Commit graph

1674 commits

Author SHA1 Message Date
Pierre de La Morinerie
0b2775a1a6 config: add back DS_PROXY_URL to CSP
Otherwise a bunch of "static.demarches-simplifiees.fr" domains would
be missing.
2022-02-15 12:49:52 +01:00
François Vantomme
d5f207d98c refactor(url): use env variables in content security policies 2022-02-15 12:49:52 +01:00
François Vantomme
7425a08e74 refactor(openstack): rename STORAGE_TYPE to ACTIVE_STORAGE_SERVICE 2022-02-15 10:34:42 +01:00
François Vantomme
a2c04a80aa refactor(storage): harmonize environment variables
Use STORAGE_TYPE everywhere rather than FOG_ENABLED.
STORAGE_TYPE is more flexible and is the reference variable for
production environment.
2022-02-15 09:40:32 +01:00
Jon
31996c7d09 chore(smtp): add mailcatcher configuration 2022-02-15 09:34:07 +01:00
François Vantomme
cc6cb2ea30 feat(matomo): use env variables to set the domain 2022-02-15 09:25:23 +01:00
Jon
97feca6305 feat(ClamAV): add config to disable clamav usage 2022-02-15 09:15:47 +01:00
François Vantomme
0758e2d1cf Refactor: use APP_HOST env variable in development env
It prevents exceptions when APP_HOST is custom in development env.

*** ArgumentError Exception: Missing host to link to! Please provide the
   :host parameter, set default_url_options[:host], or set :only_path to
   true
2022-02-15 09:01:38 +01:00
François Vantomme
ac915494df feat(landing): hide testimonial & users sections 2022-02-15 08:49:23 +01:00
Paul Chavard
76b1b85fa7 fix(attestation_template): add revision diff support 2022-02-11 08:45:32 +01:00
Paul Chavard
88e80e9e32
Merge pull request #6901 from adullact/feature/6859-jwt-token-expiration
[API Entreprise] Ajout du support des jetons JWT sans clé d'expiration
2022-02-10 11:48:39 +01:00
Pierre de La Morinerie
56461c6614 feat(openstack): just use FOG_OPENSTACK_URL
We don't need introducing a new env var for this.
2022-02-09 13:02:43 +01:00
François Vantomme
36f8a582ed feat(openstack): use env variables for base and auth URLs 2022-02-09 13:02:42 +01:00
François Vantomme
aebe90a0c4 refactor: use example domains
According to RFC 2606, example domains must be:
example.com, example.net, or example.org
2022-02-09 12:44:13 +01:00
François Vantomme
e8f62e78fe feat(matomo): configure Matomo iframe URL with an env variable 2022-02-09 12:44:13 +01:00
Paul Chavard
1f661325a5 refactor(carto): use maplibre instead of mapbox 2022-02-09 10:29:00 +01:00
Paul Chavard
ea6aec8b1a chore(webpack): enable typescript 2022-02-09 10:29:00 +01:00
Pierre de La Morinerie
3e20ea13d8
Revert "Utilisation des variables d'environnement lors de la déclaration des Content Security Policies" 2022-02-08 22:20:08 +01:00
François Vantomme
8eaecd184a refactor(url): use env variables in content security policies 2022-02-08 15:15:55 +01:00
Pierre de La Morinerie
847abca122 config: simplify mailer configuration again
Move everything to initializers, and replace the email settings
interceptor by a BalancerDeliveryMethod.

It has the advantage that it can be configured entirely from the
`config/environment.rb` file, without an extra file to look at.
2022-02-08 12:44:43 +01:00
Pierre de La Morinerie
27b42fe8ae config: better document SENDINBLUE_BALANCING 2022-02-08 12:44:43 +01:00
Pierre de La Morinerie
04cfc8ed9d config: use alternate delivery methods to configure ActionMailer
Previously `SENDINBLUE_BALANCING` was used only when
`SENDINBLUE_ENABLED` was *disabled* (otherwise only SendInBlue was ever
used).

