a result, the url of these pages will all include '/admin'.
2020-07-07 14:08:01 +00:00
Christophe Robillard
1d86f863d3 rename avis#all to avis#index 2020-06-30 09:17:27 +02:00
Christophe Robillard
bbec76d33b rename avis#index to avis#procedure 2020-06-30 09:17:27 +02:00
Christophe Robillard
90d6d337a9 explain redirection urls for expert 2020-06-30 09:17:27 +02:00
Christophe Robillard
84d619c974 redirect old urls in avis mails with new urls 2020-06-30 09:17:27 +02:00
Christophe Robillard
72d27ffdb2 replace instructeur_avis_index url by instructeur_all_avis url 2020-06-30 09:17:27 +02:00
Christophe Robillard
dcb9afaf25 refactor expert avis url : fix avis_controller_spec 2020-06-30 09:17:27 +02:00
kara Diaby
6b07cc0659 Move admin/assigns to the new UI like groupe_instructeurs 2020-06-29 14:44:28 +02:00
clemkeirua
6452a20491 rename 'Menu déroulant's 2020-06-29 08:59:12 +00:00
simon lehericey
102fb6629e remove ip constraint on ping 2020-06-22 15:29:51 +02:00
clemkeirua
6a3811a4e2 fix catalog v3 2020-06-19 14:20:32 +02:00
clemkeirua
319655482f clean config for keystone v3 2020-06-19 14:20:32 +02:00
krichtof
ff6eaf73db
Revert "Suppression de l'utilisation de Keystone v2" 2020-06-04 17:32:25 +02:00
Paul Chavard
901b6e23a8 Remove legacy carto 2020-06-04 16:03:23 +02:00
clemkeirua
def744d627 remove now useless keystone v2 2020-06-04 12:05:27 +00:00
Christophe Robillard
705487dab6 define max_attempts for jobs 2020-06-02 20:21:11 +02:00
clemkeirua
868decd06e add overide for fog openstack v3 2020-06-02 15:03:37 +02:00
Pierre de La Morinerie
b0db74ea79 config: fix spring randomly crashing in the pg gem
See https://github.com/ged/ruby-pg/issues/311
2020-05-25 09:23:41 +00:00
Pierre de La Morinerie
c9820adbc4 urls: fix link to autosave FAQ article 2020-05-18 16:53:19 +02:00
Pierre de La Morinerie
6eca93faab urls: fix link to admin FAQ category 2020-05-18 16:53:19 +02:00
clemkeirua
22a518c921 ajout d'un bouton d'export des mails des demandeurs 2020-05-18 12:46:42 +00:00
Pierre de La Morinerie
93bb5283ff app: remove the feature flag for pieces justificatives auto-upload
The feature works as intended: we can remove the feature flag.
2020-05-14 17:39:07 +02:00
Keirua
a869a04e1e Mise à jour de l'URL de doc sur l'archivage
Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>
2020-05-13 16:45:27 +02:00
clemkeirua
84888be255 clarification de l'archivage/suppression 2020-05-13 16:45:27 +02:00
Christophe Robillard
aab4bb81ee return bilan bdf csv for expert 2020-05-11 13:05:50 +02:00
Paul Chavard
4f2e504cc2 Add carto import api
takes a FeatureCollection to import and returns an augmented champ FeatureCollection
2020-05-07 12:06:42 +02:00
Paul Chavard
05e408225b Implement atomic operations on MapEditor 2020-05-06 16:46:14 +02:00
Christophe Robillard
22e2c2e133 render csv bidf bilans 2020-04-30 16:15:16 +02:00
Paul Chavard
843e033c38 Allow instructeurs to download a GeoJSON document for a given dossier 2020-04-30 15:49:43 +02:00
kara Diaby
2fc438ab65 Fix safari and firefox compatibility mapbox gl 2020-04-30 14:14:03 +02:00
Christophe Robillard
14ff18ca80 store specific api-entreprise token for a procedure 2020-04-28 15:17:11 +02:00
clemkeirua
1ac7ec2dca precision dans mail suppression dossier en construction 2020-04-28 12:42:00 +00:00
kara Diaby
9aea1fffee Migrate the map editor to mapbox-gl with react component 2020-04-27 11:30:32 +02:00
Paul Chavard
f1b531911b Handle processed dossiers in deletion mailers 2020-04-22 15:39:10 +02:00
Pierre de La Morinerie
37645d3df2 config: fix (again) the CSP when running a LiveReload server locally
When running the app using `bin/webpack-dev-server` (the external
(and fast) assets server), LiveReload is used. We need to explicitely
allow the LiveReload connections in the CSP policy.

