Commit graph

2144 commits

Author SHA1 Message Date
Pierre de La Morinerie
28dfc6a1ba manager: save bypass_email_login_token to both column and feature 2021-11-30 13:41:25 +01:00
simon lehericey
c4cde500ce fix acsv 2021-11-30 09:42:45 +01:00
simon lehericey
5a0fb6237f 😭 AASM does not support keyword arguments
https://github.com/aasm/aasm/issues/672
2021-11-30 09:42:45 +01:00
Pierre de La Morinerie
184a401182 app: rename new_administrateur to administrateurs 2021-11-30 08:49:38 +01:00
simon lehericey
a0c0520502 avoid redirection to a deleted user 2021-11-29 15:27:17 +01:00
Kara Diaby
23677956f3 modify controller 2021-11-29 11:34:31 +01:00
Martin
cf82c030e8 hotfix(scoping): try to avoid requesting archived: false when using termine scope, use state_termine instead 2021-11-26 15:09:53 +01:00
kara Diaby
eaac293da3 add a new tab traités on user dossiers 2021-11-26 09:45:13 +01:00
Martin
fdf0f18fda fix(i18n): wrap text under i18n.t
i18n(france_connect/*): replace wording with i18n

fix(lint): i18n key issue

secu(views/france_connect/particulier/merge.html.haml): sanitize france_connect_email just in case

fix(brakeman): sanitize FCI.email_france_connect when used with html_safe via an I18n.t, also add exception to brakeman
2021-11-25 17:34:37 +01:00
Martin
21894d0a0a feat(france_connect/particulier#callback): in case the FC email exists as an DC account which is an instructor or and administrator, returns early to new_session_path so he can connect with this existing account 2021-11-25 17:34:36 +01:00
Martin
ff073f8884 Add confirmation by email when merging DC/FC accounts
feat(fci.confirmation_code): add confirmation code to france_connect_informations

feat(user_mailer.france_connect_confirmation_code): add confirmation by email mail method/preview/spec, pointing to merge_mail_with_existing_account (reuse existing method)

feat(mail_merge): mail merge

feat(merge.cannot_use_france_connect): same behaviour as callback

clean(fci.confirmation_code): use same token for mail validation as merge

feat(resend_france_connect/particulier/merge_confirmation): resend email with link. also enhance some trads, cleanup halfy finished refacto

clean(tech): finalize story by plugging merge_with_new_account to email validation

fix(deadspec): was removed

fix(spec): broken after last refactoring

lint(rubocop): space before parenthesis

lint(haml-lint): yoohoooo space before =

fix(lint): scss now :D

Update app/assets/stylesheets/buttons.scss

cleanup

feat(france_connect): re-add confirm by email, with an option for confirmation by email instead of only confirmation by email

fixup! Add confirmation by email when merging DC/FC accounts

fix(lint): haml_spec failure
2021-11-25 17:34:34 +01:00
mfo
e7d9d047fe
Merge branch 'main' into 6649-etq-usager-instructeur-rendre-la-suppression-plus-visible 2021-11-24 14:07:32 +01:00
Paul Chavard
758e7d68e6 fix(graphql): fix and improuve query parsing for logs 2021-11-24 13:23:05 +03:00
simon lehericey
c5097451ef add redirect 2021-11-23 14:17:59 +01:00
simon lehericey
5234a1854c manage AgentConnect callback 2021-11-23 14:17:59 +01:00
simon lehericey
898df449d4 redirect to AgentConnect 2021-11-23 14:17:59 +01:00
simon lehericey
d2432e34eb AgentConnect UI 2021-11-23 14:17:59 +01:00
mfo
49bb12a70e
Merge branch 'main' into 6649-etq-usager-instructeur-rendre-la-suppression-plus-visible 2021-11-23 11:05:51 +01:00
Pierre de La Morinerie
859a147c49 api: return error cause on parse error
Currently, when a query can't be parsed, the error is:
- logged to Sentry (which is useless to us),
- returned as a generic 'Internal Server Error' (which is useless to the
  user who made the query).

With this commit, the error is instead ignored from our logs (because it
is a user error), but the parse error details are returned to the user,
with the following format:

> {'errors': [{'message': 'Parse error on ")" (RPAREN) at [3, 23]'}]}
2021-11-19 15:15:10 +01:00
Martin
3d1533dee9 feat(users/dossiers?statut=dossiers-expirant): add dossiers-expirant tab 2021-11-19 15:14:39 +01:00
Paul Chavard
ae09b37e72 fix(champs): save departement info on champ commune 2021-11-17 14:52:47 +03:00
mfo
82b23b92c0
Merge branch 'main' into 6624/etq-instructeur-je-souhaite-supprimer-des-messages-envoyes-par-erreur 2021-11-17 05:41:56 +01:00
Paul Chavard
716a859c93 fix(profile): prevent crashing on renew token action 2021-11-16 20:01:56 +03:00
Paul Chavard
e74d599042 feat(procedure): remove duree_conservation_dossiers_hors_ds 2021-11-16 19:55:56 +03:00
Paul Chavard
65e59b8dcd fix(procedure): allow to modify duree_conservation_dossiers_dans_ds after publication 2021-11-16 19:55:56 +03:00
mfo
1d174df2ec
Merge branch 'main' into 6624/etq-instructeur-je-souhaite-supprimer-des-messages-envoyes-par-erreur 2021-11-16 16:37:15 +01:00
Martin
f0950b592b clean(CommentaireService): extract soft delete within controller. returning an instance with an error[:base] is not persisted with validation : avoid poluting stuff 2021-11-16 16:13:11 +01:00
Paul Chavard
3400c4c628 fix(champs): attach piece justificative 2021-11-16 17:57:41 +03:00
Paul Chavard
7914775809 feat(routage): administrateur can disable routage
fix #6627
2021-11-16 11:49:51 +03:00
Martin
4042d51d1a tech(lint): rubocopify 2021-11-15 14:17:57 +01:00
Martin
d4c74b5621 feat(rc.1): refine with better translations, better design 2021-11-15 14:15:05 +01:00
Martin
3b78a9d81a feat(rc): first stable 2021-11-15 13:53:32 +01:00
Martin
8b931a57d4 feat(CommentairesController#destroy): implement destroy endpoint using CommentaireService 2021-11-15 13:18:10 +01:00
simon lehericey
17d131b3cc add has_may requested_merge_from 2021-11-04 16:10:09 +01:00
simon lehericey
9041e201e8 one merge at a time 2021-11-04 16:10:09 +01:00
simon lehericey
b160086cc5 update update_email to allow merge 2021-11-04 16:10:09 +01:00
simon lehericey
652b8367be accept or refuse merge 2021-11-04 16:10:09 +01:00
simon lehericey
894e8fdd47 move update_email check to before_action 2021-11-04 16:10:09 +01:00
Paul Chavard
7ef73f13e4 fix(grope_instructeur): can not destroy groupe_instructeur with discarded dossiers 2021-11-02 12:15:24 +01:00
Paul Chavard
3c2515ce6d feat(graphql): add graphql_operation to rails logs 2021-11-02 12:02:00 +01:00
Paul Chavard
da49a6447f refactor(repetition): optimize and add a transaction around repetition add row 2021-10-28 14:54:33 +02:00
Paul Chavard
c4b93f8d4a fix(groupe_instructeur): unfollow dossiers when removed from groupe instructeur 2021-10-28 14:45:52 +02:00
simon lehericey
c725999582 move merge method to user 2021-10-28 14:39:13 +02:00
Paul Chavard
d659595cde fix(typo): addresse -> adresse 2021-10-27 18:59:18 +02:00
Paul Chavard
8154daf847 refactor(drop_down_list_champ): other option 2021-10-27 12:00:39 +02:00
kara Diaby
dc35d9521f add other option to liste deroulante champ 2021-10-26 16:11:15 +02:00
Paul Chavard
d308448f02 feat(type_de_champ): add secondary label and description do linked drop downs 2021-10-26 12:18:01 +02:00
Paul Chavard
1561ea82f6 fix(transfer): manually nullify staled transfers references 2021-10-21 13:54:26 +02:00
lydiasan
6f9c3abfbc i18n: display language selector on non-french accept-languages 2021-10-19 16:41:36 +02:00
simon lehericey
d19ad2840c rename preexisting to targeted, remove duplicated test 2021-10-19 16:12:42 +02:00
simon lehericey
52b7e85954 merge administrateur in user_controller 2021-10-19 16:12:42 +02:00
simon lehericey
44c880adc4 allow instructeur and administrateur to change their email to legit domain (#6550) 2021-10-19 15:54:57 +02:00
Paul Chavard
8fa544e176 feat(manager): bring back add administrateur 2021-10-19 12:06:31 +02:00
simon lehericey
f54dfe6ead Do not raise error if user is nil
I do not get when it happens
2021-10-19 11:21:24 +02:00
simon lehericey
bb83fd2f18 To make an old test work, no idea 2021-10-14 14:47:50 +02:00
simon lehericey
933d7b8c8d merge with another preexisting account 2021-10-14 14:47:50 +02:00
simon lehericey
ce40e1127d merge with another new account 2021-10-14 14:47:50 +02:00
simon lehericey
19f81b594b merge with an existing account by using the password 2021-10-14 14:47:50 +02:00
simon lehericey
218e4633a9 securely retrieve fci 2021-10-14 14:47:50 +02:00
simon lehericey
f7299da1e7 launch merge process if an unlinked DS account with the same email exists 2021-10-14 14:47:50 +02:00
simon lehericey
f6879eba60 associate_user take a target email 2021-10-14 14:47:50 +02:00
simon lehericey
6826bf03b0 Sign in with a user linked by france connect sub (openid)
instead of looking linked user by email because :

- follows FC recommendation to fetch ds account by openid
- the email is not a valid key as many user can share the same FCI email.