This commit:

- Ensure that `SENDINBLUE_BALANCING` is used only when SendInBlue is
  *enabled* (which is more intuitive).
- Make it easier to add other delivery methods.
2022-02-08 12:44:43 +01:00
LeSim
fe9adf061c
Merge pull request #6916 from adullact/feature/6873-dinum-vars
Déplacer toutes les mentions à la DINUM dans des variables
2022-02-08 11:58:05 +01:00
Pierre de La Morinerie
dd49abc672 stats: fix duplicated word
The message would be formatted as:

> in 7 days days.
2022-02-08 11:43:32 +01:00
Pierre de La Morinerie
b2ae79a99b config: ignore gitguardian warnings for test keys
Tell GitGuardian not to report our fake testing secrets as leaks.
2022-02-08 11:31:07 +01:00
François Vantomme
eba9a87123
refactor(API Entreprise): raise an error on blank token 2022-02-07 15:18:16 +01:00
François Vantomme
51cfd3d7ad
feat(env): add env variables for the provider data 2022-02-04 18:20:06 +01:00
Kara Diaby
5d10158fa6 Instructeur : ne peut plus cliquer sur un dossier supprimé dans la recherche 2022-02-03 11:17:39 +01:00
Pierre de La Morinerie
d680602c84 models: validate private types_de_champ 2022-02-01 12:37:16 +01:00
Pierre de La Morinerie
e8e37cce15 models: refactor the types_de_champ validators
Context: we want to validate public and private types_de_champ
separately.

Before we validated the whole revision (and then validators themselves
enumerated all champs, public and private).

Now we validate the actual public types_de_champ, which will let us
validate separately the private types_de_champ.
2022-02-01 12:37:16 +01:00
Kara Diaby
96556ca4b3 locales 2022-01-31 10:03:44 +01:00
Kara Diaby
64f2dfdea1 routes 2022-01-31 10:03:44 +01:00
Pierre de La Morinerie
387701e7cb config: add a new SAML_IDP_ENABLED env var
This fixes the app crashing on launch when using the production profile,
because the certificates are not present.
2022-01-26 16:45:50 +01:00
Paul Chavard
ecebc8cf00 fix locale 2022-01-25 11:46:05 +01:00
Kara Diaby
2eb35065f8 fix dossier deletion mailers 2022-01-25 11:46:05 +01:00
Pierre de La Morinerie
0b4e82c25b config: move jobs env vars to the optional file 2022-01-19 15:43:44 +01:00
Pierre de La Morinerie
68fd3aea39 config: rename SOURCE to LOGRAGE_SOURCE 2022-01-19 15:43:44 +01:00
Pierre de La Morinerie
d4fada9f6c config: add MATOMO_HOST environment variable 2022-01-19 15:43:44 +01:00
Pierre de La Morinerie
cd7a86743b config: move related SendInBlue variables together 2022-01-19 15:43:44 +01:00
Pierre de La Morinerie
54667f8b11 config: remove SIGNING_KEY
It was used for initializing a custom message verifier in 
`app/services/signature_service.rb`.

But the use of SIGNING_KEY by this service was removed in
dbbe96d333 – and then the signature
service itself was removed completely in
69a51e3296.
2022-01-19 15:43:44 +01:00
Pierre de La Morinerie
75006c799e config: translate default env in english 2022-01-18 12:05:41 +01:00
Pierre de La Morinerie
a0e9764632 config: document INVISIBLE_CAPTCHA_SECRET 2022-01-18 12:05:41 +01:00
Paul Chavard
e3236e5f60 fix(mailer): transfer -> transfert 2022-01-13 17:59:06 +01:00
Kara Diaby
c306387b00 locales 2022-01-12 15:49:38 +01:00
Kara Diaby
510e8f2fdd routes 2022-01-12 15:49:37 +01:00
Martin
252eee272b feat(support#create): block with invisible captcha [avoid painful captcha] 2022-01-04 14:49:00 +01:00
Kara Diaby
37e991ccb8 User : delete the folder if the instructeur has hide it 2021-12-29 17:37:58 +01:00
Kara Diaby
7d7b847437 Instructeur : delete the folder if the user has hide it 2021-12-29 17:37:58 +01:00
Kara Diaby
f239d46a45 add hide_dossier method to instructeurs 2021-12-29 17:37:57 +01:00
Martin
d0ab1711ff fix(profil_controller#update_email): ensure we are not merging same account
fix(profil_controller#update_email): changing email from current_user.email to current_user.email destroy current user. whoops ☠️'

