Commit graph

451 commits

Author SHA1 Message Date
Martin
a0df24b631 clean(SMTP.balancing): remove some env vars 2022-05-03 16:46:35 +02:00
simon lehericey
ea361643be types_de_champ -> types_de_champs_public 2022-05-03 11:05:24 +02:00
simon lehericey
aa0ef955d5 dolist config 2022-04-28 15:48:54 +02:00
Paul Chavard
433c01b1e6 Revert "Merge pull request #7137 from betagouv/faster_pdf"
This reverts commit 9da44bd913, reversing
changes made to ebac71796c.
2022-04-12 19:22:07 +02:00
simon lehericey
af27af7900 ! instances : prawn does not like svg
win 10% on pdf generation
2022-04-12 11:56:56 +02:00
Martin
7c0e8e406b fix(users/profiles#update): allow people from @assurance-maladie.fr to be a target email when user change his email 2022-04-06 16:07:25 +02:00
Paul Chavard
44c64669e9 Revert "Merge pull request #6787 from tchak/use-vite"
This reverts commit 5d572727b5, reversing
changes made to 43be4482ee.
2022-03-31 12:07:52 +02:00
simon lehericey
250b699664 remove duplicate csp 2022-03-29 16:27:08 +02:00
Paul Chavard
187e84a010 feat(assets): use vitejs to build javascript 2022-03-29 16:27:08 +02:00
simon lehericey
7ecf20ce75 harden email validation 2022-03-24 13:00:54 +01:00
Pierre de La Morinerie
2e04435117 gems: add strong_migrations 2022-03-16 10:30:25 +01:00
François Vantomme
d5cd0101c8 feat(footer): customize using custom views & locales 2022-03-10 17:31:20 +01:00
Pierre de La Morinerie
3481d27cba config: block browser external connections during system tests
During system tests, we don't want the headless browser to load
external resources:

- It is faster (we don't wait for external resources to be loaded)
- It avoids leaking our test setup to external service

Fixes #6982
2022-02-22 17:24:25 +01:00
Pierre de La Morinerie
6d5f44d489 config: translate the CSP comments from french to english 2022-02-22 17:17:55 +01:00
Pierre de La Morinerie
c2729ab7e2 config: add Matomo to the frame_src Content Security Policy
Solves the Matomo iframe being blocked on `/suivi`. Fix #5868
2022-02-15 15:56:53 +01:00
Pierre de La Morinerie
3276db016f config: add Matomo to the connect_src Content Security Policy
Solves Matomo connections being blocked. Fix #6949
2022-02-15 15:56:53 +01:00
Pierre de La Morinerie
6fa52e8a5a config: report CSP violations to report-uri 2022-02-15 12:49:52 +01:00
Pierre de La Morinerie
0b2775a1a6 config: add back DS_PROXY_URL to CSP
Otherwise a bunch of "static.demarches-simplifiees.fr" domains would
be missing.
2022-02-15 12:49:52 +01:00
François Vantomme
d5f207d98c refactor(url): use env variables in content security policies 2022-02-15 12:49:52 +01:00
Jon
31996c7d09 chore(smtp): add mailcatcher configuration 2022-02-15 09:34:07 +01:00
François Vantomme
ac915494df feat(landing): hide testimonial & users sections 2022-02-15 08:49:23 +01:00
François Vantomme
e8f62e78fe feat(matomo): configure Matomo iframe URL with an env variable 2022-02-09 12:44:13 +01:00
Pierre de La Morinerie
3e20ea13d8
Revert "Utilisation des variables d'environnement lors de la déclaration des Content Security Policies" 2022-02-08 22:20:08 +01:00
François Vantomme
8eaecd184a refactor(url): use env variables in content security policies 2022-02-08 15:15:55 +01:00
Pierre de La Morinerie
847abca122 config: simplify mailer configuration again
Move everything to initializers, and replace the email settings
interceptor by a BalancerDeliveryMethod.

