Martin
1bb868714c
fix(spec/lint/review): lint and fix spec of previous commits, also fix based on tchak feedback
2021-12-06 07:05:17 +01:00
Martin
d87f8b57cc
feat(instructeurs/procedures#show): add dossier experiant in procedure#show
2021-12-06 07:05:17 +01:00
Martin
2dfbc70d41
feat(instructeur#dossiers_count_summary): add counter for expirants. ignore brouillon
2021-12-06 07:05:17 +01:00
Martin
f8a17b2cc4
feat(procedures#index): add dossiers-expirant to instructeur/procedure#index
2021-12-03 16:32:03 +01:00
Christophe Robillard
9341c787a1
administrateur can add zone to procedure
2021-12-02 19:24:26 +01:00
Pierre de La Morinerie
d524beee4e
app: remove :instructeur_bypass_email_login_token
from Flipper
2021-12-02 08:51:52 +01:00
Pierre de La Morinerie
ac07f05771
app: use Instructeur.bypass_email_login_token
2021-12-02 08:51:52 +01:00
Paul Chavard
46e2e34b89
fix(stats): remove super admin stats
2021-12-01 18:10:05 +01:00
Pierre de La Morinerie
28dfc6a1ba
manager: save bypass_email_login_token to both column and feature
2021-11-30 13:41:25 +01:00
simon lehericey
c4cde500ce
fix acsv
2021-11-30 09:42:45 +01:00
simon lehericey
5a0fb6237f
😭 AASM does not support keyword arguments
...
https://github.com/aasm/aasm/issues/672
2021-11-30 09:42:45 +01:00
Pierre de La Morinerie
184a401182
app: rename new_administrateur
to administrateurs
2021-11-30 08:49:38 +01:00
simon lehericey
a0c0520502
avoid redirection to a deleted user
2021-11-29 15:27:17 +01:00
Kara Diaby
23677956f3
modify controller
2021-11-29 11:34:31 +01:00
Martin
cf82c030e8
hotfix(scoping): try to avoid requesting archived: false when using termine scope, use state_termine instead
2021-11-26 15:09:53 +01:00
kara Diaby
eaac293da3
add a new tab traités on user dossiers
2021-11-26 09:45:13 +01:00
Martin
fdf0f18fda
fix(i18n): wrap text under i18n.t
...
i18n(france_connect/*): replace wording with i18n
fix(lint): i18n key issue
secu(views/france_connect/particulier/merge.html.haml): sanitize france_connect_email just in case
fix(brakeman): sanitize FCI.email_france_connect when used with html_safe via an I18n.t, also add exception to brakeman
2021-11-25 17:34:37 +01:00
Martin
21894d0a0a
feat(france_connect/particulier#callback): in case the FC email exists as an DC account which is an instructor or and administrator, returns early to new_session_path so he can connect with this existing account
2021-11-25 17:34:36 +01:00
Martin
ff073f8884
Add confirmation by email when merging DC/FC accounts
...
feat(fci.confirmation_code): add confirmation code to france_connect_informations
feat(user_mailer.france_connect_confirmation_code): add confirmation by email mail method/preview/spec, pointing to merge_mail_with_existing_account (reuse existing method)
feat(mail_merge): mail merge
feat(merge.cannot_use_france_connect): same behaviour as callback
clean(fci.confirmation_code): use same token for mail validation as merge
feat(resend_france_connect/particulier/merge_confirmation): resend email with link. also enhance some trads, cleanup halfy finished refacto
clean(tech): finalize story by plugging merge_with_new_account to email validation
fix(deadspec): was removed
fix(spec): broken after last refactoring
lint(rubocop): space before parenthesis
lint(haml-lint): yoohoooo space before =
fix(lint): scss now :D
Update app/assets/stylesheets/buttons.scss
cleanup
feat(france_connect): re-add confirm by email, with an option for confirmation by email instead of only confirmation by email
fixup! Add confirmation by email when merging DC/FC accounts
fix(lint): haml_spec failure
2021-11-25 17:34:34 +01:00
mfo
e7d9d047fe
Merge branch 'main' into 6649-etq-usager-instructeur-rendre-la-suppression-plus-visible
2021-11-24 14:07:32 +01:00
Paul Chavard
758e7d68e6
fix(graphql): fix and improuve query parsing for logs
2021-11-24 13:23:05 +03:00
simon lehericey
c5097451ef
add redirect
2021-11-23 14:17:59 +01:00
simon lehericey
5234a1854c
manage AgentConnect callback
2021-11-23 14:17:59 +01:00
simon lehericey
898df449d4
redirect to AgentConnect
2021-11-23 14:17:59 +01:00
simon lehericey
d2432e34eb
AgentConnect UI
2021-11-23 14:17:59 +01:00
mfo
49bb12a70e
Merge branch 'main' into 6649-etq-usager-instructeur-rendre-la-suppression-plus-visible
2021-11-23 11:05:51 +01:00
Pierre de La Morinerie
859a147c49
api: return error cause on parse error
...
