Commit graph

37 commits

Author SHA1 Message Date
sebastiencarceles
6c5b82ebbf filter out locale from stored query params
As 'locale' isn't a param we want to prefill a dossier, we ignore it
and remove it from the stored query params.
2023-02-09 13:51:52 +01:00
sebastiencarceles
e212055ef8 tell when query params have been stored 2023-02-09 13:51:52 +01:00
Paul Chavard
f22cc8812b secu(graphql): log full queries and variables 2023-02-08 15:10:27 +01:00
Sébastien Carceles
20136b7ac8
feat(demarche): create and prefill a dossier with POST request (#8233)
* add base controller for public api

* add dossiers controller with basic checks

* create the dossier

* ensure content-type is json

* prefill dossier with given values

* mark a dossier as prefilled

When a dossier is prefilled, it's allowed not to have a user.

Plus, we add a secure token to the dossier, which we will need later to set a
user after sign in / sign up.

* set user as owner of an orphan prefilled dossier

When a visitor comes from the dossier_url answered by the public api,
the dossier is orphan:
- when the user is already authenticated: they become the owner
- when the user is not authenticated: they can sign in / sign up / france_connect
and then they become the owner

So here is the procedure:
- allow to sign in / sign up / france connect when user is unauthenticated
- set dossier ownership when the dossier is orphan
- check dossier ownership when the dossier is not
- redirect to brouillon path when user is signed in and owner

* mark the dossier as prefilled when it's prefilled
(even with a GET request, because it will be useful later on, for
exmample in order to cleanup the unused prefilled dossiers)

* system spec: prefilling dossier with post request
2023-01-03 14:46:10 +01:00
Sébastien Carceles
b8ff0ba4a2
feat(demarche): sign up when prefilling a dossier (#8247)
* store prefill params in session

Instead of using query params on /dossier/new, we assume the user comes
from /commencer/:path, which is the new prefill link.

There, we store the prefill params in session, and use them to prefill
the dossier when creating it, in /dossiers/new.

* spec: cover the case

* review: serialize with json instead of yaml

* review: rename method

* review: store only query params

* review: comment why we dont override already stored params
2022-12-15 10:58:17 +01:00
Martin
8b487c847b fix(instructeurs/avis#revive): ArgumentError on AvisMailer.avis_invitation 2022-06-14 08:41:09 +02:00
Martin
cb890343ff feat(targeted_user_link): add targeted user link to wrap expert invitation in order to avoid access issue when the expert is connected with another account
feat(user.merge): ensure to merge user.targeted_user_link

Update app/models/targeted_user_link.rb

Co-authored-by: LeSim <mail@simon.lehericey.net>

Update app/models/targeted_user_link.rb

Co-authored-by: LeSim <mail@simon.lehericey.net>

Update app/models/targeted_user_link.rb

Co-authored-by: LeSim <mail@simon.lehericey.net>

feat(db/create_targeted_user_links): ensure not null with fk
2022-05-31 14:50:31 +02:00
Martin
9bac5c65ba feat(instructeurs/dossier#create_avis): only followed dossier receive notifications, so when an instructeur ask for an avis, he follows the dossier
Update app/controllers/concerns/create_avis_concern.rb

