Commit graph

394 commits

Author SHA1 Message Date
Pierre de La Morinerie
b398485d97 manager: localize dossier enums
In the previous commit, we cleaned up the localization of the
Dossier.state enum. This prevented administrate from crashing, but now
the dossier enum are no longer localized in the Manager.

By using a `Field::Enum` type, we instruct the administrate plugin
to look up our localized name for the Dossier state enum.
2021-05-06 14:41:08 +02:00
Pierre de La Morinerie
ce6a27d416 manager: upgrade administrate to be compatible with Rails 6.1.3.2
Rails 6.1.3.2 is a security upgrade, and we had to upgrade quickly.
Unfortunately that broke the administrate gem.

A PR has been opened to fix the issues with the newest Rails version,
and will probably be merged quickly. Meanwhile we can fix the manager
by using the version from the PR for now.

Once the PR is merged and a new version of administrate is released,
we can use a released version of administrate again.
2021-05-06 11:17:17 +02:00
Pierre de La Morinerie
9ad57fde2a initializers: lazy-load Mailjet gem
This fixes an error message on app startup about autoloaded
constants:

> DEPRECATION WARNING: Initialization autoloaded the constants ActionText::ContentHelper and ActionText::TagHelper.

The reason for this error is that the Mailjet gem forces the
immediate loading of `action_mailer`. Which leads to the
following sequence of events:

On app init, when bundler requires all the gems in the Gemfile:
- The Mailjet gem is required,
- It loads `ActionMailer::Base`.

Later, when Rails initializes itself:
- `ActionText` creates an `action_text.helpers` initializer,
- This initializer register hooks to add `ActionText` helpers
when either `action_controller_base` or `action_mailer` are loaded,
- But as `action_mailer` has already been loaded, the hook is trigerred
immediately,
- ActiveSupport::Dependencies notices `ActionText` constants do not
exist yet, auto-load them, and add the constants to
`ActiveSupport::Dependencies.autoloaded_constants`.

And even later, at the end of the Rails initialization process:
- The `:warn_if_autoloaded` initializer is run,
- It notices that `autoloaded_constants` is not empty, and prints the
warning message.

See https://github.com/mailjet/mailjet-gem/issues/213
2021-04-20 15:11:43 +02:00
Pierre de La Morinerie
f7d71ba698 gems: update devise-two-factor to a released version
This is the first official release compatible with Rails 6.1.
2021-04-15 16:54:14 +02:00
Pierre de La Morinerie
56b3601063 app: enable Bootsnap
Bootsnap speeds up the initial loading of the Rails app by:
- Optimizing the LOAD_PATH dynamically
- Caching the result of Ruby bytecode compilation

Cached data are written to `tmp/cache/bootsnap*`.

This is enabled in the default Rails app template.
2021-03-19 08:05:14 +01:00
Pierre de La Morinerie
5bf499baa0 specs: remove rspec_junit_formatter
It was unsed by CircleCI to generate test reports in the JUnit XML
format, but:

- We now use Github Actions, which has its own reporting system,
- It prevents us to upgrade to rspec > 3.
2021-03-09 15:51:19 +01:00
Pierre de La Morinerie
71c4ce67b2 gemfile: don't require i18n-tasks by default
i18n-tasks is only used as a standalone command-line tool. It doesn't
need to be included in the app.

It also prevent a parser warning from appearing when running any rails
command:

> warning: parser/current is loading parser/ruby27, which recognizes
> warning: 2.7.2-compliant syntax, but you are running 2.7.1.
> warning: please see https://github.com/whitequark/parser#compatibility-with-ruby-mri.

