Commit graph

417 commits

Author SHA1 Message Date
Colin Darie
61ebb27e86
fix(redirect): allow other hosts when required 2023-05-03 11:35:31 +02:00
Paul Chavard
99abdf45e7 fix(api-entreprise): use new status endpoint 2023-04-27 22:39:44 +02:00
Paul Chavard
cb752d1857 fix(dossier): do not bypass depositaire check on modifier path 2023-04-27 09:52:10 +02:00
Lisa Durand
c565ed415b change scope and alert location after UI modification 2023-04-18 12:03:10 +02:00
Lisa Durand
bc3e67ab94 add alert on user dashboard to edit last editable dossier 2023-04-11 15:50:17 +02:00
Paul Chavard
0864666d0a fix(dossier): an invited user can remove (leave) a dossier 2023-04-03 20:10:44 +02:00
Lisa Durand
6ba47b731b refacto destroy action and add spec for unauthorized user 2023-03-09 14:58:47 +01:00
Lisa Durand
3d5bf40c0f allow transfer sender to revoke a transfer 2023-03-09 14:57:59 +01:00
Damien Le Thiec
8a7cb3f1fe
Merge branch 'main' into fix/stored_query_issue 2023-03-01 10:22:40 +01:00
Damien Le Thiec
01f142183e Add and correct tests 2023-03-01 10:21:22 +01:00
Christian Lautier
704dbf94db Fix dossier controller spec 2023-02-25 08:32:21 -10:00
sebastiencarceles
becf4da70a fix raison social fetch 2023-02-27 13:54:35 +01:00
Damien Le Thiec
fbe4fe251a Fix format prefill repetition 2023-02-22 19:32:25 +01:00
Damien Le Thiec
deb51e3880 Manage GET prefill by creating a dossier 2023-02-20 15:35:14 +01:00
Eric Leroy-Terquem
ff5fecef25 fix(dossiers_transfers): can destroy dossiers_transfers 2023-02-03 13:48:39 +01:00
Martin
88553eec9b correctif(dossier_transfer): le transfer de dossier vers un email contenant des majuscule ne fonctionnait pas 2023-01-31 14:52:57 +01:00
Martin
a4d6692bc6 accessibilite(pages-authentification): evolutions des pages de connexion/creation de compte pour respecter le DSFR et supporter une meilleure accessibilite
Update app/components/dsfr/input_component/input_component.html.haml

Co-authored-by: Colin Darie <colin@darie.eu>
2023-01-03 16:26:05 +01:00
Sébastien Carceles
20136b7ac8
feat(demarche): create and prefill a dossier with POST request (#8233)
* add base controller for public api

* add dossiers controller with basic checks

* create the dossier

* ensure content-type is json

* prefill dossier with given values

* mark a dossier as prefilled

When a dossier is prefilled, it's allowed not to have a user.

Plus, we add a secure token to the dossier, which we will need later to set a
user after sign in / sign up.

* set user as owner of an orphan prefilled dossier

When a visitor comes from the dossier_url answered by the public api,
the dossier is orphan:
- when the user is already authenticated: they become the owner
- when the user is not authenticated: they can sign in / sign up / france_connect
and then they become the owner

So here is the procedure:
- allow to sign in / sign up / france connect when user is unauthenticated
- set dossier ownership when the dossier is orphan
- check dossier ownership when the dossier is not
- redirect to brouillon path when user is signed in and owner

* mark the dossier as prefilled when it's prefilled
(even with a GET request, because it will be useful later on, for
exmample in order to cleanup the unused prefilled dossiers)

* system spec: prefilling dossier with post request
2023-01-03 14:46:10 +01:00
Sébastien Carceles
b8ff0ba4a2
feat(demarche): sign up when prefilling a dossier (#8247)
* store prefill params in session

Instead of using query params on /dossier/new, we assume the user comes
from /commencer/:path, which is the new prefill link.

There, we store the prefill params in session, and use them to prefill
the dossier when creating it, in /dossiers/new.

