Colin Darie
c9bde31ef2
Merge pull request #9470 from colinux/improve-watermark
...
ETQ instructeur: nouveau filigrane des titres d'identité qui améliore la lisibilité des images
2023-09-12 12:09:58 +00:00
Colin Darie
201b31bf36
refactor(watermark): small text based watermarked to increase document visibility
2023-09-12 13:04:31 +02:00
Colin Darie
6e5c466e57
style: update favicons with chart color, apple touch icon and shortcuts names
2023-09-11 17:48:12 +02:00
Bastien Ogier
f7d109a851
changed(brevo): use env vars for smtp relay address and port.
2023-09-06 11:31:24 +02:00
simon lehericey
4955f5d6ec
fix: flipper initialization when db down
2023-08-31 12:14:33 +02:00
Martin
a3c6a2c46f
correctif(dolist): utilise des liens vers les logos des procedures plutôt que des attachements.inlined
2023-08-14 13:09:05 +02:00
Paul Chavard
ca4066939c
chore(pipedrive): remove pipedrive
2023-08-10 10:29:25 +02:00
Paul Chavard
b404064d3b
feat(graphql): add mutation flag to lograge
2023-08-02 13:20:58 +02:00
Paul Chavard
0ca72492e3
feat(graphql): use camelize with inflection
2023-08-01 14:55:08 +02:00
Martin
2c3cce104a
tech(smtp): passe du relai SMTP de SendInBlue vers le relai SMTP Brevo [changement de nom de la boite]
2023-07-17 15:51:15 +02:00
Colin Darie
e74f4db8c8
feat(sva): under feature flag
2023-07-11 10:02:45 +02:00
Colin Darie
bb4a6e22ce
chore(schema): +procedures#sva_svr
2023-07-11 10:01:45 +02:00
Colin Darie
3885864200
Merge pull request #9289 from demarches-simplifiees/new_pj_scheme
...
Change le nommage des pjs à %Y/%m/%d/sd/sd.....
2023-07-10 13:20:34 +00:00
Paul Chavard
d5820277c0
feat(cojo): add cojo type de champ
2023-07-10 14:57:34 +02:00
simon lehericey
db70624398
feat(pj): change naming scheme to %Y/%m/%d/sd/sd.....
2023-07-10 11:44:33 +02:00
Eric Leroy-Terquem
7598b0a513
remove previous routing sytem code
2023-07-03 14:58:45 +02:00
simon lehericey
7ce7a3f62c
feat: change pj token to year/aa/bb/token to spread pjs under namespaces
2023-06-26 13:50:18 +02:00
kleph
976f46717b
prevent /ping requests from being written in centralized_logs
...
fix #8926
2023-06-21 17:11:32 +02:00
mfo
ab1399da57
Merge pull request #9209 from mfo/US/intercept-email-delivering
...
amelioration(email_event): re-lever une erreur dans un rescue_from ne la fait pas remonter. change de stratégie pour savoir si oui ou non un mail a ete envoye avec success.
2023-06-20 14:55:49 +00:00
Martin
9b2d05b8a1
amelioration(email_event): re-lever une erreur dans un rescue_from ne la fait pas remonter. change de stratégie pour savoir si oui ou non un mail a ete envoye avec success.
2023-06-20 13:39:29 +02:00
Eric Leroy-Terquem
98cdc63d5c
add rerouting feature flag
2023-06-15 14:34:02 +02:00
Paul Chavard
10524643fb
fix(hack): fix and test hack for procedures using groupe instructeur api
2023-06-14 19:24:58 +01:00
simon lehericey
f85fa08415
fix: sentry use http_proxy if available
2023-06-09 11:03:04 +02:00
Colin Darie
2a948c6145
chore(dev): report to CSP_REPORT_URI instead of non existing /csp
2023-06-01 19:11:20 +02:00
Colin Darie
de0626eb7a
feat(pj): accepts audio .m4a, .aac, .wav as attachment
...
Closes #9082
2023-05-31 12:52:22 +02:00
krichtof
0051face93
Merge pull request #9014 from demarches-simplifiees/8859-default_zones
...
Etq admin, lors de la création ou modification d'une démarche, des zones par défaut me sont suggérées
2023-05-26 17:25:21 +00:00
Colin Darie
60733ce44e
Merge pull request #9089 from colinux/update-sentry
...
