Commit graph

8289 commits

Author SHA1 Message Date
LeSim
3a1f17cce8
Merge pull request #4033 from pengfeidong/lock_account_by_brute_force_attack_use_rack_attack
add Gem rack_attack for prevent attack brute-force
2019-08-20 13:45:01 +02:00
simon lehericey
86d968bb8e Use rack_attack_enabled?
We cannot enable rack attack during the tests as it interferes with features spec.
So we add a flag to enable it during the runtime.
2019-08-20 13:29:29 +02:00
simon lehericey
0f0fecdb25 RackAttack: use remote ip and test it ! 2019-08-20 13:29:29 +02:00
simon lehericey
b7f8bb2fea Simplify ip_service 2019-08-20 13:29:29 +02:00
pedong
fc8cebd78d add Gem rack_attack for prevent attack brute-force 2019-08-20 13:29:29 +02:00
LeSim
cab5b5cd9b
Merge pull request #4211 from betagouv/simplify_role_creation
Simplifie la création de role instructeur ou administrateur
2019-08-20 12:25:06 +02:00
simon lehericey
e0e29d741f Simplify instructeur and administrateur factory 2019-08-20 12:20:12 +02:00
simon lehericey
c1a622efa1 Add User.create_or_promote_to_administrateur 2019-08-20 12:20:12 +02:00
simon lehericey
01a91e68ca Simply avis controller 2019-08-20 12:20:12 +02:00
simon lehericey
98a24bea51 Simplify invite_instructeur 2019-08-20 12:20:12 +02:00
simon lehericey
97d0855d47 add User.create_or_promote_to_instructeur 2019-08-20 12:20:12 +02:00
LeSim
132900cca2
Merge pull request #4213 from betagouv/fix_manager_reset_password
Corriger un bug dans le manager concernant le reset de password
2019-08-20 12:17:37 +02:00
simon lehericey
e913b01c52 fix_manager_reset_password 2019-08-20 12:12:20 +02:00
LeSim
a455836498
Merge pull request #4214 from betagouv/fix_manager_delete_admin
Corrige la suppression d'un administrateur par une administration
2019-08-20 12:07:50 +02:00
simon lehericey
ebe871819d Fix admin deletion by an administration 2019-08-20 12:01:36 +02:00
LeSim
6e83f3d524
Merge pull request #4215 from betagouv/fix_procedure_presentation
Corrige un bug dans le filtre de la vue instructeur
2019-08-20 11:33:33 +02:00
simon lehericey
77c11d8b79 fix_procedure_presentation 2019-08-20 11:28:18 +02:00
Paul Chavard
19bf1bebaf
Merge pull request #4203 from tchak/remove-commentaire-file-uploader
Remove commentaire file uploader
2019-08-20 10:29:42 +02:00
Paul Chavard
e9ba7700d4 Remove commentaire file uploader 2019-08-20 10:24:13 +02:00
Paul Chavard
522d45839b
Merge pull request #4209 from betagouv/cleaning
Cleaning
2019-08-20 10:23:50 +02:00
Paul Chavard
78b0650ef0
Merge pull request #4210 from betagouv/cleaning_user_session
Nettoyage du Controller de Session
2019-08-20 10:17:43 +02:00
simon lehericey
80cb8b87fe Keep only the FC logic and use devise for the rest 2019-08-16 16:48:22 +02:00
simon lehericey
54d7effe28 Spec: specify france_connect logic 2019-08-16 16:48:22 +02:00
simon lehericey
9c715b2969 SessionController: new User in view 2019-08-16 16:48:22 +02:00
simon lehericey
416a07d2dd SessionView: simplify 2019-08-16 16:48:22 +02:00
simon lehericey
27085af9b5 SessionController: remove remember_me
It is somehow taken care by warden
2019-08-16 16:48:22 +02:00
simon lehericey
002510d5cb SessionController: remove complicated try_to_authenticate 2019-08-16 16:48:22 +02:00
simon lehericey
4be9c79e03 Spec : specify remember me 2019-08-16 16:48:22 +02:00
simon lehericey
67cc2c1a87 SessionController: remove instructeur_signed_in? 2019-08-16 16:48:22 +02:00
simon lehericey
a3b9bf90d4 SessionController: remove useless code
- the redirection of a locked user is made by the sign_in method
- because of the paranoid mode it displays the devise.failure.invalid error message
2019-08-16 16:48:22 +02:00
simon lehericey
08bb393ced Spec: specify locked logic 2019-08-16 16:48:22 +02:00
simon lehericey
1b14d85c77 Rerender if wrong credentials 2019-08-16 16:48:22 +02:00
simon lehericey
9a6b3c3757 Spec: specify the redirections when logged in 2019-08-16 16:48:22 +02:00
simon lehericey
56d34173e6 Spec: remove multi devise account tests 2019-08-16 12:04:54 +02:00
simon lehericey
95cd301d0d Spec: remove superfluous code 2019-08-16 11:47:53 +02:00
simon lehericey
f87e316a5d Spec: remove outdated trusted_device logic
This is tested on the application controller
2019-08-16 11:45:40 +02:00
simon lehericey
dab1519b8c Remove credenticals synchronisation logic 2019-08-16 11:35:19 +02:00
simon lehericey
58ecf18390 ActivateController: add tests and clean a bit 2019-08-16 11:22:36 +02:00
simon lehericey
d5ddd182a7 remove useless session views 2019-08-14 18:04:26 +02:00
simon lehericey
972b6793f7 Remove useless sessions_controller 2019-08-14 18:04:26 +02:00
LeSim
2d9569d30d
Merge pull request #4202 from betagouv/remove_administrateur_devise_account
Remove administrateur devise account
2019-08-14 17:34:42 +02:00
simon lehericey
7fbedb78fb Add feature spec about managing passwords (with the courtesy of kemenaran) 2019-08-14 17:27:10 +02:00
simon lehericey
149b0b5797 Fix Sign out 2019-08-14 16:58:50 +02:00
simon lehericey
9fc63d923f Fix seeds.rb 2019-08-14 16:34:50 +02:00
simon lehericey
e3e6bc7689 ! NEED JOB REBOOT Move remind activation logic to user 2019-08-14 16:34:50 +02:00
simon lehericey
dc816472e9 Stub administrateur devise methods in spec 2019-08-14 16:34:50 +02:00
simon lehericey
d0ac1c3301 Fix manager invite administrateur 2019-08-14 16:34:50 +02:00
simon lehericey
c08e356367 Remove or fix nonsense code 2019-08-14 15:08:14 +02:00
simon lehericey
c380d807ab Spec: sign_in with administrateur.user 2019-08-14 15:08:14 +02:00
simon lehericey
1b38d4071d temporary remove password complexity check 2019-08-14 15:06:16 +02:00