Commit graph

6864 commits

Author SHA1 Message Date
simon lehericey
218e4633a9 securely retrieve fci 2021-10-14 14:47:50 +02:00
simon lehericey
f7299da1e7 launch merge process if an unlinked DS account with the same email exists 2021-10-14 14:47:50 +02:00
simon lehericey
f6879eba60 associate_user take a target email 2021-10-14 14:47:50 +02:00
simon lehericey
09f828a6a2 create_merge_token! 2021-10-14 14:47:50 +02:00
simon lehericey
34862f41e0 Add fci valid_for_merge 2021-10-14 14:47:50 +02:00
simon lehericey
2e118a8f5b allow unattached fci 2021-10-14 14:47:50 +02:00
simon lehericey
461b774188 a password input must not be that wide 2021-10-14 14:47:50 +02:00
simon lehericey
6e6635560f Add merge token to FCI 2021-10-14 14:47:50 +02:00
simon lehericey
6826bf03b0 Sign in with a user linked by france connect sub (openid)
instead of looking linked user by email because :

- follows FC recommendation to fetch ds account by openid
- the email is not a valid key as many user can share the same FCI email.

The following scenario is now working

A user A (email: 1@mail.com) uses FC to connect to DS
=> It is connected as 1@mail.com

Another user B (email: generic@mail.com) uses FC to connect
=> It is connected as generic@mail.com