Update config/locales/en.yml

Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>

Update config/locales/fr.yml

Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>

Update spec/controllers/users/profil_controller_spec.rb

Update config/locales/fr.yml

Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>

Update spec/controllers/users/profil_controller_spec.rb

fix(spec): broken due to typo
2021-12-29 13:36:47 +01:00
Christophe Robillard
9a38d5e049 superadmin can only index and show zones 2021-12-23 19:07:42 +01:00
Christophe Robillard
537e6066d8 add Zones dashboard for superadmin 2021-12-23 19:07:42 +01:00
Fabrice Gangler
86a8d33ce7 fix(i18n): correct a typo 2021-12-23 10:56:40 +01:00
Christophe Robillard
eda8aacfe4 fix a11y problem for support page
L'interpolation de `support.index.product.answer_html` produisait des balises p vides, ce qui contrevenait au critère 8.9.1 RGAA (https://www.numerique.gouv.fr/publications/rgaa-accessibilite/methode/criteres/#test-8-9-1)
2021-12-23 10:49:52 +01:00
François Vantomme
14e0c68266 feat(api particulier): add MESRI field 2021-12-16 16:45:18 +01:00
François Vantomme
5097e78b45 feat(api particulier): add MESRI locales 2021-12-16 16:45:17 +01:00
François Vantomme
693a95904e style(api particulier): mentionne le statut étudiant dans les locales 2021-12-16 16:45:16 +01:00
Christophe Robillard
c9c1f206b9 fix zone acronyms 2021-12-15 19:37:32 +01:00
Christophe Robillard
829d644c10 group related options in zone select box 2021-12-15 19:37:32 +01:00
simon lehericey
0e7a6f5acf remove obsolete route 2021-12-15 13:43:32 +01:00
Pierre de La Morinerie
be1ddb59ec views: localize the stats partial
Also rename 'procédure' to 'démarches'.
2021-12-14 15:03:22 +01:00
maatinito
573b3d39e2 Fix date_trunc sql queries for timezoned forks 2021-12-14 08:50:09 +01:00
Martin
cf5794eebf clean(brakeman): remove unwanted warning 2021-12-13 17:09:20 +01:00
Martin
1795084dce fix(brakeman): no code injection here 2021-12-13 16:37:04 +01:00
simon lehericey
3bdf6b63d9 small wording fixes 2021-12-08 11:19:30 +01:00
Christophe Robillard
4ffd25a321 introduce zone concept from now on 2021-12-08 10:56:17 +01:00
François Vantomme
6ab8ac0662 feat (api particulier): add Pole emploi field 2021-12-08 10:36:25 +01:00
François Vantomme
2e05a3fde2 feat(api particulier): add Pole Emploi locales 2021-12-08 10:36:11 +01:00
François Vantomme
62bc2efbaa style(api particulier): mentionne Pôle Emploi dans les locales 2021-12-08 09:49:53 +01:00
François Vantomme
2110ef072c feat(api particulier): add DGFiP field 2021-12-07 11:03:05 +01:00
François Vantomme
abad34ea7c feat(api particulier): add DGFiP locales 2021-12-07 11:03:05 +01:00
François Vantomme
8ca8bdb6c4 fix(api particulier): correction d'une typo dans les locales 2021-12-07 11:03:05 +01:00
François Vantomme
4c8697656b style(api particulier): mentionne DGFIP dans les locales 2021-12-07 11:03:05 +01:00
Martin
45a74ee999 clean(routes): based on review 2021-12-06 13:09:46 +01:00
Martin
a9413f9b12 feat(manager): add procedure_expires_when_termine_enabled to administrate 2021-12-06 07:49:59 +01:00
Martin
081d5094a9 feat(instructeurs/procedure/dossiers#extend_conservation): add extends duree conservation in action button list, also rewire this action for user [extend by procedure.duree_conservation_dans_ds by default] but force 1.month for instructeur. add new icon for standby based on https://en.wikipedia.org/wiki/Power_symbol 2021-12-06 07:20:01 +01:00
Martin
d8a8d1fdab feat(instructeur/dossier/header/_expiration_banner): split trads and add dedicated expiration banner for instructeur. also enhance wording to include duree conservation + extension_conservation
feat(expiration_banner): enhance wording of expiration

