Commit graph

348 commits

Author SHA1 Message Date
Christophe Robillard
83b6c5d7c7 replace deprecated axe-matchers by axe-core-spec 2021-08-24 08:09:17 -05:00
kara Diaby
d2d046a39d fix encoding problems with cherlock Holmes gem 2021-07-13 10:58:41 +02:00
Christophe Robillard
b047c38b47 gems: upgrade delayed_job_web
fix error when attempting to "retry" or "reload" a failed job via the web interface.

bump delayed_job_web from 1.4.3 to 1.4.4
See [Changelog](https://github.com/ejschmitt/delayed_job_web/blob/v1.4.4/CHANGELOG.md) from 1.4.3 to 1.4.4
2021-06-24 14:29:54 +02:00
simon lehericey
19aefa1fd0 update administrate 2021-05-07 11:15:22 +02:00
Pierre de La Morinerie
b398485d97 manager: localize dossier enums
In the previous commit, we cleaned up the localization of the
Dossier.state enum. This prevented administrate from crashing, but now
the dossier enum are no longer localized in the Manager.

By using a `Field::Enum` type, we instruct the administrate plugin
to look up our localized name for the Dossier state enum.
2021-05-06 14:41:08 +02:00
Pierre de La Morinerie
ce6a27d416 manager: upgrade administrate to be compatible with Rails 6.1.3.2
Rails 6.1.3.2 is a security upgrade, and we had to upgrade quickly.
Unfortunately that broke the administrate gem.

A PR has been opened to fix the issues with the newest Rails version,
and will probably be merged quickly. Meanwhile we can fix the manager
by using the version from the PR for now.

Once the PR is merged and a new version of administrate is released,
we can use a released version of administrate again.
2021-05-06 11:17:17 +02:00
Pierre de La Morinerie
9ad57fde2a initializers: lazy-load Mailjet gem
This fixes an error message on app startup about autoloaded
constants:

> DEPRECATION WARNING: Initialization autoloaded the constants ActionText::ContentHelper and ActionText::TagHelper.

The reason for this error is that the Mailjet gem forces the
immediate loading of `action_mailer`. Which leads to the
following sequence of events:

On app init, when bundler requires all the gems in the Gemfile:
- The Mailjet gem is required,
- It loads `ActionMailer::Base`.

Later, when Rails initializes itself:
- `ActionText` creates an `action_text.helpers` initializer,
- This initializer register hooks to add `ActionText` helpers
when either `action_controller_base` or `action_mailer` are loaded,
- But as `action_mailer` has already been loaded, the hook is trigerred
immediately,
- ActiveSupport::Dependencies notices `ActionText` constants do not
exist yet, auto-load them, and add the constants to
`ActiveSupport::Dependencies.autoloaded_constants`.

And even later, at the end of the Rails initialization process:
- The `:warn_if_autoloaded` initializer is run,
- It notices that `autoloaded_constants` is not empty, and prints the
warning message.

See https://github.com/mailjet/mailjet-gem/issues/213
2021-04-20 15:11:43 +02:00
Pierre de La Morinerie
f7d71ba698 gems: update devise-two-factor to a released version
This is the first official release compatible with Rails 6.1.
2021-04-15 16:54:14 +02:00
Pierre de La Morinerie
56b3601063 app: enable Bootsnap
Bootsnap speeds up the initial loading of the Rails app by:
- Optimizing the LOAD_PATH dynamically
- Caching the result of Ruby bytecode compilation

Cached data are written to `tmp/cache/bootsnap*`.

This is enabled in the default Rails app template.
2021-03-19 08:05:14 +01:00
Pierre de La Morinerie
5bf499baa0 specs: remove rspec_junit_formatter
It was unsed by CircleCI to generate test reports in the JUnit XML
format, but:

- We now use Github Actions, which has its own reporting system,
- It prevents us to upgrade to rspec > 3.
2021-03-09 15:51:19 +01:00
Pierre de La Morinerie
71c4ce67b2 gemfile: don't require i18n-tasks by default
i18n-tasks is only used as a standalone command-line tool. It doesn't
need to be included in the app.

It also prevent a parser warning from appearing when running any rails
command:

> warning: parser/current is loading parser/ruby27, which recognizes
> warning: 2.7.2-compliant syntax, but you are running 2.7.1.
> warning: please see https://github.com/whitequark/parser#compatibility-with-ruby-mri.

