Pierre de La Morinerie
414e216972
Merge pull request #6363 from betagouv/main
2021-07-23 09:06:18 +02:00
Pierre de La Morinerie
3283009be0
Merge pull request #6362 from betagouv/add-unique-contraints
...
Ajout de contraintes d'unicités supplémentaires sur Champs, DeletedDossiers et Etablissements (#6362 )
2021-07-23 08:57:10 +02:00
Pierre de La Morinerie
888e33ba4d
lint: ensure all unique columns have a unique constraint
2021-07-22 18:00:39 +02:00
Pierre de La Morinerie
02120c7c5f
db: add uniqueness constraints to Etablissement
2021-07-22 18:00:34 +02:00
Pierre de La Morinerie
dea3395c91
db: add uniqueness constraints to DeletedDossiers
2021-07-22 17:57:11 +02:00
Pierre de La Morinerie
3d25fc995a
db: add uniqueness constraints to Champs
2021-07-22 17:56:14 +02:00
Pierre de La Morinerie
0fd23ebd43
db: fix schema.rb leftovers
2021-07-22 17:55:47 +02:00
Pierre de La Morinerie
0202747a9d
Merge pull request #6360 from betagouv/redirect-to-sign-in-on-autosave-401
...
En cas de déconnexion, l'Usager en train de remplir un formulaire est redirigé vers la page de connexion (#6360 )
2021-07-22 12:06:49 +02:00
Pierre de La Morinerie
e1909ed29f
brouillon: redirect to sign-in when disconnected
...
There are two cases where the draft auto-save might fail because the
user is no longer authenticated:
- The user signed-out in another tab,
- The brower quit and re-opened, so the Session cookie expired.
In both cases, the auto-save will never succeed until the user
authenticates again, so displaying a "Retry" button is cruel.
Moreover, in plus of all auto-save requests failing with a small error,
the actual hard failure only occurs after filling all the form and
trying to submit it. Then the user is redirected to the sign-in page –
but all their changes are lost.
Instead, we now redirect to the sign-in page on the first 401 error
during the auto-save, let the user sign-in, and then redirect back to
the form.
2021-07-22 11:58:02 +02:00
Pierre de La Morinerie
7808f6dd4f
js: document utils.ajax()
2021-07-22 11:58:02 +02:00
Pierre de La Morinerie
c6fff58f38
js: fix typo in comment
2021-07-22 11:58:01 +02:00
Pierre de La Morinerie
071d9145ca
js: don't attempt to log unexistent statusText
2021-07-22 11:58:01 +02:00
Paul Chavard
99b836da2c
Merge pull request #6357 from tchak/fix-false-positive-unspecified-tags-messages
...
Fix false positive unspecified tags messages
2021-07-22 11:23:35 +02:00
Paul Chavard
388fb39eb5
Fix false positive blank champ warnings
2021-07-22 10:45:25 +02:00
Paul Chavard
ac0f50b488
Improuve champ blank check
2021-07-22 10:45:25 +02:00
Pierre de La Morinerie
38b73f0fee
Merge pull request #6355 from betagouv/remove-filters-migration-leftover
...
Suppression de la clef "migrated": true sur les filtres des ProcedurePresentation (#6355 )
2021-07-20 17:00:59 +02:00
Pierre de La Morinerie
fd74d9a062
lib: remove the 'migrated' key on filters
...
In a9a4f6e2a8
, a task to migrate
ProcedurePresentation's filters was added.
This task added a "migrated: true" key to all migrated filters.
Now that this task has run, we can safely remove the extra key.
2021-07-20 16:51:32 +02:00
Pierre de La Morinerie
38c4da2deb
lib: document ProgressReport usage
2021-07-20 16:51:32 +02:00
Pierre de La Morinerie
9f9e1fdab7
Merge pull request #6354 from betagouv/remove-outdated-tasks
...
Suppression d'anciennes tâches Rake (#6354 )
2021-07-20 16:38:08 +02:00
Pierre de La Morinerie
fda59c9231
lib: remove outdated tasks
2021-07-20 15:34:31 +02:00
Paul Chavard
f0c81517f4
Merge pull request #6353 from betagouv/main
...
2021-07-20-03
2021-07-20 15:13:10 +02:00
Paul Chavard
2ecfa4ce66
Merge pull request #6352 from betagouv/limit-filter-size
...
Instructeurs : limitation de la valeur d'un filtre à 100 caractères
2021-07-20 15:02:53 +02:00
Pierre de La Morinerie
32ab2f0a80
instructeur: limit the maximum size of a filter value
...
This prevents the URL from exceeding the max size, and
causing '414: Request-URI too large' errors.
2021-07-20 14:49:48 +02:00
lydiasan
4efd160cad
Merge pull request #6112 from betagouv/edition-dossiers
...
i18n: traduction dossiers/edition
2021-07-20 14:29:33 +02:00
lydiasan
7de10731a6
i18n: localize dossiers edition
2021-07-20 14:18:20 +02:00
Paul Chavard
b7c0a42fd5
Merge pull request #6349 from tchak/fix-communes-autocomplete
...
Get more results from communes API and use local matcher
2021-07-20 13:44:41 +02:00
Paul Chavard
c7b0b8495b
Get more results from communes API and use local matcher
2021-07-20 13:34:17 +02:00
Pierre de La Morinerie
6b948f1bd6
Merge pull request #6351 from betagouv/main
2021-07-20 13:20:41 +02:00
Pierre de La Morinerie
a08815d95f
Merge pull request #6332 from betagouv/fix-csrf-with-long-lived-cookie
...
