Commit graph

9819 commits

Author SHA1 Message Date
Pierre de La Morinerie
ebfa294755
Merge pull request #5042 from betagouv/attempt-to-fix-invalid-auth-tokens
Tentative de correction des erreurs ActionController::InvalidAuthenticityToken à l'upload
2020-04-15 09:00:13 +02:00
Pierre de La Morinerie
968e470684 config: never cache rails-generated pages
This instruct browsers to never cache content directly generated by the
controllers. This includes HTML pages, JSON responses, PDF files, etc.

This is because Some mobile browsers have a behaviour where, although
they will delete the session cookie when the browser shutdowns, they
will still serve a cached version of the page on relaunch.

The CSRF token in the HTML is then mismatched with the CSRF token in the
session cookie (because the session cookie has been cleared). This
causes form submissions to fail with an
"ActionController::InvalidAuthenticityToken" exception.

To prevent this, tell browsers to never cache the HTML of a page.
(This doesn’t affect assets files, which are still sent with the proper
cache headers).

See https://github.com/rails/rails/issues/21948
2020-04-14 18:29:17 +02:00
Pierre de La Morinerie
9e76135b27 views: add identifiers to fooker links
In Sentry, when an `ActionController::InvalidAuthenticityToken` error
occurs, the breadcrumbs mention that before hitting the error, the user
clicked on one of those links.

Unfortunately we don't know which one. For debugging purposes, adding
classes to the links should allow us to see which links users are
navigating to.
2020-04-14 18:02:52 +02:00
Paul Chavard
1fc1a3a6a5
Merge pull request #5035 from tchak/remove-unused-carto-api-code
[Carto] Remove quartiers prioritaires
2020-04-14 12:22:13 +02:00
Paul Chavard
52d2ace823 Remove quartiers prioritaires 2020-04-14 10:29:59 +02:00
Keirua
f6aef9fb66
Merge pull request #5036 from betagouv/fix-deletion-admin
Manager: Suppression des administrateurs avec des procédures archivées
2020-04-14 09:57:30 +02:00
clemkeirua
8c2f589cbf fix admin deletion of empty service with archived procedures 2020-04-10 20:01:40 +02:00
Keirua
5e1e11d802
Merge pull request #5028 from betagouv/feat/demandeur-dossiers
Nom du demandeur dans liste des dossiers usagers
2020-04-10 14:40:33 +02:00
clemkeirua
7335500be4 tests for dossier_helper#demandeur_dossier 2020-04-10 13:14:39 +02:00
clemkeirua
6df927a46f nom du demandeur dans user::dossiers#index si >=2 dossiers 2020-04-10 13:14:39 +02:00
Paul Chavard
c5882a8b22
Merge pull request #5025 from tchak/use-graphql-playground
Use graphql playground instead of graphiql
2020-04-09 19:59:16 +02:00
Paul Chavard
7a8fd3c679 Use graphql playground instead of graphiql 2020-04-09 19:38:19 +02:00
Pierre de La Morinerie
e45d56c681
Merge pull request #5031 from betagouv/remove-jquery-bookkeeping
javascript: remove unused jQuery.active bookkeeping
2020-04-09 18:03:03 +02:00
Pierre de La Morinerie
61660b1b3b javascript: remove unused jQuery.active bookkeeping 2020-04-09 17:52:47 +02:00
Pierre de La Morinerie
6c39c19c40
Merge pull request #5032 from betagouv/improve-direct-upload-errors-reporting
Améliore la manière dont les erreurs d'upload sont groupées dans Sentry
2020-04-09 17:52:29 +02:00
Pierre de La Morinerie
c633cd0888 javascript: improve Sentry grouping of direct upload errors
DirectUpload returns errors as strings, including an HTTP status and a
file name (and without a stack trace).

But Sentry groups issues according to the stack trace, and maybe the
error message in last resort.

So we have an issue: as all DirectUpload errors logged by Sentry are
generated on the same line, with random-looking messages, Sentry groups
them either too or too little aggressively.

Instead of creating all the errors on the same line:

- add some `if`s statements to create them on different lines (and so
  with different stack traces),
- strip the file name from the error message.

