Commit graph

3360 commits

Author SHA1 Message Date
simon lehericey
0cd9bcb1ab fix #6495 2021-09-28 15:53:18 +02:00
Paul Chavard
5933194149 feat(log): stop logging user emails
fix #6485
2021-09-27 14:56:00 +02:00
simon lehericey
57604b9c89 add schema validations 2021-09-22 12:08:24 +02:00
simon lehericey
75043070da add CNAFAdapter 2021-09-22 12:08:24 +02:00
simon lehericey
07962cc2c7 service: match remote keys 2021-09-22 12:08:24 +02:00
Ismael MOUSSA S
bdbb4deb87 ADD FILE_MAX_SIZE constant to set allow file size limit 2021-09-21 12:04:56 -05:00
simon lehericey
1446660ca3 an api_particulier_token change erases previous api_particulier_sources 2021-09-21 11:21:10 -05:00
simon lehericey
c87f3f7fb6 faster jeton_particulier_controller_spec 2021-09-21 11:21:10 -05:00
simon lehericey
2e1bed8748 an admin can save its sources 2021-09-21 11:21:10 -05:00
simon lehericey
8d747ff16e add sanitize method to service 2021-09-21 11:21:10 -05:00
Pierre de La Morinerie
eef90efd49 app: fix exception during password reset when the token has expired 2021-09-21 10:30:09 -05:00
simon lehericey
a7ec77f0a8 do not display the action for instructeur 2021-09-20 13:58:11 +02:00
simon lehericey
7239657a75 [Fix #6481] a user see its waiting transfers 2021-09-20 13:58:11 +02:00
simon lehericey
c34476a766 a user can transfer all its dossier 2021-09-20 13:58:11 +02:00
Paul Chavard
a8d04d6fc8 test(routing): fix routing feature spec 2021-09-18 11:22:35 +02:00
Paul Chavard
ad5279f4ab test(groupe_instructeur): fix groupe_instructeur controller spec 2021-09-18 11:22:35 +02:00
Paul Chavard
eea6b961d7 refactor(routage): remove administrateur_routage feature flag 2021-09-18 11:21:26 +02:00
simon lehericey
5dbd81ebeb show api particulier sources 2021-09-17 13:50:23 +02:00
simon lehericey
8327c6fd0c add ApiParticulier::Service::Sources 2021-09-17 13:50:23 +02:00
simon lehericey
1d06c15ac0 save api particulier scopes 2021-09-16 09:49:16 +02:00
simon lehericey
6c6205e188 a cloned procedure to a different admin does not keep api_particulier token and scopes 2021-09-16 09:30:11 +02:00
simon lehericey
7ee360df30 add logic to detect empty scopes 2021-09-16 09:09:34 +02:00
simon lehericey
ee6d19e3ee an admin can save it's api particulier token
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:56:42 +02:00
simon lehericey
4c0dd43055 add jetons particulier index page
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:37:04 +02:00
simon lehericey
87cb16093f fetch token introspection
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:37:04 +02:00
Paul Chavard
4850c3b02d fix(i18n): enable locale for email previews 2021-09-09 13:06:51 -05:00
Pierre de La Morinerie
407f46b7de gems: remove smart_listing
It was only used in the old design, which we recently removed
completely.
2021-09-09 09:58:41 -05:00
Pierre de La Morinerie
5cbf939911 spec: fix syntax of get requests in archives_controller_spec
Those were generating Ruby warnings:

> warning: Using the last argument as keyword parameters is deprecated
2021-09-09 09:58:41 -05:00
Pierre de La Morinerie
e5f449b595 devise: unify password reset views
By default, Devise will look for views:

1. First in `views/resource/passwords/…`,
2. Then in `views/devise/passwords/…` if not found.

By moving the views to `views/devise`, we avoid having a partial in
`views/shared` that we need to include manually, and instead let Devise
do the job automatically.
2021-09-09 09:40:40 -05:00
Pierre de La Morinerie
80f9d4adc0 devise: use password_strength component in SuperAdmin::PasswordsController 2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
62e4f7ee32 devise: use password_complexity in User::PasswordsController
This fixes the password strength meter no longer being displayed when
an admin changes their password.
2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
ed8b19d2eb app: use password_complexity in Administrateurs::ActivateController 2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
428ca8755f app: add a password_complexity component
This component will replace the previous `password_field` component.
2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
586f8ec543 models: improve password complexity specs 2021-09-09 09:40:39 -05:00
Paul Chavard
00c7c7c419 test(dossier): test dossier transfer 2021-09-08 15:49:04 +02:00
Paul Chavard
3235f42a63 feat(dossier): add dossier transfers UI 2021-09-08 15:10:43 +02:00
Paul Chavard
d6cbdf2a48 feat(dossier): add dossier transfer models 2021-09-08 14:39:46 +02:00
simon lehericey
9fc195f0e5 add test to dossier_projection_service 2021-09-07 15:17:06 +02:00
Paul Chavard
74e277d0a2 feat(graphql): add an option to dossier state change mutations to disable notifications 2021-09-07 14:21:48 +02:00
Paul Chavard
9e30d5fc22 fix(virus scan): prevent virus scans in specs 2021-09-07 14:21:48 +02:00
simon lehericey
367f508e2e linked_drop_down_list: empty primary => empty secondary 2021-09-07 10:09:18 +02:00
Paul Chavard
6a5a8233b5 feat(i18n): send dossier emails with its user locale and improuve translations 2021-09-07 09:51:23 +02:00
Pierre de La Morinerie
8bb283d977 app: delete old Admin::ProceduresController 2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
a004ac59df app: move archive to NewAdministrateur::ProceduresController 2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
e7c8a9fff5 app: move clone to NewAdministrateur::ProceduresController 2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
56fa7e7cd6 app: move destroy to NewAdministrateur::ProceduresController
The code was already moved; only the route and tests were not.
2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
3e83ad454f app: move new_from_existing to NewAdministrateur::ProceduresController 2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
7729385d89 controllers: remove dead code on Admin::ProceduresController
This code has been migrated to NewAdministrateur::ProceduresController.
2021-09-02 14:51:26 -05:00
Pierre de La Morinerie
0f9d7d6b8c app: remove old Admin::InstructeursController
It was only hosting the deprecated "Instructeurs globally attached to
this admin", which wasn't used anywhere in the app anymore.
2021-09-02 14:40:36 -05:00
Paul Chavard
a3cc072bbd feat(i18n): translate countries selector 2021-08-31 13:15:26 +02:00
Pierre de La Morinerie
b80f6a9f1b spec: fix some manager tests not running 2021-08-26 11:44:47 -05:00
Paul Chavard
8e1bfb469f fix(dossier): send expiration notifications 2 weeks prior to supression instead of a month 2021-08-26 11:28:57 +02:00
Paul Chavard
1399d9bba9 feat(graphql): expose demarche descriptor on dossier type
We don't want to expose full demarche type on dossiers because it would open the door for recursive queries that we want to avoid. DemarcheDescriptorType is a lightweight representation of demarche metadata.
2021-08-25 11:12:24 +02:00
Pierre de La Morinerie
47e1555dce i18n: properly translate the locale dropdown title 2021-08-24 12:57:51 -05:00
Pierre de La Morinerie
9741108094 lib: remove the 'migrated' key on filters
In a9a4f6e2a8, a task to migrate
ProcedurePresentation's filters was added.

This task added a "migrated: true" key to all migrated filters.

Now that this task has run, we can safely remove the extra key.