Now this (legitimate) warning only appears when running the i18n-tasks
command.
2021-03-04 22:52:19 +01:00
Pierre de La Morinerie
1ebfdef411 gems: remove ruby-debug-ide
- It was included to make Rubymine happy, but nowadays Rubymine seems
to load the debugger without touching the Gemfile
- It keeps matching an invalid version when `bundle upgrade`-ing the
dependencies.
2021-02-25 10:45:42 +00:00
Pierre de La Morinerie
473a86b861 gems: remove guard
- It doesn't seem used a lot these days
- It has some incompatibility with rspec 4

We need to explicitely add the 'listen' gem now though.
2021-02-25 10:45:42 +00:00
Pierre de La Morinerie
1d7c4f5b02 gems: remove ffi-geos
We don't need it now that we don't link to a compiled geos version
anymore.
2021-02-25 10:45:42 +00:00
Pierre de La Morinerie
0fa3d367c0 gems: use a version of devise-two-factors compatible with Rails 6.1 2021-02-25 10:45:42 +00:00
Pierre de La Morinerie
2e3ddd6190 gems: upgrade to Sprockets 4 2021-02-24 17:09:51 +01:00
Pierre de La Morinerie
e1a450fd6f gems: remove xray-rails
It is not compatible with sprockets-4.
2021-02-24 17:09:51 +01:00
Paul Chavard
753d0478ef update sentry gems 2021-02-10 17:52:04 +01:00
Judith
ed10a9dd62 gem i18n-tasks added to Gemfile 2021-02-04 12:15:13 +01:00
Pierre de La Morinerie
705cb2e657 gems: use a zeitwerk-compatible version of byebug
It seems byebug is not compatible with the zeitwerk autoloader, but
byebug-pry is.
2021-02-04 09:42:49 +00:00
Paul Chavard
a503417298 Remove old css and js 2021-02-02 15:26:11 +01:00
Paul Chavard
c46ab38055 Add sentry-rails 2021-01-28 15:31:27 +01:00
Paul Chavard
5c9f2e8783 Add api education adapter and job 2021-01-14 17:57:48 +01:00
Paul Chavard
371179dc5b Watermark titres identite 2020-11-25 16:19:06 +01:00
Christophe Robillard
9347951cea act as an saml identity provider 2020-11-16 12:19:54 +01:00
Christophe Robillard
2a0ebd062a enable 2FA for manager
when trying to access manager, if superadmin did'nt enable otp, he/she is redirected to a page to enable 2FA. When superadmin is enabling 2FA, he has to to scan a qrcode with the 2FA application client. And afterwards, the superadmin has to log in with email, password and OTP code.
2020-11-05 16:03:55 +01:00
Christophe Robillard
305ccdc0cd add recoverable and two_factor stragegy for administration 2020-11-05 16:03:55 +01:00
Christophe Robillard
6c2eb22960 remove github authentication for manager 2020-11-05 16:03:55 +01:00
simon lehericey
d82d1132c2 Remove rack_mini_profiler from prod as it could show env var and force us to allow unsafe_eval and script in csp 2020-10-30 17:08:31 +01:00
clemkeirua
d7fff61d5d ajout de la gem sendinblue 2020-10-13 17:36:43 +02:00
clemkeirua
dfd2c1ee79 reorder gems 2020-09-25 12:53:11 +00:00
kara Diaby
cb4e91c405 Add iban type de champ 2020-09-23 15:56:26 +02:00
simon lehericey
94ab1d4b66 bump rspec 2020-09-21 11:15:25 +02:00
simon lehericey
1f1b54b442 Update rails 2020-09-15 10:01:28 +02:00
Judith
9553dae7bd gem devise-i18n added to Gemfile to remove the config/locales/devises.*.yml files. 2020-09-01 16:47:40 +02:00
Judith
af25fdd77c gem http_accept_language installed and (de)activable with feature flag 2020-08-27 16:15:01 +02:00
Pierre de La Morinerie
1767df33b0 doc: add a visualization of the database models
Re-generate the schema using `bin/rake erd`.

NB: there's a way to update the PDF automatically after each migration.
But it requires `graphviz` to be installed locally, which I'm not
sure I want to require by default.
2020-08-27 12:02:28 +02:00
Pierre de La Morinerie
e6d8581b06 app: add annotate
Annotations will be generated only for models, and sorted (to avoid differences
depending on the order in which migrations are ran).