This allows Sentry to group the errors properly, with meaningful error
messages.
2020-04-09 17:38:44 +02:00
Pierre de La Morinerie
499808a384 javascript: upgrade @sentry/browser to 5.15.4 2020-04-09 17:38:44 +02:00
krichtof
8dc0814727
Merge pull request #5029 from betagouv/5015-recevoir-notif-apres-depot
5015: Les instructeurs qui le souhaitent reçoivent notif par mail après chaque dépôt de dossier
2020-04-09 17:25:15 +02:00
Christophe Robillard
f683b850c3 Notifie instructeurs le souhaitant lors depot dossier
Notifie par mail uniquement les instructeurs qui le souhaitent à chaque dépôt de dossier
2020-04-09 15:02:05 +02:00
Christophe Robillard
ae18ff6627 Notifie tous les instructeurs lors dépôt dossier
- envoie un mail à tous les instructeurs d'une procédure après le dépôt
d'un nouveau dossier
2020-04-09 14:33:56 +02:00
krichtof
f618ab5ba2
Merge pull request #4985 from betagouv/4966-envoyer-notif-lors-commentaire
4966: Les instructeurs le souhaitant sont notifiés à chaque nouveau commentaire sur les dossiers qu'ils suivent
2020-04-09 14:25:13 +02:00
Christophe Robillard
3ece41a614 homogénéise les majuscules en début de phrase 2020-04-09 14:17:07 +02:00
Christophe Robillard
969478b706 Envoie une notif aux followers_instructeurs le souhaitant
après chaque message déposé par l'usager
2020-04-09 14:17:07 +02:00
Christophe Robillard
415d5c765e envoie une notification à chaque follower_instructeur après un commentaire déposé 2020-04-09 14:17:07 +02:00
Keirua
6d5709dbf5
Merge pull request #5027 from tchak/fix-procedure-can-be-deleted
Fix procedure.can_be_deleted_by_administrateur? check
2020-04-09 14:03:52 +02:00
Paul Chavard
c83aaf69a6 Fix procedure.can_be_deleted_by_administrateur? check 2020-04-09 13:46:57 +02:00
Paul Chavard
b022a26db5
Merge pull request #5026 from betagouv/js-return-true-errors
javascript: make DirectUpload errors return true error objects
2020-04-09 13:09:19 +02:00
Pierre de La Morinerie
bc1c15b81d javascript: make DirectUpload errors return true error objects
DirectUpload errors are string (instead of error objects). But Sentry
works better if we have true errors, which include the stacktrace.
2020-04-09 12:50:47 +02:00
Paul Chavard
1c0fecc3ce
Merge pull request #4984 from tchak/process-expired-dossiers-en_construction
Process expired dossiers en construction
2020-04-09 11:33:00 +02:00
Paul Chavard
afc76f3066 Only run process expired dossiers task on production servers 2020-04-09 11:19:58 +02:00
Paul Chavard
d810fdf474 Process expired dossiers en construction 2020-04-09 11:19:58 +02:00
Paul Chavard
c24f0b6b0e
Merge pull request #4975 from tchak/remove-legacy-expiration-email
remove WarnExpiringDossiersJob
2020-04-09 11:19:16 +02:00
Paul Chavard
61eaca928f remove WarnExpiringDossiersJob 2020-04-09 11:11:51 +02:00
Paul Chavard
f97cf89b43
Merge pull request #5010 from betagouv/activation-mapbox
Migrate mapReader to mapbox-gl with react
2020-04-09 11:11:26 +02:00
kara Diaby
d18bc1c421 Improve the mapbox-gl support detection for older browsers 2020-04-09 11:01:20 +02:00
kara Diaby
56e9834389 Revert "Revert "Revert "Revert "feat/4893 - migrate the mapReader to mapbox-gl with react""""
This reverts commit 473ed00b6c.
2020-04-09 11:01:20 +02:00
Keirua
e96e33b9a5
Merge pull request #5022 from tchak/update-graphql
Update ruby-graphql
2020-04-09 11:00:56 +02:00
Paul Chavard
537c74fdfc Update ruby-graphql 2020-04-09 10:48:49 +02:00
Paul Chavard
032ad6b7ec
Merge pull request #5019 from betagouv/fix-attachment-redirect
Fix middle-click on "Delete attachment" button
2020-04-09 10:47:24 +02:00
Pierre de La Morinerie
7ff381b6f0 attachments: remove the buggy fallback
The fallback would fail on non-champ attachments.
2020-04-09 10:40:08 +02:00
Pierre de La Morinerie
7e19dd2cda Revert "Revert "Fix middle-click on "Delete attachment" button""
This reverts commit 6e8bd6957f.
2020-04-09 10:40:08 +02:00
Paul Chavard
d2811bdf73
Merge pull request #4996 from betagouv/feat/user-search-inside-dossiers
#2191 - Permettre aux usagers de rechercher dans le contenu de leurs dossiers
2020-04-09 09:52:24 +02:00
clemkeirua
590cee050f add tests for dossier_search_service 2020-04-09 09:42:31 +02:00
clemkeirua
46e14f4033 add test for users/list_dossiers_spec 2020-04-09 09:42:31 +02:00
clemkeirua
8ff3d9ea47 update existing tests 2020-04-09 09:42:31 +02:00
clemkeirua
fbcf3de74c ajout du motif recherché dans l'écran de résultats 2020-04-09 09:42:31 +02:00
clemkeirua
76139dbc71 recherche usager full-text avec plusieurs resultats 2020-04-09 09:42:31 +02:00
clemkeirua
98337f2334 recherche usager full-text avec 1 resultat 2020-04-09 09:42:31 +02:00
clemkeirua
9eafeac622 extract layouts/search_dossiers_form partial 2020-04-09 09:42:31 +02:00
clemkeirua
34188c432c refactor _new_header so that user and instructeur search share similar signature 2020-04-09 09:42:31 +02:00