In a previous version of this commit, the migration would fail for
invalid ProcedurePresentation records. This is now fixed.
2021-08-24 08:42:22 -05:00
Christophe Robillard
83b6c5d7c7 replace deprecated axe-matchers by axe-core-spec 2021-08-24 08:09:17 -05:00
Paul Chavard
3b6528decf feat(i18n): enable localization by query param
Providing a query param ("locale") will enable localization. A language picker will be shown once
localization is activated. Locale is stored in a cookie "locale".
2021-08-24 12:42:40 +02:00
Ismael MOUSSA S. (T0194673)
330333aac4 6407 - Fix flash message typo in new administrateur/groupe instructeurs controller and its related spec 2021-08-20 20:10:44 +02:00
Christophe Robillard
8f2e0660d3 add spec for dossier with commune 2021-08-19 08:04:47 +02:00
Christophe Robillard
e06f11f33f add code insee libelle for commune export 2021-08-19 08:04:47 +02:00
Christophe Robillard
4a6c22d6a6 export code insee for commune champ 2021-08-19 08:04:47 +02:00
Paul Chavard
ffa8c0c80a feat(dossiers): enable dossiers termine expiration behind feature flag
feature flag "procedure_process_expired_dossiers_termine" controls if a procedure has expiration
enabled on dossiers termine

re #3796
2021-08-18 16:11:35 +01:00
Christophe Robillard
031b74759f archives: move bugreport 2021-08-05 09:24:20 +02:00
Christophe Robillard
38e3469e9a add bug report to archive 2021-08-03 14:51:41 +02:00
simon lehericey
b29bae4707 a procedure has an encrypted api_particulier_token
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-07-30 11:18:44 +02:00
François Vantomme
17b659539f Feat (API Particulier): new encryption service 2021-07-30 11:18:44 +02:00
kara Diaby
69393c2921 modify groupe instructeur controller 2021-07-27 19:38:22 +02:00
kara Diaby
9c976c6b71 fixup! tests 2021-07-27 19:38:21 +02:00
Paul Chavard
64cfb4d64e Fix sort with revisions 2021-07-23 10:57:04 +02:00
Pierre de La Morinerie
6475cdff7a
Revert "Suppression de la clef "migrated": true sur les filtres des ProcedurePresentation" 2021-07-23 09:26:13 +02:00
Pierre de La Morinerie
e1909ed29f brouillon: redirect to sign-in when disconnected
There are two cases where the draft auto-save might fail because the
user is no longer authenticated:

- The user signed-out in another tab,
- The brower quit and re-opened, so the Session cookie expired.

In both cases, the auto-save will never succeed until the user
authenticates again, so displaying a "Retry" button is cruel.

Moreover, in plus of all auto-save requests failing with a small error,
the actual hard failure only occurs after filling all the form and
trying to submit it. Then the user is redirected to the sign-in page –
but all their changes are lost.

Instead, we now redirect to the sign-in page on the first 401 error
during the auto-save, let the user sign-in, and then redirect back to
the form.
2021-07-22 11:58:02 +02:00
Paul Chavard
388fb39eb5 Fix false positive blank champ warnings 2021-07-22 10:45:25 +02:00
Paul Chavard
ac0f50b488 Improuve champ blank check 2021-07-22 10:45:25 +02:00
Pierre de La Morinerie
fd74d9a062 lib: remove the 'migrated' key on filters
In a9a4f6e2a8, a task to migrate
ProcedurePresentation's filters was added.

This task added a "migrated: true" key to all migrated filters.

Now that this task has run, we can safely remove the extra key.
2021-07-20 16:51:32 +02:00
Pierre de La Morinerie
fda59c9231 lib: remove outdated tasks 2021-07-20 15:34:31 +02:00
Pierre de La Morinerie
32ab2f0a80 instructeur: limit the maximum size of a filter value
This prevents the URL from exceeding the max size, and
causing '414: Request-URI too large' errors.
2021-07-20 14:49:48 +02:00
Pierre de La Morinerie
831672391e app: use a long-lived cookie for CSRF token
See the ADR document for rationale.
2021-07-20 11:11:52 +02:00
Pierre de La Morinerie
446c57ed63 specs: add a feature test for forgery protection 2021-07-20 11:11:52 +02:00
Pierre de La Morinerie
71741c5f98 views: fix checkbox wrongly selected in multiple_drop_down_list
The check for whether the checkbox should be checked or not was made by
matching the whole string. Thus, given two options 'valid' and
'invalid', the check for the presence of 'valid' would succeed even when
only 'invalid' was present in the values (because
`'valid'.includes?('invalid')`.