Currently, when a query can't be parsed, the error is:
- logged to Sentry (which is useless to us),
- returned as a generic 'Internal Server Error' (which is useless to the
user who made the query).
With this commit, the error is instead ignored from our logs (because it
is a user error), but the parse error details are returned to the user,
with the following format:
> {'errors': [{'message': 'Parse error on ")" (RPAREN) at [3, 23]'}]}
2021-11-19 15:15:10 +01:00
Martin
3d1533dee9
feat(users/dossiers?statut=dossiers-expirant): add dossiers-expirant tab
2021-11-19 15:14:39 +01:00
Paul Chavard
ae09b37e72
fix(champs): save departement info on champ commune
2021-11-17 14:52:47 +03:00
mfo
82b23b92c0
Merge branch 'main' into 6624/etq-instructeur-je-souhaite-supprimer-des-messages-envoyes-par-erreur
2021-11-17 05:41:56 +01:00
Paul Chavard
716a859c93
fix(profile): prevent crashing on renew token action
2021-11-16 20:01:56 +03:00
Paul Chavard
e74d599042
feat(procedure): remove duree_conservation_dossiers_hors_ds
2021-11-16 19:55:56 +03:00
Paul Chavard
65e59b8dcd
fix(procedure): allow to modify duree_conservation_dossiers_dans_ds after publication
2021-11-16 19:55:56 +03:00
mfo
1d174df2ec
Merge branch 'main' into 6624/etq-instructeur-je-souhaite-supprimer-des-messages-envoyes-par-erreur
2021-11-16 16:37:15 +01:00
Martin
f0950b592b
clean(CommentaireService): extract soft delete within controller. returning an instance with an error[:base] is not persisted with validation : avoid poluting stuff
2021-11-16 16:13:11 +01:00
Paul Chavard
3400c4c628
fix(champs): attach piece justificative
2021-11-16 17:57:41 +03:00
Paul Chavard
7914775809
feat(routage): administrateur can disable routage
...
fix #6627
2021-11-16 11:49:51 +03:00
Martin
4042d51d1a
tech(lint): rubocopify
2021-11-15 14:17:57 +01:00
Martin
d4c74b5621
feat(rc.1): refine with better translations, better design
2021-11-15 14:15:05 +01:00
Martin
3b78a9d81a
feat(rc): first stable
2021-11-15 13:53:32 +01:00
Martin
8b931a57d4
feat(CommentairesController#destroy): implement destroy endpoint using CommentaireService
2021-11-15 13:18:10 +01:00
simon lehericey
17d131b3cc
add has_may requested_merge_from
2021-11-04 16:10:09 +01:00
simon lehericey
9041e201e8
one merge at a time
2021-11-04 16:10:09 +01:00
simon lehericey
b160086cc5
update update_email to allow merge
2021-11-04 16:10:09 +01:00
simon lehericey
652b8367be
accept or refuse merge
2021-11-04 16:10:09 +01:00
simon lehericey
894e8fdd47
move update_email check to before_action
2021-11-04 16:10:09 +01:00
Paul Chavard
7ef73f13e4
fix(grope_instructeur): can not destroy groupe_instructeur with discarded dossiers
2021-11-02 12:15:24 +01:00
Paul Chavard
3c2515ce6d
feat(graphql): add graphql_operation to rails logs
2021-11-02 12:02:00 +01:00
Paul Chavard
da49a6447f
refactor(repetition): optimize and add a transaction around repetition add row
2021-10-28 14:54:33 +02:00
Paul Chavard
c4b93f8d4a
fix(groupe_instructeur): unfollow dossiers when removed from groupe instructeur
2021-10-28 14:45:52 +02:00
simon lehericey
c725999582
move merge method to user
2021-10-28 14:39:13 +02:00
Paul Chavard
d659595cde
fix(typo): addresse -> adresse
2021-10-27 18:59:18 +02:00
Paul Chavard
8154daf847
refactor(drop_down_list_champ): other option
2021-10-27 12:00:39 +02:00
kara Diaby
dc35d9521f
add other option to liste deroulante champ
2021-10-26 16:11:15 +02:00
Paul Chavard
d308448f02
feat(type_de_champ): add secondary label and description do linked drop downs
2021-10-26 12:18:01 +02:00
Paul Chavard
1561ea82f6
fix(transfer): manually nullify staled transfers references
2021-10-21 13:54:26 +02:00
lydiasan
6f9c3abfbc
i18n: display language selector on non-french accept-languages
2021-10-19 16:41:36 +02:00
simon lehericey
d19ad2840c
rename preexisting to targeted, remove duplicated test
2021-10-19 16:12:42 +02:00
simon lehericey
52b7e85954
merge administrateur in user_controller
2021-10-19 16:12:42 +02:00
simon lehericey
44c880adc4
allow instructeur and administrateur to change their email to legit domain ( #6550 )
2021-10-19 15:54:57 +02:00
Paul Chavard
8fa544e176
feat(manager): bring back add administrateur
2021-10-19 12:06:31 +02:00
simon lehericey
f54dfe6ead
Do not raise error if user is nil
...