The annotations will be automatically updated every time `rails db:migrate`
is run on a development environment.
2020-08-12 11:45:53 +02:00
Paul Chavard
fc3aece318 Rails 6 2020-07-07 18:03:56 +02:00
clemkeirua
031f59c9e1 add wcag accessibility tests for usager pages using axe-core 2020-06-26 17:10:26 +02:00
Pierre de La Morinerie
f6d92eb659 gems: upgrade to Rails 5.2.4.3
Fixes:

- CVE-2020-8165
- CVE-2020-8166
- CVE-2020-8162
2020-06-23 15:32:41 +02:00
dependabot[bot]
dc9769c38c build(deps): bump kaminari from 1.1.1 to 1.2.1
Bumps [kaminari](https://github.com/kaminari/kaminari) from 1.1.1 to 1.2.1.
- [Release notes](https://github.com/kaminari/kaminari/releases)
- [Changelog](https://github.com/kaminari/kaminari/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kaminari/kaminari/compare/v1.1.1...v1.2.1)

Signed-off-by: dependabot[bot] <support@github.com>
2020-06-02 07:59:16 +00:00
Pierre de La Morinerie
b5f1d97629 app: disable Turbolinks
Fix #5039
2020-05-13 11:04:16 +02:00
Christophe Robillard
d74b14c205 fetch attestation sociale url 2020-04-29 14:25:55 +02:00
Paul Chavard
053e2db8f7 Fix geos not being properly load in some environements 2020-04-28 12:21:22 +02:00
Paul Chavard
2a3530738d Do not crash on boot if geos is not installed 2020-04-23 20:12:31 +02:00
Paul Chavard
9cb612bb3d Show area and length on champ carto selections utilisateur 2020-04-23 10:21:18 +02:00
Paul Chavard
7c34795a1a Bring back font-awesome-rails
we need it untill we remove all the old admin pages
2020-04-15 17:41:05 +02:00
Paul Chavard
7a8fd3c679 Use graphql playground instead of graphiql 2020-04-09 19:38:19 +02:00
Paul Chavard
6dc1f3e2c4 Use human readable expressions instead of cron gibberish
https://github.com/floraison/fugit#fugitnat
2020-04-07 12:44:58 +02:00
simon lehericey
d1cad0388e minor rails bump 2020-03-23 11:43:50 +00:00
Paul Chavard
3cd4597006 Update rubocop roules 2020-03-17 11:25:21 +01:00
Paul Chavard
444d19e191 Remove unused gems 2020-03-17 11:25:21 +01:00
Paul Chavard
5bccfba122 Update administrate gem 2020-03-17 11:25:21 +01:00
Paul Chavard
74f7eaaf2e Update spreadsheet_architect 2020-03-17 11:25:21 +01:00
Paul Chavard
6d703c0bd0 Replace prawn_rails with prawn-rails 2020-03-17 11:25:20 +01:00
Paul Chavard
c281347da1 Remove restclient 2020-03-17 11:12:14 +01:00
Paul Chavard
9c2babba6a Update rspec-rails 2020-03-17 09:56:26 +01:00
Paul Chavard
e540dea929 Fix administrate pagination by pinning to an old version of kaminari 2020-03-05 14:01:09 +01:00
Paul Chavard
57df024266 Bring back activestorage-openstack to upstream 2020-03-04 10:14:16 +01:00
Paul Chavard
b6612bbcf9 Use a forked activestorage-openstack 2020-03-03 10:14:15 +01:00
kara Diaby
6102ba6039 Do not permit to upload a GIF file via javascript 2020-02-25 23:33:15 +01:00
Paul Chavard
1ce1c1e6d0 use discard 2020-02-13 12:31:59 +01:00
Paul Chavard
4edc7b00cf Use geocoder 2020-01-15 15:04:04 +01:00