Turns out we now need to specify the protocol explicitely.
2020-04-20 17:24:16 +02:00
Pierre de La Morinerie
968e470684 config: never cache rails-generated pages
This instruct browsers to never cache content directly generated by the
controllers. This includes HTML pages, JSON responses, PDF files, etc.

This is because Some mobile browsers have a behaviour where, although
they will delete the session cookie when the browser shutdowns, they
will still serve a cached version of the page on relaunch.

The CSRF token in the HTML is then mismatched with the CSRF token in the
session cookie (because the session cookie has been cleared). This
causes form submissions to fail with an
"ActionController::InvalidAuthenticityToken" exception.

To prevent this, tell browsers to never cache the HTML of a page.
(This doesn’t affect assets files, which are still sent with the proper
cache headers).

See https://github.com/rails/rails/issues/21948
2020-04-14 18:29:17 +02:00
Paul Chavard
7a8fd3c679 Use graphql playground instead of graphiql 2020-04-09 19:38:19 +02:00
Christophe Robillard
ae18ff6627 Notifie tous les instructeurs lors dépôt dossier
- envoie un mail à tous les instructeurs d'une procédure après le dépôt
d'un nouveau dossier
2020-04-09 14:33:56 +02:00
Christophe Robillard
415d5c765e envoie une notification à chaque follower_instructeur après un commentaire déposé 2020-04-09 14:17:07 +02:00
kara Diaby
d18bc1c421 Improve the mapbox-gl support detection for older browsers 2020-04-09 11:01:20 +02:00
kara Diaby
56e9834389 Revert "Revert "Revert "Revert "feat/4893 - migrate the mapReader to mapbox-gl with react""""
This reverts commit 473ed00b6c.
2020-04-09 11:01:20 +02:00
Pierre de La Morinerie
7e19dd2cda Revert "Revert "Fix middle-click on "Delete attachment" button""
This reverts commit 6e8bd6957f.
2020-04-09 10:40:08 +02:00
clemkeirua
34188c432c refactor _new_header so that user and instructeur search share similar signature 2020-04-09 09:42:31 +02:00
Pierre de La Morinerie
6e8bd6957f
Revert "Fix middle-click on "Delete attachment" button" 2020-04-08 17:40:58 +02:00
Pierre de La Morinerie
8ceb555941 routes: cleanup attachment routes 2020-04-08 11:57:06 +02:00
kara Diaby
473ed00b6c Revert "Revert "Revert "feat/4893 - migrate the mapReader to mapbox-gl with react"""
This reverts commit fe0b3c2215.
2020-04-07 18:14:07 +02:00
kara Diaby
fe0b3c2215 Revert "Revert "feat/4893 - migrate the mapReader to mapbox-gl with react""
This reverts commit 3e21b78142.
2020-04-07 18:11:11 +02:00
Pierre de La Morinerie
3e21b78142
Revert "feat/4893 - migrate the mapReader to mapbox-gl with react" 2020-04-07 15:32:14 +02:00
Pierre de La Morinerie
91260e2867 dossier: fix upload route of piece_justificative in repetitions
In repetitions, `form.index` doesn't make much sense. Turns out we
don't really need the index of the champ: we can just use the champ id.
2020-04-06 11:50:31 +02:00
kara Diaby
aa56cfd7a0 migrate map to mapbox-gl with a react component 2020-04-02 15:39:47 +02:00
Paul Chavard
7ba4c513e6 Refactor notify near deletion mailers 2020-04-01 17:40:52 +02:00
Paul Chavard
da52ec30bd Undo discard dossiers and demarches from manager 2020-03-31 17:08:28 +02:00
Paul Chavard
876e05aed3 Discard demarches from manager 2020-03-31 17:08:28 +02:00
Pierre de La Morinerie
6417c0d2c0 dossiers: allow auto upload of attachments 2020-03-31 13:09:44 +02:00
Paul Chavard
5005c54891 Add base cron job 2020-03-31 12:25:46 +02:00
Pierre de La Morinerie
fe13043efd dossier: prepare validations to piece_justificative champs
We can't yet enable the validations, because of an issue that will
(hopefully) be solved with Rails 6.