The code now checks against the list of items in the selected_options.
2021-07-20 09:01:07 +02:00
kara Diaby
0b6c7dace7 tests 2021-07-15 16:32:07 +02:00
Pierre de La Morinerie
40b3ea8ad6
Revert "Instructeurs : limitation de la valeur d'un filtre à 100 caractères" 2021-07-13 18:19:46 +02:00
kara Diaby
d2d046a39d fix encoding problems with cherlock Holmes gem 2021-07-13 10:58:41 +02:00
Pierre de La Morinerie
3c8a88a660 instructeur: limit the maximum size of a filter value
This prevents the URL from exceeding the max size, and
causing '414: Request-URI too large' errors.
2021-07-08 16:17:22 +02:00
Paul Chavard
527db7631e Add a point on map from coordinates input 2021-07-07 13:33:28 +02:00
Paul Chavard
ab31087f23 Hide cadastres if there is none 2021-07-07 12:28:27 +02:00
Pierre de La Morinerie
37c62ac0a3 app: display standard error page when no cookies are present
This occurs mostly when Safari attempts to perform a POST request
again (without sending any of the cookies).

In that case, our custom `422.html` page is more helpful to the user
(because it has a link to the previous page) than a "No cookies" blank
text.
2021-07-06 16:29:22 +02:00
Christophe Robillard
bc07a875eb integrate a mininum weight for the average dossier weight
before this commit, the average dossier weight took account only pieces
justificatives. With this commit, we add a minimum weight for other
files included in an archive like pdf_export, log operations,
attachments added to traitements. This minimum weight is set arbitrary,
from the observation of some random procedures in production
2021-07-06 15:58:45 +02:00
Pierre de La Morinerie
09933454ff app: improve InvalidAuthenticityToken logging
- Log on all controllers
- Improve description of the controller action involved
- Ignore Safari bogus requests
2021-07-06 12:42:01 +02:00
Christophe Robillard
54d91335f2 remove the ability to download an 'everything' archive
there are sometimes an error that happen when building an everything
archive. The error explanation is not understood at the moment.
To deliver the archive feature quickly, we remove the 'everything' archive for
the moment
2021-07-05 11:05:07 +02:00
Paul Chavard
280e54b59d Enable test revisions 2021-07-01 15:59:07 +02:00
Pierre de La Morinerie
1faf91bdbe experts: protect password update as well as sign-up 2021-06-30 10:46:42 +02:00
Pierre de La Morinerie
6f7a2fde57 experts: fix saving password on sign-in 2021-06-30 10:46:42 +02:00
Pierre de La Morinerie
4f5c5e26ae spec: cleanup spec for Experts::AvisController 2021-06-30 10:46:42 +02:00
Christophe Robillard
66cc0dd08d Revert "Revert "Expose dossier PDF export as IO""
This reverts commit 362093eff0.
2021-06-24 21:01:59 +02:00
krichtof
362093eff0
Revert "Expose dossier PDF export as IO" 2021-06-24 19:21:37 +02:00
Paul Chavard
b73d504f8d Expose dossier PDF export as IO
Co-authored-by: Christophe Robillard <christophe.robillard@beta.gouv.fr>
2021-06-24 17:49:24 +02:00
Paul Chavard
a4482233b8 [GraphQL] expose deleted dossiers 2021-06-24 11:51:37 +02:00
Paul Chavard
0ca5e1abe2 Preview should reflect revision changes 2021-06-24 11:39:49 +02:00
Paul Chavard
8b2c2c6466 Handle carte layers changes 2021-06-24 11:39:49 +02:00
Paul Chavard
35eccb5630 Show separate blocks for types de champ and annotation changes 2021-06-23 09:40:07 +02:00