ETQ tech je mets à jour Sentry pour essayer d'avoir de meilleures traces
2023-05-25 12:14:17 +00:00
Colin Darie
9c71ddd257
chore(sentry): increase trace sample rate for PATCH/POST requests
2023-05-24 18:46:12 +02:00
Christophe Robillard
9a38ec1184
prepare cohabitation of multiple versions of api entreprise
2023-05-24 11:34:29 +02:00
Paul Chavard
e1a25ee0e5
chore(sentry): read sentry release information from version file
2023-05-24 09:41:39 +02:00
Christophe Robillard
53dd2955e4
add tchap hs adapter
2023-05-16 09:40:53 +02:00
Colin Darie
97049f7b2e
chore(lograge): fix rails 7 initialization with ApplicationLogSubscriber
2023-05-03 13:18:09 +02:00
Colin Darie
2144c69e22
chore: disable cookies rotation until we enforce SHA256 digests
2023-05-03 11:35:32 +02:00
Colin Darie
ae88c1de6b
fix(devise): default config for devise and turbo stream as navigational format
2023-05-03 11:35:32 +02:00
Colin Darie
33a1e0f22d
fix(loading): in initializer, dolist must be manually loaded
2023-05-03 11:35:31 +02:00
Colin Darie
b3099214b1
chore(rails): we already use json as cookies_serializer
2023-05-03 11:35:31 +02:00
Nicolas Cavigneaux
9097664de5
chore: activate new config defaults for Rails 7 that should be compatible with current version
2023-05-03 11:35:30 +02:00
Nicolas Cavigneaux
6eef70750b
feat: add initializer to handle encrypted cookies rotation
...
This is needed to keep them working when switching from Rails 6.1 to Rails 7.0
2023-05-03 11:35:29 +02:00
Nicolas Cavigneaux
5ee60cbb0c
chore: update and default initializer for Rails 7
2023-05-03 11:35:29 +02:00
Nicolas Cavigneaux
c1453c5f5c
fix: ensure turbo_stream request are not considered as navigational
2023-05-03 11:35:28 +02:00
Nicolas Cavigneaux
00e640a21d
fix Zeitwerk check
2023-05-03 10:10:38 +02:00
Nicolas Cavigneaux
42689e34ba
chore: bump Rails (and required dependencies) to 7.0.4.2
2023-05-03 10:10:38 +02:00
simon lehericey
07d3496300
spec: always enable super_admin_otp for spec
2023-04-28 10:24:14 +02:00
Colin Darie
5cc2712873
refactor(dolist): drop smtp deliver method
2023-04-27 10:09:29 +02:00
Colin Darie
f7a80eb905
fix: dolist module/class mismatch
2023-04-27 10:09:00 +02:00
Paul Chavard
63b7a83689
feat(graphql): log dossier and procedure id on dossier fetch endoint
2023-04-19 18:00:08 +02:00
Colin Darie
9728493bda
Merge pull request #8924 from colinux/rubocop-upgrades
...
Tech: update rubocop, active nouveaux cops Rails/*
2023-04-19 13:37:10 +00:00
Colin Darie
b273e7b67e
chore(rubocop): fix Rails/RootPathnameMethods and assimiled cops
2023-04-19 12:55:13 +02:00
Martin
534ce34f87
amelioration(Dolist::ApiSender): lève une Dolist::IgnorableError afin de l'inscrire dans l'historique des EmailEvent
2023-04-19 11:22:13 +02:00
Martin
8fa2bbb67d
amelioration(dolist): ne log erreurs pas les erreurs dans sentry lorsque le contact chez dolist est injoingable ou hardbounce
2023-04-19 11:22:13 +02:00
Paul Chavard
a5733002ed
feat(graphql): improuve logs
2023-04-05 13:56:26 +02:00
Eric Leroy-Terquem
6f6bbd6ca1
feat(routing): put routing logic behind a feature flag
2023-03-30 10:52:53 +02:00
Colin Darie
b012d00745
Merge pull request #8814 from demarches-simplifiees/webinaire-link-fix
...
Webinaire link fix
2023-03-29 11:59:23 +00:00
Julie Salha
ed3b2cca6f
update content statement
2023-03-27 10:39:56 +02:00
Colin Darie
9a38da09ed
Merge pull request #8762 from demarches-simplifiees/8589-legal-notice
...