I do not get when it happens
2021-10-19 11:21:24 +02:00
simon lehericey
bb83fd2f18
To make an old test work, no idea
2021-10-14 14:47:50 +02:00
simon lehericey
933d7b8c8d
merge with another preexisting account
2021-10-14 14:47:50 +02:00
simon lehericey
ce40e1127d
merge with another new account
2021-10-14 14:47:50 +02:00
simon lehericey
19f81b594b
merge with an existing account by using the password
2021-10-14 14:47:50 +02:00
simon lehericey
218e4633a9
securely retrieve fci
2021-10-14 14:47:50 +02:00
simon lehericey
f7299da1e7
launch merge process if an unlinked DS account with the same email exists
2021-10-14 14:47:50 +02:00
simon lehericey
f6879eba60
associate_user take a target email
2021-10-14 14:47:50 +02:00
simon lehericey
6826bf03b0
Sign in with a user linked by france connect sub (openid)
...
instead of looking linked user by email because :
- follows FC recommendation to fetch ds account by openid
- the email is not a valid key as many user can share the same FCI email.
The following scenario is now working
A user A (email: 1@mail.com ) uses FC to connect to DS
=> It is connected as 1@mail.com
Another user B (email: generic@mail.com ) uses FC to connect
=> It is connected as generic@mail.com
The first user A change its FC email to generic@mail.com and connect to DS
=> It is still connected as 1@mail.com
2021-10-14 14:47:50 +02:00
simon lehericey
06dee2e023
refactor controller to avoid return
2021-10-14 14:47:50 +02:00
simon lehericey
5aaf46258a
remove obsolete devise scope
2021-10-14 14:47:50 +02:00
simon lehericey
87de9e38c6
allow draft to be saved with invalid cnaf champ
2021-10-12 14:27:20 +02:00
simon lehericey
7072993721
a form can upload numero_allocataire and code_postal
2021-10-12 14:27:20 +02:00
simon lehericey
77d14d4a60
forbid admin merge yet
2021-10-07 15:51:31 +02:00
simon lehericey
5009c583ea
Add notice when merging account
2021-10-07 15:51:31 +02:00
simon lehericey
a480b31eb5
merge expert
2021-10-07 15:51:31 +02:00
simon lehericey
136f29524e
merge instructeur
2021-10-07 15:51:31 +02:00
simon lehericey
9a6a53349f
simple cases when the preexisting targeted account does not have instructeur or profile profile
2021-10-07 15:51:31 +02:00
Paul Chavard
4a947f9135
feat(manager): add become administrateur button in manager (with 24h expiration)
2021-10-07 11:32:12 +02:00
kara Diaby
9c9eeb8e76
modify groupe instructeurs controller$
2021-10-05 15:37:29 +02:00
kara Diaby
6d89d914e2
modify expert avis controller
2021-10-05 15:00:21 +02:00
simon lehericey
f662b28baf
update identity_updated_at column when user identity change
2021-10-05 12:05:43 +02:00
Pierre de La Morinerie
f854e3af63
controllers: use ACSV to import groupe instructeurs
...
Unlike `CSV`, `ACSV` auto-detect the file encoding and separator type.