The first user A change its FC email to generic@mail.com and connect to DS
=> It is still connected as 1@mail.com
2021-10-14 14:47:50 +02:00
simon lehericey
06dee2e023 refactor controller to avoid return 2021-10-14 14:47:50 +02:00
simon lehericey
5aaf46258a remove obsolete devise scope 2021-10-14 14:47:50 +02:00
Paul Chavard
4caf2f9592 fix(champs): remove redundant description 2021-10-13 13:55:09 +02:00
Pierre de La Morinerie
9be16a1208 views: rename the procedure_publish_label helper
The new text makes more sense.
2021-10-12 16:25:11 +02:00
Pierre de La Morinerie
50b1d4ce28 views: make france-connect-information more compact
Otherwise it takes a lot of space in the form.
2021-10-12 16:25:01 +02:00
simon lehericey
87de9e38c6 allow draft to be saved with invalid cnaf champ 2021-10-12 14:27:20 +02:00
simon lehericey
35c7f05a0a source service supports unknown scope 2021-10-12 14:27:20 +02:00
simon lehericey
ecc26897e2 add end to end spec 2021-10-12 14:27:20 +02:00
simon lehericey
7aee944daa show cnaf tdc when procedure is compatible 2021-10-12 14:27:20 +02:00
simon lehericey
7072993721 a form can upload numero_allocataire and code_postal 2021-10-12 14:27:20 +02:00
simon lehericey
57a7f82a8f add cnaf ui 2021-10-12 14:27:20 +02:00
simon lehericey
40d0cfcdc4 add champ validation 2021-10-12 14:27:20 +02:00
simon lehericey
c76d1043fa add cnaf champ 2021-10-12 14:27:20 +02:00
simon lehericey
354735ace4 add champ value_json jsonb column 2021-10-12 14:27:20 +02:00
simon lehericey
d68129b34d add cnaf type de champ 2021-10-12 14:26:40 +02:00
simon lehericey
b69dafc3d4 CNAF in lowercase 2021-10-12 14:26:40 +02:00
simon lehericey
17a2b5dc53 fix a strange encoding error 2021-10-12 14:26:40 +02:00
Pierre de La Morinerie
0b02fce5e4 jobs: move ActiveJobLogSubscriber out of initializers
This is a class of its own, it doesn't need to be in the initializers.
2021-10-12 11:40:19 +02:00
simon lehericey
7c65571fca add case when the old_expert or old_instructeur is nil 2021-10-12 11:04:06 +02:00
simon lehericey
d7e621d167 beef up the merge methods 2021-10-07 15:51:31 +02:00
simon lehericey
77d14d4a60 forbid admin merge yet 2021-10-07 15:51:31 +02:00
simon lehericey
5009c583ea Add notice when merging account 2021-10-07 15:51:31 +02:00
simon lehericey
a480b31eb5 merge expert 2021-10-07 15:51:31 +02:00
simon lehericey
136f29524e merge instructeur 2021-10-07 15:51:31 +02:00
simon lehericey
9a6a53349f simple cases when the preexisting targeted account does not have instructeur or profile profile 2021-10-07 15:51:31 +02:00
Paul Chavard
4a947f9135 feat(manager): add become administrateur button in manager (with 24h expiration) 2021-10-07 11:32:12 +02:00
Paul Chavard
9d5c5447c2 fix(dossier): do not attempt to destroy transfers when a dossier is destroyed
we had a dependent option on both sides of a relationship which created race conditions
2021-10-06 17:51:09 +02:00
kara Diaby
13883393eb modify layout 2021-10-06 16:41:08 +02:00
Paul Chavard
d3c1941fbe fix(dossier): never write dossier log on dossiers brouillons 2021-10-05 17:56:51 +02:00
kara Diaby
e4b61eae21 layout 2021-10-05 15:37:29 +02:00
kara Diaby
177074bf32 css 2021-10-05 15:37:29 +02:00
kara Diaby
9c9eeb8e76 modify groupe instructeurs controller$ 2021-10-05 15:37:29 +02:00
kara Diaby
0bd879ec9b modify pj service 2021-10-05 15:00:21 +02:00
kara Diaby
6ef5b5d474 modify downloable file 2021-10-05 15:00:21 +02:00
kara Diaby
bfee9c275c layout 2021-10-05 15:00:21 +02:00
kara Diaby
6d89d914e2 modify expert avis controller 2021-10-05 15:00:21 +02:00
simon lehericey
d8112b9548 [Fix #6491] ui 2021-10-05 12:05:43 +02:00
simon lehericey
1000417bc9 update notifications_for_dossier used in dossier show 2021-10-05 12:05:43 +02:00
simon lehericey
65911b7680 update with_notifications dossiers scope (used in procedure index and show) 2021-10-05 12:05:43 +02:00
simon lehericey
f662b28baf update identity_updated_at column when user identity change 2021-10-05 12:05:43 +02:00
simon lehericey
3a878dfc04 add identity_updated_at column to dossier 2021-10-05 12:05:43 +02:00
Pierre de La Morinerie
f854e3af63 controllers: use ACSV to import groupe instructeurs
Unlike `CSV`, `ACSV` auto-detect the file encoding and separator type.
2021-10-05 10:58:15 +02:00
Peng-Fei DONG
dee536fca1 app: localize CSV import for groupe instructeurs 2021-10-05 10:58:15 +02:00
simon lehericey
9679e233cd [Fix #6512] admin preview in new tab 2021-10-05 10:47:58 +02:00
simon lehericey
e4484eb6d9 discard expert not found job error 2021-10-04 12:57:37 +02:00
simon lehericey
64351d0287 [Fix #6504] Fix exception raised when deleting a transfer 2021-10-01 12:11:03 +02:00
Pierre de La Morinerie
b2774ed2f6 js: fix pays API request on older Edge and Safari
The /api/pays API requires user authentication. However older versions
of Edge and Safari don't transmit cookies by default during a
`fetch` request.