Accessibilité: internalise la page de mentions légales
2023-03-27 08:12:34 +00:00
Colin Darie
6d3c0de2ab
fix(legal): use constant url
2023-03-23 19:01:19 +01:00
Chaïb Martinez
3912f5c93b
update link
2023-03-23 16:49:41 +01:00
krichtof
da49497f0b
Merge pull request #8726 from demarches-simplifiees/disable-otp-4-super-admin
...
desactive le 2FA suivant la config
2023-03-20 10:34:27 +00:00
Colin Darie
c850986c96
chore: log pid for each request
2023-03-15 14:44:31 +01:00
Colin Darie
86f15b8c05
chore(job): config delayed job for long-living export jobs
2023-03-08 18:37:41 +01:00
Christophe Robillard
6af01077b6
disable 2FA according to config
...
2FA is disabled for superadmin unless `SUPER_ADMIN_OTP_ENABLED` is equal
to `enabled` (default value)
2023-03-02 13:47:48 +01:00
Eric Leroy-Terquem
3aa7793ed3
fix(groupe_instructeurs): can parse a monocolumn csv file
2023-02-22 09:49:26 +01:00
Paul Chavard
6f67ea09bb
fix(lograge): send client_ip and request_id to es
2023-02-08 20:09:19 +01:00
Paul Chavard
f22cc8812b
secu(graphql): log full queries and variables
2023-02-08 15:10:27 +01:00
Colin Darie
cb98bbad21
Revert "chore(sentry): more traces"
2023-02-06 11:52:30 +01:00
mfo
3cbb491cfc
Merge pull request #8574 from colinux/more-sentry-traces
...
chore(sentry): more traces
2023-02-06 11:01:06 +01:00
Colin Darie
b3702f4224
chore(sentry): more traces
2023-02-06 10:58:38 +01:00
Martin
6a25120f80
amelioration(dolist_api): echoue avec un fail pour remonter dans notre gestion des retry
2023-02-03 17:19:36 +01:00
Martin
2de9026c13
amelioration(dolist_api): forward le message_id afin de faciliter les investigations
2023-02-03 17:19:36 +01:00
Martin
709a9e82a2
amelioration(dolist): prepare l'usage de dolist par api
...
amelioration(email): ajoute la delivery_method dolist_api pour envoyer les mails via l'api comme recommandé par le fournisseur
2023-02-03 17:19:36 +01:00
Damien Le Thiec
493a60f221
Add prefill api to rack_attack
2023-01-11 15:35:43 +01:00
François Vantomme
eb812032e1
security(csp): whitelist amazon AWS for S3 storage
2023-01-11 12:59:19 +01:00
François Vantomme
08d276472b
refactor(links): use localized FAQ URLs
2023-01-11 11:28:03 +01:00
Colin Darie
05b517a847
fix(mailer): observers on balancer and balanced delivery methods
...
- Les observers doivent être déclarés *avant*
le chargement de nos delivery methods (Sendinblue & Dolist),
sinon ils seront ignorés par ces derniers
- dans le balancer, on ne peut pas appeler `.deliver` une seconde fois,
sinon les observers (et interceptors) sont invoqués deux fois.
2023-01-11 00:57:16 +01:00
Colin Darie
6cb2389eef
chore(email): add an observer which log the emails dispatched
2023-01-10 16:07:35 +01:00
François Vantomme
043dde8841
refactor(env): remove useless DOSSIER_DEPOSIT_RECEIPT_LOGO_SRC var
2022-12-22 19:44:57 +01:00
simon lehericey
172a9d5599
feat(timestamp): add certigna
2022-12-07 19:28:01 +01:00
simon lehericey
8771205679
clean(flipper): remove unused expert_not_allowed_to_invite
2022-12-05 12:22:29 +01:00
simon lehericey
905e3ab64e
clean(flipper): remove unused gates
2022-12-05 12:22:29 +01:00
simon lehericey
ebd68484df
clean(flipper): remove unused groups
2022-12-05 12:22:29 +01:00
Paul Chavard
07173401de
fix(graphql): load playground from CDN
2022-11-17 15:50:05 +01:00
mfo
98b9547c36
Merge pull request #8017 from adullact/feature/self-hosted-sentry
...