The following scenario is now working

A user A (email: 1@mail.com) uses FC to connect to DS
=> It is connected as 1@mail.com

Another user B (email: generic@mail.com) uses FC to connect
=> It is connected as generic@mail.com

The first user A change its FC email to generic@mail.com and connect to DS
=> It is still connected as 1@mail.com
2021-10-14 14:47:50 +02:00
simon lehericey
06dee2e023 refactor controller to avoid return 2021-10-14 14:47:50 +02:00
simon lehericey
5aaf46258a remove obsolete devise scope 2021-10-14 14:47:50 +02:00
simon lehericey
87de9e38c6 allow draft to be saved with invalid cnaf champ 2021-10-12 14:27:20 +02:00
simon lehericey
7072993721 a form can upload numero_allocataire and code_postal 2021-10-12 14:27:20 +02:00
simon lehericey
77d14d4a60 forbid admin merge yet 2021-10-07 15:51:31 +02:00
simon lehericey
5009c583ea Add notice when merging account 2021-10-07 15:51:31 +02:00
simon lehericey
a480b31eb5 merge expert 2021-10-07 15:51:31 +02:00
simon lehericey
136f29524e merge instructeur 2021-10-07 15:51:31 +02:00
simon lehericey
9a6a53349f simple cases when the preexisting targeted account does not have instructeur or profile profile 2021-10-07 15:51:31 +02:00
Paul Chavard
4a947f9135 feat(manager): add become administrateur button in manager (with 24h expiration) 2021-10-07 11:32:12 +02:00
kara Diaby
9c9eeb8e76 modify groupe instructeurs controller$ 2021-10-05 15:37:29 +02:00
kara Diaby
6d89d914e2 modify expert avis controller 2021-10-05 15:00:21 +02:00
simon lehericey
f662b28baf update identity_updated_at column when user identity change 2021-10-05 12:05:43 +02:00
Pierre de La Morinerie
f854e3af63 controllers: use ACSV to import groupe instructeurs
Unlike `CSV`, `ACSV` auto-detect the file encoding and separator type.
2021-10-05 10:58:15 +02:00
Peng-Fei DONG
dee536fca1 app: localize CSV import for groupe instructeurs 2021-10-05 10:58:15 +02:00
simon lehericey
64351d0287 [Fix #6504] Fix exception raised when deleting a transfer 2021-10-01 12:11:03 +02:00
Paul Chavard
7deedf8245 feat(refactor): unify dossiers header 2021-09-27 15:06:17 +02:00
Paul Chavard
357c684688 feat(routage): self managing instructeurs 2021-09-27 15:06:17 +02:00
Paul Chavard
5933194149 feat(log): stop logging user emails
fix #6485
2021-09-27 14:56:00 +02:00
simon lehericey
1446660ca3 an api_particulier_token change erases previous api_particulier_sources 2021-09-21 11:21:10 -05:00
simon lehericey
2e1bed8748 an admin can save its sources 2021-09-21 11:21:10 -05:00
Pierre de La Morinerie
eef90efd49 app: fix exception during password reset when the token has expired 2021-09-21 10:30:09 -05:00
simon lehericey
7239657a75 [Fix #6481] a user see its waiting transfers 2021-09-20 13:58:11 +02:00
simon lehericey
c34476a766 a user can transfer all its dossier 2021-09-20 13:58:11 +02:00
Paul Chavard
0c5c8faf16 feat(routage): enable routage for everyone 2021-09-18 11:22:35 +02:00
Paul Chavard
8b4bef2816 refactor(routage): simplify goupe_instructeur assign code 2021-09-18 11:21:26 +02:00
simon lehericey
2c13f70cd5 redirect to sources after updating token 2021-09-17 13:50:23 +02:00
simon lehericey
5dbd81ebeb show api particulier sources 2021-09-17 13:50:23 +02:00
Pierre de La Morinerie
715b5ea6d8 i18n: move controller keys to the proper scope 2021-09-16 07:59:19 -05:00
Pierre de La Morinerie
e6b044531d i18n: fix invalid i18n-tasks-hint 2021-09-16 07:51:56 -05:00
simon lehericey
1d06c15ac0 save api particulier scopes 2021-09-16 09:49:16 +02:00
simon lehericey
7ee360df30 add logic to detect empty scopes 2021-09-16 09:09:34 +02:00
Pierre de La Morinerie
745e19bb8e localize 2021-09-16 09:07:47 +02:00
simon lehericey
ee6d19e3ee an admin can save it's api particulier token
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:56:42 +02:00
simon lehericey
4c0dd43055 add jetons particulier index page
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:37:04 +02:00
Peng-Fei DONG
1979c44f9c set OTP: Enable or Disable 2021-09-09 10:25:15 -05:00
Pierre de La Morinerie
e5f449b595 devise: unify password reset views
By default, Devise will look for views:

1. First in `views/resource/passwords/…`,
2. Then in `views/devise/passwords/…` if not found.

By moving the views to `views/devise`, we avoid having a partial in
`views/shared` that we need to include manually, and instead let Devise
do the job automatically.
2021-09-09 09:40:40 -05:00
Pierre de La Morinerie
80f9d4adc0 devise: use password_strength component in SuperAdmin::PasswordsController 2021-09-09 09:40:39 -05:00