Paul Chavard
14295db9ad Revert "Revert "Merge pull request #4552 from tchak/champ-communes""
This reverts commit 4373cb22cb.
2020-01-14 18:46:07 +01:00
clemkeirua
a2d53bb400 ajout de la gem prawn 2020-01-14 09:29:29 +01:00
clemkeirua
4373cb22cb Revert "Merge pull request #4552 from tchak/champ-communes"
This reverts commit 4cec26f73a, reversing
changes made to 0ef25ef36c.
2020-01-13 16:26:27 +01:00
Paul Chavard
e61e39d345 Remove unused code and tests 2020-01-07 11:52:51 +01:00
Christophe Robillard
4e7c779116 refuse les numéros de tel invalides
rend facultatif les numéros de téléphone
2019-12-04 05:34:43 +01:00
Pierre de La Morinerie
939a162057 gems: upgrade Capybara
Fix #4536
2019-11-28 11:31:42 +01:00
Paul Chavard
fe84e8e0f7 Remove carrierwave 2019-11-12 15:26:18 +01:00
Paul Chavard
efd03f0169 Use webdrivers gem to keep webdrivers updated 2019-11-06 11:20:40 +01:00
Paul Chavard
5a87db9920 Revert "Revert "Update activestorage-openstack""
This reverts commit c102dc63b7.
2019-10-30 12:11:53 +01:00
simon lehericey
c102dc63b7 Revert "Update activestorage-openstack"
This reverts commit 9088495272.
2019-10-29 10:31:29 +01:00
Paul Chavard
7d20e6e9e6 Downgrade Capybara 2019-10-24 15:48:08 +02:00
Paul Chavard
9088495272 Update activestorage-openstack 2019-10-22 17:40:15 +02:00
simon lehericey
f31c184b56 [fix #1537] Remove simple_form gem 2019-10-08 11:08:35 +02:00
Paul Chavard
e7ed408e08 Auto-link valeur des champs
closes #2865
2019-10-07 21:20:24 +02:00
Paul Chavard
7f09d0e430 Add graphql gems 2019-09-24 10:47:21 +02:00
Paul Chavard
c370c2f475 Cleanup FlipFlop 2019-09-10 23:52:44 +02:00
Paul Chavard
65e227c44b Migrate to flipper 2019-09-10 16:10:14 +02:00
pedong
fc8cebd78d add Gem rack_attack for prevent attack brute-force 2019-08-20 13:29:29 +02:00
Pierre de La Morinerie
20239077a7 Gemfile: fix an 'insecure connection' Bundler warning 2019-08-01 15:00:23 +02:00
Paul Chavard
fc75580a3c Start using pundit 2019-07-30 18:09:28 +02:00
clemkeirua
25f81f1d3c download a dossier as zip with all attachments 2019-07-16 09:11:25 +02:00
Pierre de La Morinerie
76335511c8 omniauth: protect against CSRF
See https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284
2019-07-15 18:16:00 +02:00
Mathieu Magnin
b34f8fbe3d Add ActionText 2019-07-03 13:15:49 +02:00
Paul Chavard
fb0ef15e3c Export dossiers v2 2019-07-02 14:20:29 +02:00
Nicolas Bouilleaud
76925356b6 Fix irb_context in rails console
Don’t require rspec_junit_formatter gem
It’s only needed when running tests (for circleci).
It messes with the console, when running `rails c` it causes this warning:
```
irb: warn: can't alias context from irb_context
```
This is related to rspec monkey_patching a `context` method on `Object` (rspec/rspec-rails#1645)
2019-05-20 10:33:43 +02:00
Paul Chavard
51c79ba6a6 Update webpacker and replace vue with react 2019-04-03 14:38:07 +02:00
Paul Chavard