Accepter les instances auto-hébergées de Sentry dans la Content Security Policy
2022-11-17 09:22:08 +01:00
Paul Chavard
6ad057dcee
feat(graphql): upgrade playground version
2022-11-15 11:48:29 +01:00
François Vantomme
9bdce77faa
chore(csp): allow self-hosted Sentry
2022-11-08 09:49:45 +01:00
Paul Chavard
7de52d582a
feat(conditional): remove conditional feature flag
2022-11-04 13:37:37 +00:00
Eric Leroy-Terquem
09c5b9dc99
remove categories_type_de_champ feature flag
2022-11-03 14:28:27 +01:00
Kara Diaby
b5b57b066f
config initializers administrate
2022-11-02 10:19:43 +01:00
Colin Darie
72363eea48
chore(delayed_job/sentry): sample traces different from Rails requests
2022-10-26 22:57:41 +02:00
Colin Darie
59c93833a1
chore(delayed_job/sentry): don't wait for all (~25) attempts before reporting
2022-10-26 22:57:41 +02:00
simon lehericey
097082afc9
fix(dolist): reduce message name variability
2022-10-20 15:29:56 +02:00
simon lehericey
1cd0d45ece
chore: mini profiler ignore vite routes
2022-10-06 16:56:26 +02:00
Eric Leroy-Terquem
ff2e9f0816
add feature flag
2022-10-05 09:21:08 +02:00
Martin
7125e8538a
clean(engagement): remove last pieces of engagement champs
2022-10-04 07:17:47 +02:00
Christophe Robillard
8303df7263
update saml idp config
2022-10-03 13:41:58 +02:00
Colin Darie
5f08df7561
refactor(dsfr/button): remove useless & verbose Dsfr::ButtonComponent, in favor of good link_to / f.submit
2022-09-07 17:56:19 +02:00
Colin Darie
3148266b49
refactor(rgaa/contact): inject invisible_captcha styles into head instead of div
2022-08-31 17:46:04 +02:00
Christophe Robillard
f77c0fdfe4
add saml sp only if vars present
2022-08-25 21:31:14 +02:00
Christophe Robillard
3d175f107e
add dolist saml config
2022-08-23 15:05:20 +02:00
Paul Chavard
f48048179c
fix(conditional): enable conditional per procedure
2022-08-03 09:16:10 +02:00
simon lehericey
5d5f46b4d8
instances : prawn does not like svg
...
win 10% on pdf generation
2022-07-20 15:48:16 +02:00
Martin
87af7f3261
feat(exports): implement admin export
2022-07-20 14:08:33 +02:00
Paul Chavard
ea18c2b9ba
chore(build): use vitejs
2022-06-23 15:22:54 +02:00
Pierre de La Morinerie
c1616adf8c
app: remove procedure-estimated-fill-time feature-flag
...
The feature is now enabled for every procedure.
Ref #7338
2022-06-01 11:11:55 +02:00
Pierre de La Morinerie
149c6399f5
view: properly hide labels of the datetime selector
...
The accessibility labels where not properly hidden, which
resulted in the labels being visible and stacked vertically.
2022-05-31 15:35:40 +02:00
Pierre de La Morinerie
3e91a16895
app: display estimated fill duration on procedure description
2022-05-25 10:39:15 +02:00
Pierre de La Morinerie
4fcb85fd65
app: remove procedure_dossier_papertrail feature flag
...
The feature is now enabled for all procedures.
2022-05-24 17:32:11 +02:00
simon lehericey
faae2f55d8
Flipper: remove deprecated conf
...
https://github.com/jnunemaker/flipper/pull/523
2022-05-16 16:10:35 +02:00
Paul Chavard
9e0b3b642f
cleanup(sendinblue): remove sendinblue tracking
2022-05-06 11:14:44 +02:00
Martin
3737311390
feat(procedure.procedure_expires_when_termine_enabled): enable by default, allow contributor to choose the default settings of this flag using an env var during migration. ie: DEFAULT_PROCEDURE_EXPIRES_WHEN_TERMINE_ENABLED=true|false
...
