Commit graph

2093 commits

Author SHA1 Message Date
simon lehericey
44c880adc4 allow instructeur and administrateur to change their email to legit domain (#6550) 2021-10-19 15:54:57 +02:00
Paul Chavard
8fa544e176 feat(manager): bring back add administrateur 2021-10-19 12:06:31 +02:00
simon lehericey
f54dfe6ead Do not raise error if user is nil
I do not get when it happens
2021-10-19 11:21:24 +02:00
simon lehericey
bb83fd2f18 To make an old test work, no idea 2021-10-14 14:47:50 +02:00
simon lehericey
933d7b8c8d merge with another preexisting account 2021-10-14 14:47:50 +02:00
simon lehericey
ce40e1127d merge with another new account 2021-10-14 14:47:50 +02:00
simon lehericey
19f81b594b merge with an existing account by using the password 2021-10-14 14:47:50 +02:00
simon lehericey
218e4633a9 securely retrieve fci 2021-10-14 14:47:50 +02:00
simon lehericey
f7299da1e7 launch merge process if an unlinked DS account with the same email exists 2021-10-14 14:47:50 +02:00
simon lehericey
f6879eba60 associate_user take a target email 2021-10-14 14:47:50 +02:00
simon lehericey
6826bf03b0 Sign in with a user linked by france connect sub (openid)
instead of looking linked user by email because :

- follows FC recommendation to fetch ds account by openid
- the email is not a valid key as many user can share the same FCI email.

The following scenario is now working

A user A (email: 1@mail.com) uses FC to connect to DS
=> It is connected as 1@mail.com

Another user B (email: generic@mail.com) uses FC to connect
=> It is connected as generic@mail.com

The first user A change its FC email to generic@mail.com and connect to DS
=> It is still connected as 1@mail.com
2021-10-14 14:47:50 +02:00
simon lehericey
06dee2e023 refactor controller to avoid return 2021-10-14 14:47:50 +02:00
simon lehericey
5aaf46258a remove obsolete devise scope 2021-10-14 14:47:50 +02:00
simon lehericey
87de9e38c6 allow draft to be saved with invalid cnaf champ 2021-10-12 14:27:20 +02:00
simon lehericey
7072993721 a form can upload numero_allocataire and code_postal 2021-10-12 14:27:20 +02:00
simon lehericey
77d14d4a60 forbid admin merge yet 2021-10-07 15:51:31 +02:00
simon lehericey
5009c583ea Add notice when merging account 2021-10-07 15:51:31 +02:00
simon lehericey
a480b31eb5 merge expert 2021-10-07 15:51:31 +02:00
simon lehericey
136f29524e merge instructeur 2021-10-07 15:51:31 +02:00
simon lehericey
9a6a53349f simple cases when the preexisting targeted account does not have instructeur or profile profile 2021-10-07 15:51:31 +02:00
Paul Chavard
4a947f9135 feat(manager): add become administrateur button in manager (with 24h expiration) 2021-10-07 11:32:12 +02:00
kara Diaby
9c9eeb8e76 modify groupe instructeurs controller$ 2021-10-05 15:37:29 +02:00
kara Diaby
6d89d914e2 modify expert avis controller 2021-10-05 15:00:21 +02:00
simon lehericey
f662b28baf update identity_updated_at column when user identity change 2021-10-05 12:05:43 +02:00
Pierre de La Morinerie
f854e3af63 controllers: use ACSV to import groupe instructeurs
Unlike `CSV`, `ACSV` auto-detect the file encoding and separator type.
2021-10-05 10:58:15 +02:00
Peng-Fei DONG
dee536fca1 app: localize CSV import for groupe instructeurs 2021-10-05 10:58:15 +02:00
simon lehericey
64351d0287 [Fix #6504] Fix exception raised when deleting a transfer 2021-10-01 12:11:03 +02:00
Paul Chavard
7deedf8245 feat(refactor): unify dossiers header 2021-09-27 15:06:17 +02:00
Paul Chavard
357c684688 feat(routage): self managing instructeurs 2021-09-27 15:06:17 +02:00
Paul Chavard
5933194149 feat(log): stop logging user emails
fix #6485
2021-09-27 14:56:00 +02:00
simon lehericey
1446660ca3 an api_particulier_token change erases previous api_particulier_sources 2021-09-21 11:21:10 -05:00
simon lehericey
2e1bed8748 an admin can save its sources 2021-09-21 11:21:10 -05:00
Pierre de La Morinerie
eef90efd49 app: fix exception during password reset when the token has expired 2021-09-21 10:30:09 -05:00
simon lehericey
7239657a75 [Fix #6481] a user see its waiting transfers 2021-09-20 13:58:11 +02:00
simon lehericey
c34476a766 a user can transfer all its dossier 2021-09-20 13:58:11 +02:00
Paul Chavard
0c5c8faf16 feat(routage): enable routage for everyone 2021-09-18 11:22:35 +02:00
Paul Chavard
8b4bef2816 refactor(routage): simplify goupe_instructeur assign code 2021-09-18 11:21:26 +02:00
simon lehericey
2c13f70cd5 redirect to sources after updating token 2021-09-17 13:50:23 +02:00
simon lehericey
5dbd81ebeb show api particulier sources 2021-09-17 13:50:23 +02:00
Pierre de La Morinerie
715b5ea6d8 i18n: move controller keys to the proper scope 2021-09-16 07:59:19 -05:00
Pierre de La Morinerie
e6b044531d i18n: fix invalid i18n-tasks-hint 2021-09-16 07:51:56 -05:00
simon lehericey
1d06c15ac0 save api particulier scopes 2021-09-16 09:49:16 +02:00
simon lehericey
7ee360df30 add logic to detect empty scopes 2021-09-16 09:09:34 +02:00
Pierre de La Morinerie
745e19bb8e localize 2021-09-16 09:07:47 +02:00
simon lehericey
ee6d19e3ee an admin can save it's api particulier token
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:56:42 +02:00
simon lehericey
4c0dd43055 add jetons particulier index page
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:37:04 +02:00
Peng-Fei DONG
1979c44f9c set OTP: Enable or Disable 2021-09-09 10:25:15 -05:00
Pierre de La Morinerie
e5f449b595 devise: unify password reset views
By default, Devise will look for views:

1. First in `views/resource/passwords/…`,
2. Then in `views/devise/passwords/…` if not found.

By moving the views to `views/devise`, we avoid having a partial in
`views/shared` that we need to include manually, and instead let Devise
do the job automatically.
2021-09-09 09:40:40 -05:00
Pierre de La Morinerie
80f9d4adc0 devise: use password_strength component in SuperAdmin::PasswordsController 2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
62e4f7ee32 devise: use password_complexity in User::PasswordsController
This fixes the password strength meter no longer being displayed when
an admin changes their password.
2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
428ca8755f app: add a password_complexity component
This component will replace the previous `password_field` component.
2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
02bdfef893 devise: cleanup Users::PasswordController 2021-09-09 08:03:34 -05:00
Paul Chavard
3235f42a63 feat(dossier): add dossier transfers UI 2021-09-08 15:10:43 +02:00
Paul Chavard
44eb0ada4f fix(i18n): add Kosovo to countries list
Kosovo is not part of ISO 3166 as of time of writing. https://en.wikipedia.org/wiki/ISO_3166-2:RS#cite_ref-1
2021-09-08 12:11:25 +02:00
Paul Chavard
74e277d0a2 feat(graphql): add an option to dossier state change mutations to disable notifications 2021-09-07 14:21:48 +02:00
Paul Chavard
34b1418868 feat(i18n): save locale on user 2021-09-07 09:51:23 +02:00
Pierre de La Morinerie
8bb283d977 app: delete old Admin::ProceduresController 2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
a004ac59df app: move archive to NewAdministrateur::ProceduresController 2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
e7c8a9fff5 app: move clone to NewAdministrateur::ProceduresController 2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
3e83ad454f app: move new_from_existing to NewAdministrateur::ProceduresController 2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
7729385d89 controllers: remove dead code on Admin::ProceduresController
This code has been migrated to NewAdministrateur::ProceduresController.
2021-09-02 14:51:26 -05:00
Pierre de La Morinerie
3fc934c8fb app: remove leftovers of publish_validate route
The correponding code and feature have been removed a while ago.
2021-09-02 14:50:41 -05:00
Pierre de La Morinerie
0f9d7d6b8c app: remove old Admin::InstructeursController
It was only hosting the deprecated "Instructeurs globally attached to
this admin", which wasn't used anywhere in the app anymore.
2021-09-02 14:40:36 -05:00
Paul Chavard
a3cc072bbd feat(i18n): translate countries selector 2021-08-31 13:15:26 +02:00
Paul Chavard
3b6528decf feat(i18n): enable localization by query param
Providing a query param ("locale") will enable localization. A language picker will be shown once
localization is activated. Locale is stored in a cookie "locale".
2021-08-24 12:42:40 +02:00
Ismael MOUSSA S. (T0194673)
330333aac4 6407 - Fix flash message typo in new administrateur/groupe instructeurs controller and its related spec 2021-08-20 20:10:44 +02:00
kara Diaby
ae0a3b9dd5 modify procedures controller instructeur 2021-08-04 11:35:06 +02:00
kara Diaby
69393c2921 modify groupe instructeur controller 2021-07-27 19:38:22 +02:00
kara Diaby
ed49d1b110 instructeur_procedures_controller 2021-07-27 19:38:21 +02:00
Paul Chavard
64cfb4d64e Fix sort with revisions 2021-07-23 10:57:04 +02:00
lydiasan
7de10731a6 i18n: localize dossiers edition 2021-07-20 14:18:20 +02:00
Pierre de La Morinerie
831672391e app: use a long-lived cookie for CSRF token
See the ADR document for rationale.
2021-07-20 11:11:52 +02:00
Pierre de La Morinerie
a03d8d0705 controllers: remove useless handle_verified_request override
This is a leftover of 09933454ff
2021-07-20 11:11:52 +02:00
kara Diaby
c731f8cf1f add windows content type to avoid errors 2021-07-15 16:32:07 +02:00
kara Diaby
d2d046a39d fix encoding problems with cherlock Holmes gem 2021-07-13 10:58:41 +02:00
Christophe Robillard
03e98229c9 a user can now see stats for closed procedure 2021-07-07 15:00:38 +02:00
Pierre de La Morinerie
37c62ac0a3 app: display standard error page when no cookies are present
This occurs mostly when Safari attempts to perform a POST request
again (without sending any of the cookies).