e71cdcd12c Move all the trackers to a separate js pack 2019-04-02 17:33:53 +02:00
Mathieu Magnin
7252c26e93 Gem web-console is back ! 2019-03-12 17:53:11 +01:00
Mathieu Magnin
28fd9051d7 Gem update bootstrap-sass (>= 3.4.1) 2019-02-25 12:01:47 +01:00
Paul Chavard
c2a7460315 Add ruby debugger support 2019-02-14 15:22:57 +01:00
gregoirenovel
005eea26f7 Remove the unused web-console gem 2019-01-07 10:34:55 +01:00
gregoirenovel
9302905271 Remove the unused rack-handlers gem 2019-01-07 10:34:55 +01:00
gregoirenovel
7747f40ec0 Sort gems by alphabetic order 2019-01-07 10:34:55 +01:00
gregoirenovel
feae5194fa Use single quotes everywhere in the Gemfile 2019-01-07 10:34:55 +01:00
gregoirenovel
aaff27aca9 Move Gemfile comments into the line they comment
And remove some useless comments
2019-01-07 10:34:55 +01:00
Pierre de La Morinerie
07d95ce934 Remove the rbnacl gem
Fix #3160
2019-01-03 17:48:53 +01:00
gregoirenovel
564ece37d9 Remove the draper gem 2019-01-03 15:13:22 +01:00
Frederic Merizen
57f2895938 [#3133] Bump activestorage-openstack to fix on openstack 2018-12-07 15:19:18 +01:00
gregoirenovel
9b380829f8 sass-rails → saasc-rails
saas-rails is deprecated
2018-12-04 15:54:49 +01:00
Pierre de La Morinerie
af47ccda94 deploy: require mina only for deployment tasks
This fixes mina activating Rake traces, which pollutes the output
of rake tasks.
2018-11-26 12:09:35 +01:00
Paul Chavard
cf98e28178 Fix notifications on dossiers with migrated carto 2018-11-22 11:16:01 +01:00
gregoirenovel
dcf063f8f8 Bump warden and remove its dependency on the master branch
Now that the fix for wardencommunity/warden#147
is present in a proper release
2018-11-16 11:48:36 +01:00
Frederic Merizen
e69e459649 [#2180] Add activestorage-openstack 2018-11-16 11:11:40 +01:00
Frederic Merizen
6da33f2387 [#2180] Drop fog 2018-11-16 11:11:39 +01:00
Pierre de La Morinerie
b0541fba79 users: sign-in after confirming an account within a short time 2018-11-06 18:24:34 +01:00
Mathieu Magnin
3c9182d41d Update Mina 2018-10-24 12:22:33 +02:00
Mathieu Magnin
d0a8cedbe2 Unicorn -> Puma 2018-10-24 12:22:33 +02:00
gregoirenovel
f3caa8ef7f Remove apipie (and maruku) 2018-10-09 17:23:07 +02:00
Paul Chavard
179786380d Use leaflet and freedraw from npm 2018-10-05 09:55:41 +02:00
Paul Chavard
ff9e87b88e Use letter opener 2018-10-04 18:21:43 +02:00
simon lehericey
8c4f8347ca Api Token: store token in an encrypted form 2018-09-27 10:14:32 +02:00
Mathieu Magnin
96b95b90cc [Fix #1285] Add zxcvbn gem 2018-09-26 08:58:43 +02:00
Paul Chavard
c66bb056f5 Remove uglifier 2018-09-25 18:26:19 +02:00
gregoirenovel
abac1d4a1d [Fix #2309] Remove therubyracer 2018-09-25 17:10:13 +02:00
Pierre de La Morinerie
110f657849 Gemfile: add default ActiveRecord translations
Before:

```ruby
> Commentaire.create!
ActiveRecord::RecordInvalid (translation missing: fr.activerecord.errors.messages.record_invalid)
```