Now this (legitimate) warning only appears when running the i18n-tasks
command.
2021-03-04 22:52:19 +01:00
Pierre de La Morinerie
1ebfdef411 gems: remove ruby-debug-ide
- It was included to make Rubymine happy, but nowadays Rubymine seems
to load the debugger without touching the Gemfile
- It keeps matching an invalid version when `bundle upgrade`-ing the
dependencies.
2021-02-25 10:45:42 +00:00
Pierre de La Morinerie
473a86b861 gems: remove guard
- It doesn't seem used a lot these days
- It has some incompatibility with rspec 4

We need to explicitely add the 'listen' gem now though.
2021-02-25 10:45:42 +00:00
Pierre de La Morinerie
1d7c4f5b02 gems: remove ffi-geos
We don't need it now that we don't link to a compiled geos version
anymore.
2021-02-25 10:45:42 +00:00
Pierre de La Morinerie
0fa3d367c0 gems: use a version of devise-two-factors compatible with Rails 6.1 2021-02-25 10:45:42 +00:00
Pierre de La Morinerie
2e3ddd6190 gems: upgrade to Sprockets 4 2021-02-24 17:09:51 +01:00
Pierre de La Morinerie
e1a450fd6f gems: remove xray-rails
It is not compatible with sprockets-4.
2021-02-24 17:09:51 +01:00
Paul Chavard
753d0478ef update sentry gems 2021-02-10 17:52:04 +01:00
Judith
ed10a9dd62 gem i18n-tasks added to Gemfile 2021-02-04 12:15:13 +01:00
Pierre de La Morinerie
705cb2e657 gems: use a zeitwerk-compatible version of byebug
It seems byebug is not compatible with the zeitwerk autoloader, but
byebug-pry is.
2021-02-04 09:42:49 +00:00
Paul Chavard
a503417298 Remove old css and js 2021-02-02 15:26:11 +01:00
Paul Chavard
c46ab38055 Add sentry-rails 2021-01-28 15:31:27 +01:00
Paul Chavard
5c9f2e8783 Add api education adapter and job 2021-01-14 17:57:48 +01:00
Paul Chavard
371179dc5b Watermark titres identite 2020-11-25 16:19:06 +01:00
Christophe Robillard
9347951cea act as an saml identity provider 2020-11-16 12:19:54 +01:00
Christophe Robillard
2a0ebd062a enable 2FA for manager
when trying to access manager, if superadmin did'nt enable otp, he/she is redirected to a page to enable 2FA. When superadmin is enabling 2FA, he has to to scan a qrcode with the 2FA application client. And afterwards, the superadmin has to log in with email, password and OTP code.
2020-11-05 16:03:55 +01:00
Christophe Robillard
305ccdc0cd add recoverable and two_factor stragegy for administration 2020-11-05 16:03:55 +01:00
Christophe Robillard
6c2eb22960 remove github authentication for manager 2020-11-05 16:03:55 +01:00
simon lehericey
d82d1132c2 Remove rack_mini_profiler from prod as it could show env var and force us to allow unsafe_eval and script in csp 2020-10-30 17:08:31 +01:00
clemkeirua
d7fff61d5d ajout de la gem sendinblue 2020-10-13 17:36:43 +02:00
clemkeirua
dfd2c1ee79 reorder gems 2020-09-25 12:53:11 +00:00
kara Diaby
cb4e91c405 Add iban type de champ 2020-09-23 15:56:26 +02:00
simon lehericey
94ab1d4b66 bump rspec 2020-09-21 11:15:25 +02:00
simon lehericey
1f1b54b442 Update rails 2020-09-15 10:01:28 +02:00
Judith
9553dae7bd gem devise-i18n added to Gemfile to remove the config/locales/devises.*.yml files. 2020-09-01 16:47:40 +02:00
Judith
af25fdd77c gem http_accept_language installed and (de)activable with feature flag 2020-08-27 16:15:01 +02:00
Pierre de La Morinerie
1767df33b0 doc: add a visualization of the database models
Re-generate the schema using `bin/rake erd`.

NB: there's a way to update the PDF automatically after each migration.
But it requires `graphviz` to be installed locally, which I'm not
sure I want to require by default.
2020-08-27 12:02:28 +02:00
Pierre de La Morinerie
e6d8581b06 app: add annotate
Annotations will be generated only for models, and sorted (to avoid differences
depending on the order in which migrations are ran).