See https://github.com/betagouv/demarches-simplifiees.fr/issues/4926
2020-03-30 11:12:25 +02:00
Paul Chavard
a60b6b6776 Use ’ consistently instead of ' 2020-03-26 17:27:48 +01:00
Paul Chavard
c707a21f97 Rename delete_and_keep_track -> discard_and_keep_track 2020-03-26 14:23:23 +01:00
Paul Chavard
ec1cd989ab Show the reason on deleted dossiers 2020-03-25 16:57:03 +01:00
clemkeirua
5ef6f92fdc update CGU URL 2020-03-25 09:50:41 +00:00
Christophe Robillard
b4b92accf1 instructeur: show deleted dossiers for a procedure 2020-03-25 10:19:07 +01:00
clemkeirua
5896aedeeb added extension bouton to en_construction dossiers bound to expire 2020-03-24 18:10:51 +01:00
clemkeirua
057d7bc2f1 add interval data type to ActiveRecord 2020-03-24 18:10:13 +01:00
clemkeirua
c077762a04 added labels for datetime
cf https://stackoverflow.com/a/47836699
2020-03-24 16:54:35 +00:00
Pierre de La Morinerie
a716713ed6 locales: fix translation of champ value
Due to the extra 's', the names of Champs attributes were never
translated.
2020-03-24 15:42:02 +01:00
Paul Chavard
cd0acb1344 Cleanup dossier mailers 2020-03-19 16:52:18 +01:00
Pierre de La Morinerie
ea94ea05a0 config: configure CSP to allow live-reload requests
This avoids CSP errors when using the `bin/webpack-dev-server` external
assets compilation server.
2020-03-18 13:26:54 +01:00
Christophe Robillard
c21dd3b830 affiche infos d'un usager entreprise uniquement si diffusable
pour un usager de type entreprise qui a choisi de ne pas diffuser publiquement ses infos,
elles sont affichées uniquement aux instructeurs
2020-03-17 15:57:02 +00:00
clemkeirua
90a0879d71 ajout du bouton pour telecharger un pdf vide 2020-03-17 15:00:03 +01:00
clemkeirua
269881db12 generation d'un pdf vide à partir d'une procedure 2020-03-17 15:00:01 +01:00
Paul Chavard
444d19e191 Remove unused gems 2020-03-17 11:25:21 +01:00
Paul Chavard
ae2cfdd44e Update browser gem
`modern?` method was removed in version 4
2020-03-17 11:25:20 +01:00
Paul Chavard
0b06864f7a Upgrade core-js 2020-02-24 19:43:07 +01:00
Paul Chavard
318baf316e Add notify_en_construction_near_deletion mailer 2020-02-18 17:18:14 +01:00
Paul Chavard
8c77d91e9f Add notify_automatic_deletion_to_administration mailer 2020-02-18 17:18:06 +01:00
Paul Chavard
4e116f06a6 Add notify_automatic_deletion_to_user mailer 2020-02-18 17:15:32 +01:00
Pierre de La Morinerie
7ba76c6658 dossier: add a notice when some attachments of the dossier were lost
On the 22/01/2020, a technical error on the demarches-simplifees.fr
instance made us delete some files attached to some dossiers.