After:

```ruby
> Commentaire.create!
ActiveRecord::RecordInvalid (La validation a échoué : Body Votre message ne peut être vide)
```

Fix #2096
2018-09-18 14:22:08 +02:00
Frederic Merizen
cbd390218d [Fix #1372] Bump spreadsheet architect and axlsx
This allows us to bump rubyzip to a version that is free of CVE-2017-5946
2018-09-06 17:56:57 +02:00
Paul Chavard
c67f8dcaaa Add after_party 2018-08-30 11:54:54 +01:00
gregoirenovel
c6a839cd64 Add the groupdate gem 2018-08-27 14:00:34 +02:00
Mathieu Magnin
20a3f86729 Dotenv-rails should be defined a the very top of the gemfile 2018-08-21 15:41:06 +02:00
Paul Chavard
40a1e22cc9 Remove logstasher and add custom job structured logger 2018-08-16 12:26:13 +02:00
Paul Chavard
a6a4790a35 Replace logstasher with lograge 2018-08-13 12:44:00 +02:00
Paul Chavard
bf7c023380 Add webpacker and use it for new_design 2018-07-25 15:14:06 +02:00
Pierre de La Morinerie
394019b70c specs: save a screenshot of failing integration tests 2018-07-04 09:43:22 +02:00
Pierre de La Morinerie
a569a566fc header: use active_link_to for setting the active class on links 2018-06-26 18:04:04 +02:00
Frederic Merizen
be82c1c390 [#2071] Sort Gemfile 2018-06-10 11:39:48 +02:00
Frederic Merizen
ad040e354a [Fix #2071] Let premailer generate a plain text version of html emails 2018-06-09 09:00:33 +02:00
gregoirenovel
e5869f2bec Remove delayed_job_web version lock
Now that the security patches have been patched
2018-06-01 10:42:40 +02:00
gregoirenovel
661010100d [Fix #1536] Remove stringupcasepatch 2018-05-31 11:49:25 +02:00
Frederic Merizen
fd168c4a72 [Fix #1972] Make devise mails async 2018-05-28 12:02:13 +02:00
gregoirenovel
a8ac59dd4c Remove constraint on rails 2018-05-24 18:17:34 +02:00
gregoirenovel
5a880b5663 Remove constraint on uglifier 2018-05-24 18:17:34 +02:00
gregoirenovel
cf0eec6cd6 Remove the fixed version for guard-livereload 2018-05-24 18:17:34 +02:00
Paul Chavard
a8e7038ab5 Add aasm 2018-05-17 14:46:48 +02:00
Paul Chavard
27292f7b77 Update flipflop to latests released version 2018-04-26 09:48:58 +02:00
Paul Chavard
482b306920 Show enabled features for admins in manager 2018-04-25 15:42:45 +02:00
gregoirenovel
049a2d88b9 Bump rails to 5.2 final 2018-04-24 16:07:19 +02:00
Paul Chavard
49d9833473 add flipflop gem 2018-04-18 16:51:21 +02:00
Paul Chavard
cee6101008 Fix chromedriver on CI 2018-04-18 15:34:42 +02:00
Paul Chavard
714ebda2fe Add SignatureService 2018-04-04 18:44:08 +02:00
Paul Chavard
f35aef0eb6 Use Typhoeus and set agressive timeouts 2018-03-26 16:53:42 +02:00
gregoirenovel
97a2c9321f Unlock ffi now that a bug has been resolved 2018-03-14 17:46:22 +01:00
Mathieu Magnin
25c5873a86 Go back to official smartlisting gem 2018-03-14 17:06:29 +01:00
Frederic Merizen
c23419359b Fix XSS in delayed job web admin
https://github.com/ejschmitt/delayed_job_web/issues/101
2018-03-07 17:04:47 +01:00
simon lehericey
b59e23a619 Gemfile: Add chromedriver-helper 2018-02-27 10:14:55 +01:00
gregoirenovel
a6c321e428 Remove an unused gem 2018-02-23 16:45:38 +01:00
Paul Chavard
c876d5e5a2 Lock ffi version to fix builds on Mac 2018-02-22 15:50:35 +01:00
gregoirenovel
29d9b03672 Bump rails to 5.2.0.rc1 2018-02-07 16:18:42 +01:00
gregoirenovel
7d6b5f8426 Revert "Point to a forked devise to fix build errors"
This reverts commit 1b58bfad3e.
2018-02-01 17:08:17 +01:00
gregoirenovel
1b58bfad3e Point to a forked devise to fix build errors 2018-01-31 12:18:24 +01:00
Frederic Merizen
0ce26055d8 [#1374] Revert "Merge pull request #1373 from betagouv/fix_pagination"
This reverts commit 5a56fe0182, reversing
changes made to 31aabcd6b6.
2018-01-30 15:04:21 +01:00