The annotations will be automatically updated every time `rails db:migrate`
is run on a development environment.
2020-08-12 11:45:53 +02:00
Paul Chavard
fc3aece318 Rails 6 2020-07-07 18:03:56 +02:00
clemkeirua
031f59c9e1 add wcag accessibility tests for usager pages using axe-core 2020-06-26 17:10:26 +02:00
Pierre de La Morinerie
f6d92eb659 gems: upgrade to Rails 5.2.4.3
Fixes:

- CVE-2020-8165
- CVE-2020-8166
- CVE-2020-8162
2020-06-23 15:32:41 +02:00
dependabot[bot]
dc9769c38c build(deps): bump kaminari from 1.1.1 to 1.2.1
Bumps [kaminari](https://github.com/kaminari/kaminari) from 1.1.1 to 1.2.1.
- [Release notes](https://github.com/kaminari/kaminari/releases)
- [Changelog](https://github.com/kaminari/kaminari/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kaminari/kaminari/compare/v1.1.1...v1.2.1)

Signed-off-by: dependabot[bot] <support@github.com>
2020-06-02 07:59:16 +00:00
Pierre de La Morinerie
b5f1d97629 app: disable Turbolinks
Fix #5039
2020-05-13 11:04:16 +02:00
Christophe Robillard
d74b14c205 fetch attestation sociale url 2020-04-29 14:25:55 +02:00
Paul Chavard
053e2db8f7 Fix geos not being properly load in some environements 2020-04-28 12:21:22 +02:00
Paul Chavard
2a3530738d Do not crash on boot if geos is not installed 2020-04-23 20:12:31 +02:00
Paul Chavard
9cb612bb3d Show area and length on champ carto selections utilisateur 2020-04-23 10:21:18 +02:00
Paul Chavard
7c34795a1a Bring back font-awesome-rails
we need it untill we remove all the old admin pages
2020-04-15 17:41:05 +02:00
Paul Chavard
7a8fd3c679 Use graphql playground instead of graphiql 2020-04-09 19:38:19 +02:00
Paul Chavard
6dc1f3e2c4 Use human readable expressions instead of cron gibberish
https://github.com/floraison/fugit#fugitnat
2020-04-07 12:44:58 +02:00
simon lehericey
d1cad0388e minor rails bump 2020-03-23 11:43:50 +00:00
Paul Chavard
3cd4597006 Update rubocop roules 2020-03-17 11:25:21 +01:00
Paul Chavard
444d19e191 Remove unused gems 2020-03-17 11:25:21 +01:00
Paul Chavard
5bccfba122 Update administrate gem 2020-03-17 11:25:21 +01:00
Paul Chavard
74f7eaaf2e Update spreadsheet_architect 2020-03-17 11:25:21 +01:00
Paul Chavard
6d703c0bd0 Replace prawn_rails with prawn-rails 2020-03-17 11:25:20 +01:00
Paul Chavard
c281347da1 Remove restclient 2020-03-17 11:12:14 +01:00
Paul Chavard
9c2babba6a Update rspec-rails 2020-03-17 09:56:26 +01:00
Paul Chavard
e540dea929 Fix administrate pagination by pinning to an old version of kaminari 2020-03-05 14:01:09 +01:00
Paul Chavard
57df024266 Bring back activestorage-openstack to upstream 2020-03-04 10:14:16 +01:00
Paul Chavard
b6612bbcf9 Use a forked activestorage-openstack 2020-03-03 10:14:15 +01:00
kara Diaby
6102ba6039 Do not permit to upload a GIF file via javascript 2020-02-25 23:33:15 +01:00
Paul Chavard
1ce1c1e6d0 use discard 2020-02-13 12:31:59 +01:00
Paul Chavard
4edc7b00cf Use geocoder 2020-01-15 15:04:04 +01:00
Paul Chavard
14295db9ad Revert "Revert "Merge pull request #4552 from tchak/champ-communes""
This reverts commit 4373cb22cb.
2020-01-14 18:46:07 +01:00
clemkeirua
a2d53bb400 ajout de la gem prawn 2020-01-14 09:29:29 +01:00
clemkeirua
4373cb22cb Revert "Merge pull request #4552 from tchak/champ-communes"
This reverts commit 4cec26f73a, reversing
changes made to 0ef25ef36c.
2020-01-13 16:26:27 +01:00
Paul Chavard