This PR adds a warning when browsing a dossier containing attachments
that were deleted.
2020-02-12 11:49:33 +01:00
simon lehericey
3d652ffaf8 Remove unused key 2020-02-10 13:59:15 +01:00
simon lehericey
6de55f44b4 Remove Fog conf for carrierewave
The conf now is config/storage.yaml
2020-02-10 13:56:45 +01:00
Christophe Robillard
cee4c5b8fb Revert "Revert "4127 fix superadmin supprime compte usager""
This reverts commit 751f24f7bb.
2020-02-04 16:07:01 +01:00
Paul Chavard
a86129c3a1 Revert "Revert "Update javascript dependencies and add webpack-bundle-analyzer""
This reverts commit eddd59e554.
2020-02-03 14:54:25 +01:00
Keirua
eddd59e554
Revert "Update javascript dependencies and add webpack-bundle-analyzer" 2020-01-29 14:51:55 +01:00
Paul Chavard
a223eb05da Update javascript dependencies and add webpack-bundle-analyzer 2020-01-28 16:37:44 +01:00
clemkeirua
5f65665b07 added a method for modifying a user email 2020-01-28 16:15:46 +01:00
Paul Chavard
7478a51846 [GraphQL] use official skylight support 2020-01-28 15:39:37 +01:00
Pierre de La Morinerie
745b00366f Revert "app: hide IE11 deprecation banner during the strike"
This reverts commit c2882b6cc3.
2020-01-28 15:18:18 +01:00
Pierre de La Morinerie
751f24f7bb
Revert "4127 fix superadmin supprime compte usager" 2020-01-21 18:57:54 +01:00
Christophe Robillard
a6d007dbd3 supprime un instructeur 2020-01-21 15:05:33 +01:00
clemkeirua
12430a8068 ajout d'un écran intermediaire pour gérer la reaffectation des dossiers 2020-01-20 16:15:02 +01:00
clemkeirua
45c8c8ca21 an admin can delete a groupe-instructeur with 0 dossier 2020-01-20 16:15:02 +01:00
Paul Chavard
4edc7b00cf Use geocoder 2020-01-15 15:04:04 +01:00
Paul Chavard
14295db9ad Revert "Revert "Merge pull request #4552 from tchak/champ-communes""
This reverts commit 4373cb22cb.
2020-01-14 18:46:07 +01:00
clemkeirua
4373cb22cb Revert "Merge pull request #4552 from tchak/champ-communes"
This reverts commit 4cec26f73a, reversing
changes made to 0ef25ef36c.
2020-01-13 16:26:27 +01:00
Christophe Robillard
9a62d3fe0c delete a user 2020-01-13 10:06:43 +01:00
Pierre de La Morinerie
f04fb3830c config: fix France Connect callback URL when testing locally
When testing France Connect on a local development environment, the
callback URL should be something like `http://localhost:3000/…/…`

But currently, the callback URL uses `https`, even in development. This
causes the callback URL to be rejected by France Connect.

This commit overrides the callback URL when in development, to use
an `http` URL instead. In doesn't affect the production settings.
2020-01-08 15:44:49 +01:00
Paul Chavard
cccb04d725 ActiveStorage url should expire after an hour 2020-01-08 14:43:05 +01:00
Paul Chavard
e61e39d345 Remove unused code and tests 2020-01-07 11:52:51 +01:00
Paul Chavard
ff46ee366e Fix user brouillon spec 2020-01-07 11:52:51 +01:00
Paul Chavard
4bbd16576b Add champ communes 2020-01-07 11:52:51 +01:00
Paul Chavard
22aa2d4ee0 Make all location champs autocomplete 2020-01-07 11:52:51 +01:00
simon lehericey
c95b7a33fa Add brakeman exception for a export.file.service_url 2019-12-18 13:13:15 +01:00
simon lehericey
d0f0533a32 Remove unused code 2019-12-18 13:13:15 +01:00
Paul Chavard
422b7f37ec [GraphQL] expose file information 2019-12-11 12:34:49 +01:00