Use the `credentials: 'same-origin'` option explicitely to fix the
countries list.
2021-09-30 16:21:24 +02:00
Pierre de La Morinerie
f01e4ed6ef models: document upstream PR about file size validation 2021-09-30 15:45:30 +02:00
kara Diaby
7594d8470c Fixe une faute d'orthographe dans une notification 2021-09-30 11:45:24 +02:00
Pierre de La Morinerie
2908f2bdba assets: fix background of translate-icon
The background was white, instead of being transparent.
2021-09-28 16:42:04 +02:00
kara Diaby
eb951c75e4 change stats colors 2021-09-28 14:49:24 +02:00
kara Diaby
b5e699e8b8 change svg icons color 2021-09-28 14:49:24 +02:00
kara Diaby
1f2935719c change blue color on all the app 2021-09-28 12:33:01 +02:00
kara Diaby
99cfd4f42c adapte la page d'accueil au design system de l'état 2021-09-28 12:33:01 +02:00
simon lehericey
6eb10ecde5 display tdc alphabetically 🎉 2021-09-27 15:45:37 +02:00
simon lehericey
f55db98e97 rework type de champ type 2021-09-27 15:45:37 +02:00
Paul Chavard
c288739f13 Update app/helpers/procedure_helper.rb
Co-authored-by: LeSim <mail@simon.lehericey.net>
2021-09-27 15:06:17 +02:00
Paul Chavard
7deedf8245 feat(refactor): unify dossiers header 2021-09-27 15:06:17 +02:00
Paul Chavard
357c684688 feat(routage): self managing instructeurs 2021-09-27 15:06:17 +02:00
Paul Chavard
d4e8158887 feat(routing): add instructeurs_self_management_enabled to procedures 2021-09-27 15:06:17 +02:00
Paul Chavard
5933194149 feat(log): stop logging user emails
fix #6485
2021-09-27 14:56:00 +02:00
simon lehericey
57604b9c89 add schema validations 2021-09-22 12:08:24 +02:00
simon lehericey
75043070da add CNAFAdapter 2021-09-22 12:08:24 +02:00
simon lehericey
a7651e3772 add api composition_familiale 2021-09-22 12:08:24 +02:00
simon lehericey
ceb09c5967 api remove useless symbolize 2021-09-22 12:08:24 +02:00
simon lehericey
07962cc2c7 service: match remote keys 2021-09-22 12:08:24 +02:00
Ismael MOUSSA S
36dc9c2ca2 Add File Validation concern after refactoring 2021-09-21 12:11:20 -05:00
Ismael MOUSSA S
7c7c9c9ea4 Fix file size validation message 2021-09-21 12:11:20 -05:00
Ismael MOUSSA S
bdbb4deb87 ADD FILE_MAX_SIZE constant to set allow file size limit 2021-09-21 12:04:56 -05:00
simon lehericey
1446660ca3 an api_particulier_token change erases previous api_particulier_sources 2021-09-21 11:21:10 -05:00
simon lehericey
2e1bed8748 an admin can save its sources 2021-09-21 11:21:10 -05:00
simon lehericey
8d747ff16e add sanitize method to service 2021-09-21 11:21:10 -05:00
Pierre de La Morinerie
6656d1130b i18n: refactor admin support locales
This allow i18n-tasks to better detect dynamic keys.
2021-09-21 10:44:20 -05:00
Pierre de La Morinerie
f9220891a7 i18n: refactor user support locales
This allow i18n-tasks to better detect dynamic keys.
2021-09-21 10:44:20 -05:00
Pierre de La Morinerie
274b92c453 i18n: remove simple_form locale files
We don't even use simple_form.
2021-09-21 10:44:20 -05:00
Pierre de La Morinerie
8748b6f494 i18n-tasks: add hint for default_i18n_subject in mailers 2021-09-21 10:44:20 -05:00
Pierre de La Morinerie
eef90efd49 app: fix exception during password reset when the token has expired 2021-09-21 10:30:09 -05:00
simon lehericey
a7ec77f0a8 do not display the action for instructeur 2021-09-20 13:58:11 +02:00
simon lehericey
75481a644c Add confirm alert 2021-09-20 13:58:11 +02:00
simon lehericey
7239657a75 [Fix #6481] a user see its waiting transfers 2021-09-20 13:58:11 +02:00
simon lehericey
c34476a766 a user can transfer all its dossier 2021-09-20 13:58:11 +02:00
Paul Chavard