feat(administrateurs/procedures#show): warning/alert when procedure_expires_when_termine_enabled is not true on current procedure
feat(administrateur/procedure#update): after an update redirect to procedure show: suggested by: https://ux.stackexchange.com/questions/55291/after-updating-form-should-redirect-back-to-form-itself-or-to-the-show-page-or-b and confirmed by Olivier
clean(Flipper.archive_zip_globale): no more in use, so remove all occurences
Update app/views/administrateurs/procedures/_suggest_expires_when_termine.html.haml
Co-authored-by: Pierre de La Morinerie <kemenaran@gmail.com>
Update app/views/administrateurs/procedures/_suggest_expires_when_termine.html.haml
Co-authored-by: Pierre de La Morinerie <kemenaran@gmail.com>
Update app/views/administrateurs/procedures/_suggest_expires_when_termine.html.haml
Co-authored-by: Pierre de La Morinerie <kemenaran@gmail.com>
Update spec/views/administrateurs/procedures/show.html.haml_spec.rb
Co-authored-by: Pierre de La Morinerie <kemenaran@gmail.com>
fix(review): typo, why ena?, who knows
fix(env.example.optional): add missing DEFAULT_PROCEDURE_EXPIRES_WHEN_TERMINE_ENABLED
2022-05-05 13:07:11 +02:00
Pierre de La Morinerie
9bc5364ca2
app: add controller and view to generate a deposit receipt
2022-05-04 16:09:52 +02:00
Pierre de La Morinerie
fe56b7bb68
config: add papertrail feature-flag
2022-05-04 16:09:52 +02:00
Martin
a0df24b631
clean(SMTP.balancing): remove some env vars
2022-05-03 16:46:35 +02:00
simon lehericey
ea361643be
types_de_champ -> types_de_champs_public
2022-05-03 11:05:24 +02:00
simon lehericey
aa0ef955d5
dolist config
2022-04-28 15:48:54 +02:00
Paul Chavard
433c01b1e6
Revert "Merge pull request #7137 from betagouv/faster_pdf"
...
This reverts commit 9da44bd913
, reversing
changes made to ebac71796c
.
2022-04-12 19:22:07 +02:00
simon lehericey
af27af7900
! instances : prawn does not like svg
...
win 10% on pdf generation
2022-04-12 11:56:56 +02:00
Martin
7c0e8e406b
fix(users/profiles#update): allow people from @assurance-maladie.fr to be a target email when user change his email
2022-04-06 16:07:25 +02:00
Paul Chavard
44c64669e9
Revert "Merge pull request #6787 from tchak/use-vite"
...
This reverts commit 5d572727b5
, reversing
changes made to 43be4482ee
.
2022-03-31 12:07:52 +02:00
simon lehericey
250b699664
remove duplicate csp
2022-03-29 16:27:08 +02:00
Paul Chavard
187e84a010
feat(assets): use vitejs to build javascript
2022-03-29 16:27:08 +02:00
simon lehericey
7ecf20ce75
harden email validation
2022-03-24 13:00:54 +01:00
Pierre de La Morinerie
2e04435117
gems: add strong_migrations
2022-03-16 10:30:25 +01:00
François Vantomme
d5cd0101c8
feat(footer): customize using custom views & locales
2022-03-10 17:31:20 +01:00
Pierre de La Morinerie
3481d27cba
config: block browser external connections during system tests
...
During system tests, we don't want the headless browser to load
external resources:
- It is faster (we don't wait for external resources to be loaded)
- It avoids leaking our test setup to external service
Fixes #6982
2022-02-22 17:24:25 +01:00
Pierre de La Morinerie
6d5f44d489
config: translate the CSP comments from french to english
2022-02-22 17:17:55 +01:00
Pierre de La Morinerie
c2729ab7e2
config: add Matomo to the frame_src
Content Security Policy
...
Solves the Matomo iframe being blocked on `/suivi`. Fix #5868
2022-02-15 15:56:53 +01:00
Pierre de La Morinerie
3276db016f
config: add Matomo to the connect_src
Content Security Policy
...
Solves Matomo connections being blocked. Fix #6949
2022-02-15 15:56:53 +01:00
Pierre de La Morinerie
6fa52e8a5a
config: report CSP violations to report-uri
2022-02-15 12:49:52 +01:00
Pierre de La Morinerie
0b2775a1a6
config: add back DS_PROXY_URL to CSP
...