feat(dossiers/expiration_banner): enhance wording regarding expiration to include duree_conservation_dossiers_dans_ds + extension_conservation, also add spec on expiration_banner for instructeur
2021-12-06 07:05:17 +01:00
Martin
22531560d8 feat(tabs.expirants): re-order so it comes before deleted dossiers 2021-12-06 07:05:17 +01:00
Christophe Robillard
3265ac2d84 localize zone 2021-12-02 19:24:26 +01:00
Christophe Robillard
5b8d872b6e populate zones 2021-12-02 19:16:11 +01:00
Pierre de La Morinerie
b7d17b0989 models: validate that no drop-downs are empty on publishing
Disallow publishing a procedure containing drop-downs with no selectable
values.
2021-12-02 09:00:37 +01:00
Pierre de La Morinerie
d524beee4e app: remove :instructeur_bypass_email_login_token from Flipper 2021-12-02 08:51:52 +01:00
Kara Diaby
ffcae81249 change locales 2021-11-30 14:27:58 +01:00
Pierre de La Morinerie
28dfc6a1ba manager: save bypass_email_login_token to both column and feature 2021-11-30 13:41:25 +01:00
Pierre de La Morinerie
99c77046d2 models: improve error message for invalid champs
Avoid prepending the message with 'Draft revision '
2021-11-30 13:34:41 +01:00
Pierre de La Morinerie
52b0fbf9b7 models: validate repetitions on publishing 2021-11-30 13:34:41 +01:00
simon lehericey
c4cde500ce fix acsv 2021-11-30 09:42:45 +01:00
Pierre de La Morinerie
184a401182 app: rename new_administrateur to administrateurs 2021-11-30 08:49:38 +01:00
Martin
970e43efb8 feat(stats#index): update Stat model to also query DossierDeleted in stats computation
tech(question): discard_and_keep_track! ; are we really keeping track with default_scope { kept } ?

feat(stats): add DeletedDossier in Stat computations

Revert "tech(question): discard_and_keep_track! ; are we really keeping track with default_scope { kept } ?"

This reverts commit d1155b7eeaaf1a9f80189e59667e109541fcb089.

feat(stats): support deleted_dossiers for last_four_months_hash and cumulative_hash. extract sanitize query & merge hashes in methdos

clean(rubocop): lint with rubocop

Update db/migrate/20211126080118_add_index_to_deleted_at_to_deleted_dossiers.rb

Co-authored-by: LeSim <mail@simon.lehericey.net>

fix(rubocop): avoid uneeded allocation

fix(migration): add concurrent index with expected synthax

fix(brakeman): add ignore message since group date_trunc evaluation is used by only ourself
2021-11-26 13:29:40 +01:00
Kara Diaby
67d331e788 modify locales fr and en 2021-11-26 09:45:13 +01:00
Kara Diaby
fef7f79237 add route 2021-11-26 09:45:13 +01:00
kara Diaby
eaac293da3 add a new tab traités on user dossiers 2021-11-26 09:45:13 +01:00
Martin
fdf0f18fda fix(i18n): wrap text under i18n.t
i18n(france_connect/*): replace wording with i18n

fix(lint): i18n key issue

secu(views/france_connect/particulier/merge.html.haml): sanitize france_connect_email just in case

fix(brakeman): sanitize FCI.email_france_connect when used with html_safe via an I18n.t, also add exception to brakeman
2021-11-25 17:34:37 +01:00
Martin
ff073f8884 Add confirmation by email when merging DC/FC accounts
feat(fci.confirmation_code): add confirmation code to france_connect_informations

feat(user_mailer.france_connect_confirmation_code): add confirmation by email mail method/preview/spec, pointing to merge_mail_with_existing_account (reuse existing method)

feat(mail_merge): mail merge

feat(merge.cannot_use_france_connect): same behaviour as callback

clean(fci.confirmation_code): use same token for mail validation as merge

feat(resend_france_connect/particulier/merge_confirmation): resend email with link. also enhance some trads, cleanup halfy finished refacto

clean(tech): finalize story by plugging merge_with_new_account to email validation

fix(deadspec): was removed

fix(spec): broken after last refactoring

lint(rubocop): space before parenthesis

lint(haml-lint): yoohoooo space before =

fix(lint): scss now :D

Update app/assets/stylesheets/buttons.scss

cleanup

feat(france_connect): re-add confirm by email, with an option for confirmation by email instead of only confirmation by email

fixup! Add confirmation by email when merging DC/FC accounts

fix(lint): haml_spec failure
2021-11-25 17:34:34 +01:00
mfo
e7d9d047fe
Merge branch 'main' into 6649-etq-usager-instructeur-rendre-la-suppression-plus-visible 2021-11-24 14:07:32 +01:00
simon lehericey
6e7d2e057a typo 2021-11-24 12:50:52 +01:00
simon lehericey
f60055637a add missing redirect_uri env 2021-11-24 12:47:01 +01:00
Pierre de La Morinerie
60c2718f29 models: remove custom code for file size validation message
With active_storage_validations 0.9.6, we can use the %{max_size}
variable directly in the error message.
2021-11-24 10:06:45 +01:00
Martin
0fd9e15cc1 i18n(expiration_banner): extract test in i18n files 2021-11-23 15:23:22 +01:00
simon lehericey
5234a1854c manage AgentConnect callback 2021-11-23 14:17:59 +01:00