c9accbf5a5 refactor(i18n): localize routage description 2021-09-18 11:51:27 +02:00
Paul Chavard
4db059a54c Update app/views/new_administrateur/groupe_instructeurs/_routing.html.haml
Co-authored-by: Pierre de La Morinerie <kemenaran@gmail.com>
2021-09-18 11:22:35 +02:00
Paul Chavard
0c5c8faf16 feat(routage): enable routage for everyone 2021-09-18 11:22:35 +02:00
Paul Chavard
0ff62c5a5e feat(routage): add routing_enabled to procedures 2021-09-18 11:22:35 +02:00
Paul Chavard
8b4bef2816 refactor(routage): simplify goupe_instructeur assign code 2021-09-18 11:21:26 +02:00
Paul Chavard
eea6b961d7 refactor(routage): remove administrateur_routage feature flag 2021-09-18 11:21:26 +02:00
simon lehericey
cfebc4698a add link to sources UI 2021-09-17 13:50:23 +02:00
simon lehericey
2c13f70cd5 redirect to sources after updating token 2021-09-17 13:50:23 +02:00
simon lehericey
5dbd81ebeb show api particulier sources 2021-09-17 13:50:23 +02:00
simon lehericey
8327c6fd0c add ApiParticulier::Service::Sources 2021-09-17 13:50:23 +02:00
simon lehericey
b000590d81 add api particulier sources to procedure 2021-09-17 13:50:23 +02:00
Peng-Fei DONG
2b8f7f13a9 check SENDINBLUE_ENABLED when show the link 2021-09-16 15:37:31 +02:00
Pierre de La Morinerie
715b5ea6d8 i18n: move controller keys to the proper scope 2021-09-16 07:59:19 -05:00
Pierre de La Morinerie
423deb3c3a i18n: fix invalid i18n key in the admin section 2021-09-16 07:51:56 -05:00
Pierre de La Morinerie
e6b044531d i18n: fix invalid i18n-tasks-hint 2021-09-16 07:51:56 -05:00
Pierre de La Morinerie
f1fa84c12a i18n: remove unused i18-tasks-hint 2021-09-16 07:51:56 -05:00
Pierre de La Morinerie
446738fbbf i18n: make dynamic scopes explicit
This fixes i18n-tasks not being able to recognize the scopes.
2021-09-16 07:51:56 -05:00
Pierre de La Morinerie
1eefc151bc i18n: move locale scope just after the key name
It helps i18n-tasks to understand the scope, and not report errors
about a missing key.
2021-09-16 07:51:56 -05:00
Pierre de La Morinerie
95d1cd6992 i18n: cleanup gender locales
The dot in the localized key messes up with i18n-tasks, and causes
false positives for missing strings.
2021-09-16 07:51:56 -05:00
simon lehericey
1d06c15ac0 save api particulier scopes 2021-09-16 09:49:16 +02:00
simon lehericey
6c6205e188 a cloned procedure to a different admin does not keep api_particulier token and scopes 2021-09-16 09:30:11 +02:00
simon lehericey
2d2ae3a878 add api particulier scopes to procedure 2021-09-16 09:30:11 +02:00
simon lehericey
7ee360df30 add logic to detect empty scopes 2021-09-16 09:09:34 +02:00
Pierre de La Morinerie
745e19bb8e localize 2021-09-16 09:07:47 +02:00
simon lehericey
69bb174e29 add feature flipped link to add api particulier token
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:56:42 +02:00
simon lehericey
ee6d19e3ee an admin can save it's api particulier token
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:56:42 +02:00
simon lehericey
4c0dd43055 add jetons particulier index page
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:37:04 +02:00
simon lehericey
87cb16093f fetch token introspection
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:37:04 +02:00
Peng-Fei DONG
1979c44f9c set OTP: Enable or Disable 2021-09-09 10:25:15 -05:00
Pierre de La Morinerie
4a71b1d202 app: remove former password complexity views
The old component is now unused and ca be removed.
2021-09-09 09:40:40 -05:00
Pierre de La Morinerie
e5f449b595 devise: unify password reset views
By default, Devise will look for views:

1. First in `views/resource/passwords/…`,
2. Then in `views/devise/passwords/…` if not found.

By moving the views to `views/devise`, we avoid having a partial in
`views/shared` that we need to include manually, and instead let Devise
do the job automatically.
2021-09-09 09:40:40 -05:00
Pierre de La Morinerie
80f9d4adc0 devise: use password_strength component in SuperAdmin::PasswordsController 2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
62e4f7ee32 devise: use password_complexity in User::PasswordsController
This fixes the password strength meter no longer being displayed when
an admin changes their password.
2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
ed8b19d2eb app: use password_complexity in Administrateurs::ActivateController 2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
428ca8755f app: add a password_complexity component
This component will replace the previous `password_field` component.
2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
e97b7164dd models: extract password complexity to a concern 2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
02bdfef893 devise: cleanup Users::PasswordController 2021-09-09 08:03:34 -05:00
Paul Chavard
3235f42a63 feat(dossier): add dossier transfers UI 2021-09-08 15:10:43 +02:00
Paul Chavard
5985755229 feat(dossier): add purge stale dossier transfers job 2021-09-08 14:39:46 +02:00
Paul Chavard
46226b7930 fix(i18n): use size instead of count in dossier mailers 2021-09-08 14:39:46 +02:00
Paul Chavard
d6cbdf2a48 feat(dossier): add dossier transfer models 2021-09-08 14:39:46 +02:00
Paul Chavard
44eb0ada4f fix(i18n): add Kosovo to countries list
Kosovo is not part of ISO 3166 as of time of writing. https://en.wikipedia.org/wiki/ISO_3166-2:RS#cite_ref-1
2021-09-08 12:11:25 +02:00
Paul Chavard
a7ec43a21e fix(i18n): fix email previews 2021-09-08 09:21:19 +02:00
Paul Chavard
ef12ded3ed i18n: fix localization of notify_revert_to_instruction email 2021-09-08 09:21:19 +02:00
Paul Chavard
c8d8976a7c i18n: fix localization of notify_new_answer email 2021-09-08 09:21:19 +02:00
Pierre de La Morinerie
f8d7b7b1e3 i18n: fix localization of notify_new_draft email 2021-09-08 09:21:19 +02:00
Pierre de La Morinerie
4f33a7b72e js: improve auto-save-controller documentation 2021-09-07 16:45:52 -05:00
Pierre de La Morinerie
ad8dcc7f7d js: don't report autosave failures that are timeouts
This prevents spamming Sentry with "[Autosave] Error: 0" messages.
2021-09-07 16:45:52 -05:00
Pierre de La Morinerie
8dce7d59ed js: redirect to sign-in when a ujs link_to receives a 401
Before, when a 401 was received by a ujs-enabled link (like `link_to …,
method: :delete, data: { remote: true }`, rails-ujs tried to insert the
response text as a Javascript script.

As the script was something like `Please sign-in`, which is not valid
Javascript, the browser would throw an "Unexpected token" error.

The typical use-case is:

1. The user open a form in a tab,
2. The user disconnects in another tab,
3. In the first tab, the user clicks on a remote "Delete" link_to

In that case the browser raised an error in the console (and in Sentry),
but the user would see nothing.

With this commit, all 401 ujs errors are turned into redirects to the
sign-in page.

Fix https://sentry.io/organizations/demarches-simplifiees/issues/2522512693/activity/
2021-09-07 16:45:52 -05:00
Pierre de La Morinerie
255c00c174 js: ignore a new variant of the same warning 2021-09-07 16:45:52 -05:00
Pierre de La Morinerie
905fca0bd3 models: ensure Champs::Pays#to_s is always a string
Before this, the result of `Champs::Pays#to_s` could be `nil`, which
would break various things (like the PDF rendering of these champs).
2021-09-07 10:47:18 -05:00
Paul Chavard
74e277d0a2 feat(graphql): add an option to dossier state change mutations to disable notifications 2021-09-07 14:21:48 +02:00
Paul Chavard
96cbbc0192 fix(virus scan): prevent virus scan on archives and signatures uploads 2021-09-07 14:21:48 +02:00
Paul Chavard
084e48c8e3 fix(dossier_projection_service): select external_id on champs 2021-09-07 14:07:55 +02:00
simon lehericey
367f508e2e linked_drop_down_list: empty primary => empty secondary 2021-09-07 10:09:18 +02:00
Paul Chavard
6a5a8233b5 feat(i18n): send dossier emails with its user locale and improuve translations 2021-09-07 09:51:23 +02:00
Paul Chavard
cd9f7df502 feat(i18n): send dossier notifications with its user locale 2021-09-07 09:51:23 +02:00
Paul Chavard
34b1418868 feat(i18n): save locale on user 2021-09-07 09:51:23 +02:00
Paul Chavard
ff7fa4d895 feat(i18n): expose locale on dossier and deleted_dossier 2021-09-07 09:51:23 +02:00
Paul Chavard
f1ff6da81b feat(i18n): add locale to user 2021-09-07 09:47:01 +02:00