2021-10-05 10:58:15 +02:00
Peng-Fei DONG
dee536fca1
app: localize CSV import for groupe instructeurs
2021-10-05 10:58:15 +02:00
simon lehericey
64351d0287
[ Fix #6504 ] Fix exception raised when deleting a transfer
2021-10-01 12:11:03 +02:00
Paul Chavard
7deedf8245
feat(refactor): unify dossiers header
2021-09-27 15:06:17 +02:00
Paul Chavard
357c684688
feat(routage): self managing instructeurs
2021-09-27 15:06:17 +02:00
Paul Chavard
5933194149
feat(log): stop logging user emails
...
fix #6485
2021-09-27 14:56:00 +02:00
simon lehericey
1446660ca3
an api_particulier_token change erases previous api_particulier_sources
2021-09-21 11:21:10 -05:00
simon lehericey
2e1bed8748
an admin can save its sources
2021-09-21 11:21:10 -05:00
Pierre de La Morinerie
eef90efd49
app: fix exception during password reset when the token has expired
2021-09-21 10:30:09 -05:00
simon lehericey
7239657a75
[ Fix #6481 ] a user see its waiting transfers
2021-09-20 13:58:11 +02:00
simon lehericey
c34476a766
a user can transfer all its dossier
2021-09-20 13:58:11 +02:00
Paul Chavard
0c5c8faf16
feat(routage): enable routage for everyone
2021-09-18 11:22:35 +02:00
Paul Chavard
8b4bef2816
refactor(routage): simplify goupe_instructeur assign code
2021-09-18 11:21:26 +02:00
simon lehericey
2c13f70cd5
redirect to sources after updating token
2021-09-17 13:50:23 +02:00
simon lehericey
5dbd81ebeb
show api particulier sources
2021-09-17 13:50:23 +02:00
Pierre de La Morinerie
715b5ea6d8
i18n: move controller keys to the proper scope
2021-09-16 07:59:19 -05:00
Pierre de La Morinerie
e6b044531d
i18n: fix invalid i18n-tasks-hint
2021-09-16 07:51:56 -05:00
simon lehericey
1d06c15ac0
save api particulier scopes
2021-09-16 09:49:16 +02:00
simon lehericey
7ee360df30
add logic to detect empty scopes
2021-09-16 09:09:34 +02:00
Pierre de La Morinerie
745e19bb8e
localize
2021-09-16 09:07:47 +02:00
simon lehericey
ee6d19e3ee
an admin can save it's api particulier token
...
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:56:42 +02:00
simon lehericey
4c0dd43055
add jetons particulier index page
...
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:37:04 +02:00
Peng-Fei DONG
1979c44f9c
set OTP: Enable or Disable
2021-09-09 10:25:15 -05:00
Pierre de La Morinerie
e5f449b595
devise: unify password reset views
...
By default, Devise will look for views:
1. First in `views/resource/passwords/…`,
2. Then in `views/devise/passwords/…` if not found.
By moving the views to `views/devise`, we avoid having a partial in
`views/shared` that we need to include manually, and instead let Devise
do the job automatically.
2021-09-09 09:40:40 -05:00
Pierre de La Morinerie
80f9d4adc0
devise: use password_strength component in SuperAdmin::PasswordsController
2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
62e4f7ee32
devise: use password_complexity in User::PasswordsController
...
This fixes the password strength meter no longer being displayed when
an admin changes their password.
2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
428ca8755f
app: add a password_complexity component
...
This component will replace the previous `password_field` component.
2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
02bdfef893
devise: cleanup Users::PasswordController
2021-09-09 08:03:34 -05:00
Paul Chavard
3235f42a63
feat(dossier): add dossier transfers UI
2021-09-08 15:10:43 +02:00
Paul Chavard
44eb0ada4f
fix(i18n): add Kosovo to countries list
...
Kosovo is not part of ISO 3166 as of time of writing. https://en.wikipedia.org/wiki/ISO_3166-2:RS#cite_ref-1
2021-09-08 12:11:25 +02:00
Paul Chavard
74e277d0a2
feat(graphql): add an option to dossier state change mutations to disable notifications
2021-09-07 14:21:48 +02:00
Paul Chavard
34b1418868
feat(i18n): save locale on user
2021-09-07 09:51:23 +02:00
Pierre de La Morinerie
8bb283d977
app: delete old Admin::ProceduresController
2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
a004ac59df
app: move archive to NewAdministrateur::ProceduresController
2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
e7c8a9fff5
app: move clone to NewAdministrateur::ProceduresController
2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
3e83ad454f
app: move new_from_existing to NewAdministrateur::ProceduresController
2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
7729385d89
controllers: remove dead code on Admin::ProceduresController
...
This code has been migrated to NewAdministrateur::ProceduresController.
2021-09-02 14:51:26 -05:00
Pierre de La Morinerie
3fc934c8fb
app: remove leftovers of publish_validate route
...
The correponding code and feature have been removed a while ago.
2021-09-02 14:50:41 -05:00
Pierre de La Morinerie
0f9d7d6b8c
app: remove old Admin::InstructeursController
...