Otherwise a bunch of "static.demarches-simplifiees.fr" domains would
be missing.
2022-02-15 12:49:52 +01:00
François Vantomme
d5f207d98c
refactor(url): use env variables in content security policies
2022-02-15 12:49:52 +01:00
Jon
31996c7d09
chore(smtp): add mailcatcher configuration
2022-02-15 09:34:07 +01:00
François Vantomme
ac915494df
feat(landing): hide testimonial & users sections
2022-02-15 08:49:23 +01:00
François Vantomme
e8f62e78fe
feat(matomo): configure Matomo iframe URL with an env variable
2022-02-09 12:44:13 +01:00
Pierre de La Morinerie
3e20ea13d8
Revert "Utilisation des variables d'environnement lors de la déclaration des Content Security Policies"
2022-02-08 22:20:08 +01:00
François Vantomme
8eaecd184a
refactor(url): use env variables in content security policies
2022-02-08 15:15:55 +01:00
Pierre de La Morinerie
847abca122
config: simplify mailer configuration again
...
Move everything to initializers, and replace the email settings
interceptor by a BalancerDeliveryMethod.
It has the advantage that it can be configured entirely from the
`config/environment.rb` file, without an extra file to look at.
2022-02-08 12:44:43 +01:00
François Vantomme
51cfd3d7ad
feat(env): add env variables for the provider data
2022-02-04 18:20:06 +01:00
Pierre de La Morinerie
387701e7cb
config: add a new SAML_IDP_ENABLED env var
...
This fixes the app crashing on launch when using the production profile,
because the certificates are not present.
2022-01-26 16:45:50 +01:00
Martin
252eee272b
feat(support#create): block with invisible captcha [avoid painful captcha]
2022-01-04 14:49:00 +01:00
Pierre de La Morinerie
d524beee4e
app: remove :instructeur_bypass_email_login_token
from Flipper
2021-12-02 08:51:52 +01:00
simon lehericey
c4cde500ce
fix acsv
2021-11-30 09:42:45 +01:00
simon lehericey
3316dfc866
reopen openid_connect gem to support AC encrypted jwt response
2021-11-23 14:17:59 +01:00
simon lehericey
45ce274721
add agent connect secrets
2021-11-23 14:17:59 +01:00
Paul Chavard
1adafd22d0
fix(graphql): add graphql_operation to lograge
2021-11-04 16:18:10 +01:00
Pierre de La Morinerie
d0e87a08cf
services: cache zxcvbn dictionaries per-thread
...
Before, every time a password was tested, the dictionaries were parsed
again by zxcvbn.
Parsing dictionaries is slow: it may take up to ~1s. This doesn't matter
that much in production, but it makes tests very slow (because we tend
to create a lot of User records).
With this changes, the initializer tester is shared between calls, class
instances and threads. It is lazily loaded on first use, in order not to
slow down the application boot sequence.
This uses ~20 Mo of memory (only once for all threads), but makes tests
more that twice faster.
For instance, model tests go from **8m 21s** to **3m 26s**.
NB:
An additionnal optimization could be to preload the tester on
boot, before workers are forked, to take advantage of Puma copy-on-write
mechanism. In this way all forked workers would use the same cached
instance.
But:
- We're not actually sure this would work properly. What if Ruby updates
an interval ivar on the class, and this forces the OS to copy the
whole data structure in each fork?
- Puma phased restarts are not compatible with copy-on-write anyway.
So we're avoiding this optimisation for now, and take the extra 20 Mo
per worker.
2021-10-25 12:04:56 +02:00
simon lehericey
738d08a1d9
change in whitelist
2021-10-19 21:07:24 +02:00
simon lehericey
44c880adc4
allow instructeur and administrateur to change their email to legit domain ( #6550 )
2021-10-19 15:54:57 +02:00
simon lehericey
b69dafc3d4
CNAF in lowercase
2021-10-12 14:26:40 +02:00
Pierre de La Morinerie
0b02fce5e4
jobs: move ActiveJobLogSubscriber out of initializers
...
This is a class of its own, it doesn't need to be in the initializers.
2021-10-12 11:40:19 +02:00
kara Diaby
eb951c75e4
change stats colors
2021-09-28 14:49:24 +02:00