It has the advantage that it can be configured entirely from the
`config/environment.rb` file, without an extra file to look at.
2022-02-08 12:44:43 +01:00
François Vantomme
51cfd3d7ad
feat(env): add env variables for the provider data 2022-02-04 18:20:06 +01:00
Pierre de La Morinerie
387701e7cb config: add a new SAML_IDP_ENABLED env var
This fixes the app crashing on launch when using the production profile,
because the certificates are not present.
2022-01-26 16:45:50 +01:00
Martin
252eee272b feat(support#create): block with invisible captcha [avoid painful captcha] 2022-01-04 14:49:00 +01:00
Pierre de La Morinerie
d524beee4e app: remove :instructeur_bypass_email_login_token from Flipper 2021-12-02 08:51:52 +01:00
simon lehericey
c4cde500ce fix acsv 2021-11-30 09:42:45 +01:00
simon lehericey
3316dfc866 reopen openid_connect gem to support AC encrypted jwt response 2021-11-23 14:17:59 +01:00
simon lehericey
45ce274721 add agent connect secrets 2021-11-23 14:17:59 +01:00
Paul Chavard
1adafd22d0 fix(graphql): add graphql_operation to lograge 2021-11-04 16:18:10 +01:00
Pierre de La Morinerie
d0e87a08cf services: cache zxcvbn dictionaries per-thread
Before, every time a password was tested, the dictionaries were parsed
again by zxcvbn.

Parsing dictionaries is slow: it may take up to ~1s. This doesn't matter
that much in production, but it makes tests very slow (because we tend
to create a lot of User records).

With this changes, the initializer tester is shared between calls, class
instances and threads. It is lazily loaded on first use, in order not to
slow down the application boot sequence.

This uses ~20 Mo of memory (only once for all threads), but makes tests
more that twice faster.

For instance, model tests go from **8m 21s** to **3m 26s**.

NB:
An additionnal optimization could be to preload the tester on
boot, before workers are forked, to take advantage of Puma copy-on-write
mechanism. In this way all forked workers would use the same cached
instance.

But:

- We're not actually sure this would work properly. What if Ruby updates
  an interval ivar on the class, and this forces the OS to copy the
  whole data structure in each fork?
- Puma phased restarts are not compatible with copy-on-write anyway.

So we're avoiding this optimisation for now, and take the extra 20 Mo
per worker.
2021-10-25 12:04:56 +02:00
simon lehericey
738d08a1d9 change in whitelist 2021-10-19 21:07:24 +02:00
simon lehericey
44c880adc4 allow instructeur and administrateur to change their email to legit domain (#6550) 2021-10-19 15:54:57 +02:00
simon lehericey
b69dafc3d4 CNAF in lowercase 2021-10-12 14:26:40 +02:00
Pierre de La Morinerie
0b02fce5e4 jobs: move ActiveJobLogSubscriber out of initializers
This is a class of its own, it doesn't need to be in the initializers.
2021-10-12 11:40:19 +02:00
kara Diaby
eb951c75e4 change stats colors 2021-09-28 14:49:24 +02:00
simon lehericey
75043070da add CNAFAdapter 2021-09-22 12:08:24 +02:00
Pierre de La Morinerie
b4e850b88b config: remove old retro-compatibility Job constants
These constants were defined so that existing enqueued jobs wouldn't
fail during the app upgrade.

These jobs are long gone. Let's remove the compatibility code.
2021-09-21 10:43:33 -05:00
Paul Chavard
eea6b961d7 refactor(routage): remove administrateur_routage feature flag 2021-09-18 11:21:26 +02:00
simon lehericey
69bb174e29 add feature flipped link to add api particulier token
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:56:42 +02:00
simon lehericey
620a5374e8 Add api particulier url in conf
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:37:04 +02:00
Peng-Fei DONG
1979c44f9c set OTP: Enable or Disable 2021-09-09 10:25:15 -05:00
Pierre de La Morinerie
407f46b7de gems: remove smart_listing
It was only used in the old design, which we recently removed
completely.
2021-09-09 09:58:41 -05:00
Ismael MOUSSA S. (T0194673)
9d012d51e8 delete features flag option : 'make_experts_notifiable' 2021-09-07 10:49:20 +02:00
Paul Chavard
ffa8c0c80a feat(dossiers): enable dossiers termine expiration behind feature flag
feature flag "procedure_process_expired_dossiers_termine" controls if a procedure has expiration
enabled on dossiers termine

re #3796
2021-08-18 16:11:35 +01:00
Pierre de La Morinerie
9eb2e13d43 config: report job exceptions after max retry count reached
Previously Sentry reported job exceptions even if a retry
strategy was specified. So we had to ignore retried job exceptions
entirely.

Since sentry-delayed-job 0.4.4, we can instead let Sentry report
job exceptions when the retry count is exhausted. Which is
exactly the behavior we want.
2021-07-01 15:06:14 +02:00
Paul Chavard
7cb2f91fea Add revisions feature flag 2021-06-23 09:40:07 +02:00