e61e39d345 Remove unused code and tests 2020-01-07 11:52:51 +01:00
Christophe Robillard
4e7c779116 refuse les numéros de tel invalides
rend facultatif les numéros de téléphone
2019-12-04 05:34:43 +01:00
Pierre de La Morinerie
939a162057 gems: upgrade Capybara
Fix #4536
2019-11-28 11:31:42 +01:00
Paul Chavard
fe84e8e0f7 Remove carrierwave 2019-11-12 15:26:18 +01:00
Paul Chavard
efd03f0169 Use webdrivers gem to keep webdrivers updated 2019-11-06 11:20:40 +01:00
Paul Chavard
5a87db9920 Revert "Revert "Update activestorage-openstack""
This reverts commit c102dc63b7.
2019-10-30 12:11:53 +01:00
simon lehericey
c102dc63b7 Revert "Update activestorage-openstack"
This reverts commit 9088495272.
2019-10-29 10:31:29 +01:00
Paul Chavard
7d20e6e9e6 Downgrade Capybara 2019-10-24 15:48:08 +02:00
Paul Chavard
9088495272 Update activestorage-openstack 2019-10-22 17:40:15 +02:00
simon lehericey
f31c184b56 [fix #1537] Remove simple_form gem 2019-10-08 11:08:35 +02:00
Paul Chavard
e7ed408e08 Auto-link valeur des champs
closes #2865
2019-10-07 21:20:24 +02:00
Paul Chavard
7f09d0e430 Add graphql gems 2019-09-24 10:47:21 +02:00
Paul Chavard
c370c2f475 Cleanup FlipFlop 2019-09-10 23:52:44 +02:00
Paul Chavard
65e227c44b Migrate to flipper 2019-09-10 16:10:14 +02:00
pedong
fc8cebd78d add Gem rack_attack for prevent attack brute-force 2019-08-20 13:29:29 +02:00
Pierre de La Morinerie
20239077a7 Gemfile: fix an 'insecure connection' Bundler warning 2019-08-01 15:00:23 +02:00
Paul Chavard
fc75580a3c Start using pundit 2019-07-30 18:09:28 +02:00
clemkeirua
25f81f1d3c download a dossier as zip with all attachments 2019-07-16 09:11:25 +02:00
Pierre de La Morinerie
76335511c8 omniauth: protect against CSRF
See https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284
2019-07-15 18:16:00 +02:00
Mathieu Magnin
b34f8fbe3d Add ActionText 2019-07-03 13:15:49 +02:00
Paul Chavard
fb0ef15e3c Export dossiers v2 2019-07-02 14:20:29 +02:00
Nicolas Bouilleaud
76925356b6 Fix irb_context in rails console
Don’t require rspec_junit_formatter gem
It’s only needed when running tests (for circleci).
It messes with the console, when running `rails c` it causes this warning:
```
irb: warn: can't alias context from irb_context
```
This is related to rspec monkey_patching a `context` method on `Object` (rspec/rspec-rails#1645)
2019-05-20 10:33:43 +02:00
Paul Chavard
51c79ba6a6 Update webpacker and replace vue with react 2019-04-03 14:38:07 +02:00
Paul Chavard
e71cdcd12c Move all the trackers to a separate js pack 2019-04-02 17:33:53 +02:00
Mathieu Magnin
7252c26e93 Gem web-console is back ! 2019-03-12 17:53:11 +01:00
Mathieu Magnin
28fd9051d7 Gem update bootstrap-sass (>= 3.4.1) 2019-02-25 12:01:47 +01:00
Paul Chavard
c2a7460315 Add ruby debugger support 2019-02-14 15:22:57 +01:00
gregoirenovel
005eea26f7 Remove the unused web-console gem 2019-01-07 10:34:55 +01:00
gregoirenovel
9302905271 Remove the unused rack-handlers gem 2019-01-07 10:34:55 +01:00
gregoirenovel
7747f40ec0 Sort gems by alphabetic order 2019-01-07 10:34:55 +01:00
gregoirenovel
feae5194fa Use single quotes everywhere in the Gemfile 2019-01-07 10:34:55 +01:00
gregoirenovel
aaff27aca9 Move Gemfile comments into the line they comment
And remove some useless comments
2019-01-07 10:34:55 +01:00
Pierre de La Morinerie
07d95ce934 Remove the rbnacl gem
Fix #3160
2019-01-03 17:48:53 +01:00