* spec: cover the case

* review: serialize with json instead of yaml

* review: rename method

* review: store only query params

* review: comment why we dont override already stored params
2022-12-15 10:58:17 +01:00
Paul Chavard
1b95809f14 refactor(dossier): flatten champ attributes 2022-12-14 13:03:06 +01:00
sebastiencarceles
cdd790e3d3 review: document prefilling with json or array injection 2022-12-08 15:27:39 +01:00
sebastiencarceles
bf03e3b35a review: prefix typed ids with 'champ_' 2022-12-08 15:27:39 +01:00
sebastiencarceles
1e21a3d3e1 review: query the db only once 2022-12-08 15:27:39 +01:00
sebastiencarceles
24802985a2 feat(dossier): prefill dossier from query params 2022-12-08 15:27:39 +01:00
Paul Chavard
3c21090a88 feat(api_token): add profile api token card 2022-12-07 18:19:37 +01:00
Paul Chavard
886a409abf fix(dossier): fix links to empty pdf templates 2022-12-01 17:35:01 +01:00
Martin
05dcf5e7cf amelioration(usager.liste_des_dossier): ajout du bouton pour cloner un dossier 2022-11-14 09:13:54 +01:00
Paul Chavard
e6288c39f2 refactor(dossier): champs -> champs_public 2022-11-10 22:44:39 +00:00
simon lehericey
db3ebfa6d2 feat(FranceConnect): list and allow to unlink FC identities 2022-11-08 16:17:06 +01:00
Paul Chavard
d409b6f4ef feat(dossier): do not save dossier on submit 2022-10-13 14:44:46 +02:00
Colin Darie
95a4e8a907
feat(api_entreprise): create etablissement with fallback when API is down
On créé l'établissement uniquement avec le SIRET, sans que ce soit bloquant
pour compléter le dossier. On demande à l'utilisateur de vérifier
lui-même la concordance du SIRET avec son entreprise.

Cf #7766
2022-09-16 10:43:59 +02:00
Colin Darie
c4f6305b3a fix(dossiers/api_down): specific error when API Entreprise is globally down. 2022-09-15 18:53:41 +02:00
Paul Chavard
d6f5be622c feat(dossier): autosave en construction 2022-09-08 11:26:29 +02:00
Christophe Robillard
e087582f57 Can get dossier vide if procedure is closed 2022-08-05 16:00:08 +02:00
Colin Darie
d53aba4d24 fix(dossier_transfer): require a valid email
Cf #7621
2022-08-03 11:44:54 +02:00
Colin Darie
a5d5f4307f fix(dossier_transfer): avoid all transfers without valid email
Cf #7621
2022-08-03 11:44:54 +02:00
Martin
7f1018c5b0 feat(Users::CommencerController#commencer): ensure to redirect to replaced_by_procedure when it exisits 2022-08-02 13:08:36 +02:00
Colin Darie
d3232a28cd chore(api_entreprise): intercept token expiration for a more contextual frontend message
Auparavant le service échouait silencieusement et ne retournait rien,
ce qui dans les implémentations du front aboutissait au message que
l'établissement/l'entreprise n'a pas été trouvé.

Un type d'erreur spécifique sur l'expiration du token permet d'afficher
le message lié à un problème temporaire de récupération d'infos.
2022-07-18 09:57:19 +02:00
Paul Chavard
350ed3a11a feat(graphql): expose revision on demarche descriptor type 2022-06-17 12:33:35 +02:00
Martin
da57a1dc9e fix(commencer#commencer): broken due to missing interpolated variable in i18n 2022-05-13 13:15:31 +02:00
Martin
0826baeba3 bug(commencer#commencer): raise when procedure does not have a service
fix(commencer#commencer): use alternate message when procedure does not have a service
2022-05-12 16:41:11 +02:00
Pierre de La Morinerie
9bc5364ca2 app: add controller and view to generate a deposit receipt 2022-05-04 16:09:52 +02:00
Martin
2529773515 bug(commencer/test): with procedure without service nor organisation, it crashes 2022-04-28 14:19:55 +02:00
Martin
418d4ede17 test(commencer): test dossier_vide_pdf and dossier_vide_pdf_test 2022-04-25 15:00:48 +02:00
simon lehericey
7ecf20ce75 harden email validation 2022-03-24 13:00:54 +01:00
Paul Chavard
51d7fd6190 test(dossier): update spec to use visible_by_administration 2022-03-10 14:29:40 +01:00
Paul Chavard
91caef0bfe fix(dossier): ensure submitted dossiers always have groupe instructeur 2022-03-02 16:57:12 +00:00
Kara Diaby
24ff41d2c0 tests 2022-02-09 14:43:36 +01:00
Kara Diaby
c9f402aa5b tests 2022-01-25 11:46:05 +01:00
Kara Diaby
bdcb0ca0e9 tests 2022-01-12 15:49:38 +01:00