Co-authored-by: Paul Chavard <paul.chavard@beta.gouv.fr>

Update spec/controllers/instructeurs/dossiers_controller_spec.rb

Co-authored-by: Paul Chavard <paul.chavard@beta.gouv.fr>
2022-04-07 09:05:23 +02:00
Paul Chavard
758e7d68e6 fix(graphql): fix and improuve query parsing for logs 2021-11-24 13:23:05 +03:00
Pierre de La Morinerie
eef90efd49 app: fix exception during password reset when the token has expired 2021-09-21 10:30:09 -05:00
Pierre de La Morinerie
428ca8755f app: add a password_complexity component
This component will replace the previous `password_field` component.
2021-09-09 09:40:39 -05:00
Paul Chavard
9b0dae4cc2 Fix apostrophes ‘ -> ’ 2021-05-26 18:05:14 +02:00
Pierre de La Morinerie
95b6fdf86d controllers: unload failed avis from dossier
This avoid the subsequent dossier update to fail because some Avis
may be invalid.
2021-04-06 12:12:57 +02:00
kara Diaby
436f567067 change create avis concern 2021-04-06 10:39:24 +02:00
Paul Chavard
0b22788d60 experts_procedure should not be optional 2021-03-23 13:46:33 +01:00
kara Diaby
38740d1b5b modify experts avis controllers, concern and serializer 2021-03-18 11:38:52 +01:00
kara Diaby
6383e6b9e7 Revert "Revert "Claimant type to avis table""
This reverts commit f4fd220d43.
2021-03-10 08:48:55 +01:00
Kara Diaby
f4fd220d43
Revert "Claimant type to avis table" 2021-03-09 13:40:10 +01:00
kara Diaby
0211d1f105 modify create_avis_concern 2021-03-07 22:47:53 +01:00
kara Diaby
2987139dd6 Link avis to an expert 2021-01-22 14:31:02 +01:00
Christophe Robillard
b940d2e1b0 update dossier after saving avis
update last_avis_updated_at without hook

Co-authored-by: clemkeirua <clement@keiruaprod.fr>
2020-07-30 10:18:44 +02:00
kara Diaby
b32ed88f9b add attachment when instructor asking for a review 2020-03-04 13:35:29 +00:00
Paul Chavard
f0ea96772d Only invite experts to dossiers instructeur have access to 2020-02-11 17:38:57 +01:00
Paul Chavard
86b271997b Invite experts to linked dossiers
closes #3669
2019-10-23 13:10:09 +02:00
Paul Chavard
3b8d3b7967 Add Style/CollectionMethods to rubocop 2019-09-12 14:48:18 +02:00
simon lehericey
3fde2a6f70 Rename gestionnaire in code to instructeur 2019-08-12 13:47:01 +02:00
Paul Chavard
b8bf662c6d Track dossier demander un avis 2019-05-14 14:31:03 +02:00
Pierre de La Morinerie
bb753ce23e commencer: redirect to the procedure page after sign-in and sign-up 2019-01-21 14:45:38 +01:00
Pierre de La Morinerie
4fd9fa6610 sign_in: extract the procedure context to a ProcedureContextConcern 2019-01-17 11:07:09 +01:00
Frederic Merizen
d564eb1225 [#835] Report failed and successful invitations 2018-11-06 16:40:42 +01:00
Frederic Merizen
8cf235f2fd [#835] Enable html5 validation of multiple mails 2018-11-06 15:44:43 +01:00
Frederic Merizen
c7358a8f53 [Fix #835] Enable asking for multiple avis at the same time 2018-11-06 15:44:43 +01:00
Frederic Merizen
31ca0552ab [#835] Extract avis creation into concern 2018-11-06 15:44:43 +01:00
Xavier J
008ca19bef un-used files deleted 2016-01-26 16:47:13 +01:00
Tanguy PATTE
b90dbb7c86 style check 2015-08-20 16:35:24 +02:00
Xavier J
cfee2a6ddf Revu de code de la partie "/dossiers/dossier_id:/carte" :
/app/controllers/carte_controller.rb
- l10/11 @dossier.update_attributes()
- l27 : le @dossier ne semble pas necessaire
- l32 : update attributes Ajouter :
	def dossier_id params[:dossier_id] end

/spec/controllers/carte_controller_spec.rb
- l 11/16 : utiliser nouvelle syntaxe pour les hashs : get :show, dossier_id: dossier_id
- l32 bancal : Commentaire.last.id, en theorie tu n'as jamais besoin d'écrire de requête sql dans tes tests l36 subject { Commentaire.last }
- l64, le cas ou c'est en erreur n'est pas testé (le géocodeur renvoie nil)
2015-08-12 14:02:40 +02:00
Xavier J
b5b83e939a First Commit 2015-08-10 11:05:06 +02:00