It was only hosting the deprecated "Instructeurs globally attached to
this admin", which wasn't used anywhere in the app anymore.
2021-09-02 14:40:36 -05:00
Paul Chavard
a3cc072bbd
feat(i18n): translate countries selector
2021-08-31 13:15:26 +02:00
Paul Chavard
3b6528decf
feat(i18n): enable localization by query param
...
Providing a query param ("locale") will enable localization. A language picker will be shown once
localization is activated. Locale is stored in a cookie "locale".
2021-08-24 12:42:40 +02:00
Ismael MOUSSA S. (T0194673)
330333aac4
6407 - Fix flash message typo in new administrateur/groupe instructeurs controller and its related spec
2021-08-20 20:10:44 +02:00
kara Diaby
ae0a3b9dd5
modify procedures controller instructeur
2021-08-04 11:35:06 +02:00
kara Diaby
69393c2921
modify groupe instructeur controller
2021-07-27 19:38:22 +02:00
kara Diaby
ed49d1b110
instructeur_procedures_controller
2021-07-27 19:38:21 +02:00
Paul Chavard
64cfb4d64e
Fix sort with revisions
2021-07-23 10:57:04 +02:00
lydiasan
7de10731a6
i18n: localize dossiers edition
2021-07-20 14:18:20 +02:00
Pierre de La Morinerie
831672391e
app: use a long-lived cookie for CSRF token
...
See the ADR document for rationale.
2021-07-20 11:11:52 +02:00
Pierre de La Morinerie
a03d8d0705
controllers: remove useless handle_verified_request
override
...
This is a leftover of 09933454ff
2021-07-20 11:11:52 +02:00
kara Diaby
c731f8cf1f
add windows content type to avoid errors
2021-07-15 16:32:07 +02:00
kara Diaby
d2d046a39d
fix encoding problems with cherlock Holmes gem
2021-07-13 10:58:41 +02:00
Christophe Robillard
03e98229c9
a user can now see stats for closed procedure
2021-07-07 15:00:38 +02:00
Pierre de La Morinerie
37c62ac0a3
app: display standard error page when no cookies are present
...
This occurs mostly when Safari attempts to perform a POST request
again (without sending any of the cookies).
In that case, our custom `422.html` page is more helpful to the user
(because it has a link to the previous page) than a "No cookies" blank
text.
2021-07-06 16:29:22 +02:00
Pierre de La Morinerie
09933454ff
app: improve InvalidAuthenticityToken logging
...
- Log on all controllers
- Improve description of the controller action involved
- Ignore Safari bogus requests
2021-07-06 12:42:01 +02:00
Christophe Robillard
54d91335f2
remove the ability to download an 'everything' archive
...
there are sometimes an error that happen when building an everything
archive. The error explanation is not understood at the moment.
To deliver the archive feature quickly, we remove the 'everything' archive for
the moment
2021-07-05 11:05:07 +02:00
Paul Chavard
280e54b59d
Enable test revisions
2021-07-01 15:59:07 +02:00
Pierre de La Morinerie
1faf91bdbe
experts: protect password update as well as sign-up
2021-06-30 10:46:42 +02:00
Pierre de La Morinerie
6f7a2fde57
experts: fix saving password on sign-in
2021-06-30 10:46:42 +02:00
Paul Chavard
0ca5e1abe2
Preview should reflect revision changes
2021-06-24 11:39:49 +02:00
Paul Chavard
e68441d573
Allow publishing revisions when feature flag is enabled
2021-06-23 09:40:07 +02:00
Paul Chavard
f238710044
Add last_month export
2021-06-23 09:23:10 +02:00
kara Diaby
cf11b0c901
return error if the csv headers are wrong
2021-06-22 16:33:38 +02:00
Pierre de La Morinerie
a99a6cc49f
controllers: use default Rails settings for protecting against forgery
...
Rails uses `config.action_controller.allow_forgery_protection` to
enable or disable forgery protection globaly.
This is disabled for tests by default. So our custom config is not
required.
2021-06-22 13:21:55 +02:00
kara Diaby
06958cbdd1
fix service and utf-8 encoding
2021-06-21 13:54:01 +02:00
Christophe Robillard
8cbbae8984
use cache for traitement time for instructeurs
2021-06-17 16:31:53 +02:00
Christophe Robillard
45ffae9eb3
affiche evolution temps de traitement
2021-06-17 16:31:53 +02:00
Pierre de La Morinerie
b5bde6608c
routes: replace the email param in the Avis URLs by a query param
2021-06-17 11:15:51 +02:00