Correctif pour diminuer le nombre d'erreurs InvalidAuthenticityToken ("La requête a été rejetée") (#6332 )
2021-07-20 13:11:41 +02:00
Pierre de La Morinerie
5b4f7f9ae9
app: restore the default cache settings
...
We initially did that to avoid a browser being restarted to display a
cached form with a stale CSRF token – thus provoking an
InvalidAuthenticityToken exception when the form is submitted.
But now that we use a long-lived CSRF token, we can submit forms with
a stale CSRF token successfully (because the long-lived CSRF cookie)
is still valid – so we no longer need to change the HTML cache behavior.
This fixes issues where the browser Back button wants to display a
previous POST document, but can't because of the 'no-store' setting. In
this case the browser either displays an error, or re-attempts the POST
request (without any cookies), which results in an
InvalidAuthenticityToken exception.
See `docs/adr-csrf-forgery.md` for more explanations.
2021-07-20 11:11:52 +02:00
Pierre de La Morinerie
831672391e
app: use a long-lived cookie for CSRF token
...
See the ADR document for rationale.
2021-07-20 11:11:52 +02:00
Pierre de La Morinerie
446c57ed63
specs: add a feature test for forgery protection
2021-07-20 11:11:52 +02:00
Pierre de La Morinerie
a03d8d0705
controllers: remove useless handle_verified_request
override
...
This is a leftover of 09933454ff
2021-07-20 11:11:52 +02:00
Pierre de La Morinerie
da3af3218b
Merge pull request #6348 from betagouv/main
2021-07-20 09:40:20 +02:00
Pierre de La Morinerie
eec82b3798
Merge pull request #6339 from betagouv/update-sentry-javascript
...
Mise à jour du SDK de Sentry (#6339 )
2021-07-20 09:31:12 +02:00
Pierre de La Morinerie
63cde95fc9
js: ignore errors generated by a Microsoft crawler
...
Sentry has a lot of Javacript errors stating:
> UnhandledRejection: Non-Error promise rejection captured with value: Object Not Found Matching Id:2
This is apparently caused by a Microsoft crawler (maybe for scanning
targets of email links), and can be safely ignored.
See https://forum.sentry.io/t/unhandledrejection-non-error-promise-rejection-captured-with-value/14062/12
2021-07-20 09:21:59 +02:00
Pierre de La Morinerie
0dfe4fc899
js: update to @sentry/browser v6.9.0
...
Helps with de-duplicating issues being trigerred in a loop.
See https://github.com/getsentry/sentry-javascript/pull/3730
2021-07-20 09:21:59 +02:00
Pierre de La Morinerie
d4face20d2
Merge pull request #6337 from betagouv/dependabot/bundler/addressable-2.8.0
...
Mise à jour de `addressable` de la version 2.7.0 à 2.8.0 (#6337 )
2021-07-20 09:21:20 +02:00
dependabot[bot]
73935c23e4
build(deps): bump addressable from 2.7.0 to 2.8.0
...
Bumps [addressable](https://github.com/sporkmonger/addressable ) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/sporkmonger/addressable/releases )
- [Changelog](https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sporkmonger/addressable/compare/addressable-2.7.0...addressable-2.8.0 )
---
updated-dependencies:
- dependency-name: addressable
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-07-20 07:13:05 +00:00
Pierre de La Morinerie
695b9b194e
Merge pull request #6334 from betagouv/fix-invalid-checkbox-selection
...
Correction de l'affichage des cases à cocher dans les listes multiples lorsque plusieurs options ont des valeurs similaires (#6334 )
2021-07-20 09:09:38 +02:00
Pierre de La Morinerie
71741c5f98
views: fix checkbox wrongly selected in multiple_drop_down_list
...
The check for whether the checkbox should be checked or not was made by
matching the whole string. Thus, given two options 'valid' and
'invalid', the check for the presence of 'valid' would succeed even when
only 'invalid' was present in the values (because
`'valid'.includes?('invalid')`.
The code now checks against the list of items in the selected_options.
2021-07-20 09:01:07 +02:00
Kara Diaby
068389dde8
Merge pull request #6344 from betagouv/main
...
2021-07-15-01
2021-07-15 17:01:55 +02:00
Kara Diaby
a35d46ebf4
Merge branch 'production' into main
2021-07-15 16:50:25 +02:00
Kara Diaby
40268f5abf
Merge pull request #6343 from betagouv/fix-content-type-csv-import
...
Autorise le content type windows concernant les imports CSV
2021-07-15 16:48:48 +02:00
kara Diaby
0b6c7dace7
tests
2021-07-15 16:32:07 +02:00
kara Diaby
c731f8cf1f
add windows content type to avoid errors
2021-07-15 16:32:07 +02:00
Pierre de La Morinerie
c5bfab1007
Merge pull request #6342 from betagouv/main
2021-07-13 18:43:07 +02:00
Pierre de La Morinerie
ebf0b5ce8f
Merge pull request #6341 from betagouv/revert-6333-limit-filter-size
...
Revert "Instructeurs : limitation de la valeur d'un filtre à 100 caractères" (#6341 )
2021-07-13 18:33:33 +02:00
Pierre de La Morinerie
40b3ea8ad6
Revert "Instructeurs : limitation de la valeur d'un filtre à 100 caractères"
2021-07-13 18:19:46 +02:00
Kara Diaby
832fbb8795
Merge pull request #6340 from betagouv/main
...
2021-07-13-01
2021-07-13 16:00:12 +02:00