In that case, our custom `422.html` page is more helpful to the user
(because it has a link to the previous page) than a "No cookies" blank
text.
2021-07-06 16:29:22 +02:00
Pierre de La Morinerie
09933454ff app: improve InvalidAuthenticityToken logging
- Log on all controllers
- Improve description of the controller action involved
- Ignore Safari bogus requests
2021-07-06 12:42:01 +02:00
Christophe Robillard
54d91335f2 remove the ability to download an 'everything' archive
there are sometimes an error that happen when building an everything
archive. The error explanation is not understood at the moment.
To deliver the archive feature quickly, we remove the 'everything' archive for
the moment
2021-07-05 11:05:07 +02:00
Paul Chavard
280e54b59d Enable test revisions 2021-07-01 15:59:07 +02:00
Pierre de La Morinerie
1faf91bdbe experts: protect password update as well as sign-up 2021-06-30 10:46:42 +02:00
Pierre de La Morinerie
6f7a2fde57 experts: fix saving password on sign-in 2021-06-30 10:46:42 +02:00
Paul Chavard
0ca5e1abe2 Preview should reflect revision changes 2021-06-24 11:39:49 +02:00
Paul Chavard
e68441d573 Allow publishing revisions when feature flag is enabled 2021-06-23 09:40:07 +02:00
Paul Chavard
f238710044 Add last_month export 2021-06-23 09:23:10 +02:00
kara Diaby
cf11b0c901 return error if the csv headers are wrong 2021-06-22 16:33:38 +02:00
Pierre de La Morinerie
a99a6cc49f controllers: use default Rails settings for protecting against forgery
Rails uses `config.action_controller.allow_forgery_protection` to
enable or disable forgery protection globaly.

This is disabled for tests by default. So our custom config is not
required.
2021-06-22 13:21:55 +02:00
kara Diaby
06958cbdd1 fix service and utf-8 encoding 2021-06-21 13:54:01 +02:00
Christophe Robillard
8cbbae8984 use cache for traitement time for instructeurs 2021-06-17 16:31:53 +02:00
Christophe Robillard
45ffae9eb3 affiche evolution temps de traitement 2021-06-17 16:31:53 +02:00
Pierre de La Morinerie
b5bde6608c routes: replace the email param in the Avis URLs by a query param 2021-06-17 11:15:51 +02:00
kara Diaby
ab781204bc modify groupe instructeur controller 2021-06-15 11:20:20 +02:00
François Vantomme
c9b1095d1e Refactor (Rubocop): replace map{ … }.compact by filter_map
In Ruby 2.7, Enumerable#filter_map has been added.
This cop identifies places where map { … }.compact can be replaced by filter_map.

See: https://docs.rubocop.org/rubocop-performance/cops_performance.html#performancemapcompact
2021-06-11 15:38:09 +02:00
Christophe Robillard
41569efe9d extract estimate_weight
and rename nb_dossiers by nb_dossiers_termines
2021-06-09 10:52:38 +02:00
simon lehericey
f2ba83a704 cout_dossier_termines_by_month for groupe_instructeurs
Co-authored-by: Christophe Robillard <christophe.robillard@beta.gouv.fr>
2021-06-09 10:52:38 +02:00
simon lehericey
83d60c7b63 archive for all the groups
Co-authored-by: Christophe Robillard <christophe.robillard@beta.gouv.fr>
2021-06-09 10:52:38 +02:00
simon lehericey
e933a80c55 remove useless archivable_months
Co-authored-by: Christophe Robillard <christophe.robillard@beta.gouv.fr>
2021-06-09 10:52:38 +02:00
simon lehericey
1c1e990d2a remove useless count
Co-authored-by: Christophe Robillard <christophe.robillard@beta.gouv.fr>
2021-06-09 10:52:38 +02:00
simon lehericey
09b3cf98f6 use nb_dossiers to estimate total weight
Co-authored-by: Christophe Robillard <christophe.robillard@beta.gouv.fr>
2021-06-09 10:52:38 +02:00
simon lehericey
895eed5a27 UI uses average_dossier_weight
Co-authored-by: Christophe Robillard <christophe.robillard@beta.gouv.fr>
2021-06-09 10:52:38 +02:00