François Vantomme
14e0c68266
feat(api particulier): add MESRI field
2021-12-16 16:45:18 +01:00
François Vantomme
5097e78b45
feat(api particulier): add MESRI locales
2021-12-16 16:45:17 +01:00
François Vantomme
693a95904e
style(api particulier): mentionne le statut étudiant dans les locales
2021-12-16 16:45:16 +01:00
Christophe Robillard
c9c1f206b9
fix zone acronyms
2021-12-15 19:37:32 +01:00
Christophe Robillard
829d644c10
group related options in zone select box
2021-12-15 19:37:32 +01:00
simon lehericey
0e7a6f5acf
remove obsolete route
2021-12-15 13:43:32 +01:00
Pierre de La Morinerie
be1ddb59ec
views: localize the stats partial
...
Also rename 'procédure' to 'démarches'.
2021-12-14 15:03:22 +01:00
maatinito
573b3d39e2
Fix date_trunc sql queries for timezoned forks
2021-12-14 08:50:09 +01:00
Martin
cf5794eebf
clean(brakeman): remove unwanted warning
2021-12-13 17:09:20 +01:00
Martin
1795084dce
fix(brakeman): no code injection here
2021-12-13 16:37:04 +01:00
simon lehericey
3bdf6b63d9
small wording fixes
2021-12-08 11:19:30 +01:00
Christophe Robillard
4ffd25a321
introduce zone concept from now on
2021-12-08 10:56:17 +01:00
François Vantomme
6ab8ac0662
feat (api particulier): add Pole emploi field
2021-12-08 10:36:25 +01:00
François Vantomme
2e05a3fde2
feat(api particulier): add Pole Emploi locales
2021-12-08 10:36:11 +01:00
François Vantomme
62bc2efbaa
style(api particulier): mentionne Pôle Emploi dans les locales
2021-12-08 09:49:53 +01:00
François Vantomme
2110ef072c
feat(api particulier): add DGFiP field
2021-12-07 11:03:05 +01:00
François Vantomme
abad34ea7c
feat(api particulier): add DGFiP locales
2021-12-07 11:03:05 +01:00
François Vantomme
8ca8bdb6c4
fix(api particulier): correction d'une typo dans les locales
2021-12-07 11:03:05 +01:00
François Vantomme
4c8697656b
style(api particulier): mentionne DGFIP dans les locales
2021-12-07 11:03:05 +01:00
Martin
45a74ee999
clean(routes): based on review
2021-12-06 13:09:46 +01:00
Martin
a9413f9b12
feat(manager): add procedure_expires_when_termine_enabled to administrate
2021-12-06 07:49:59 +01:00
Martin
081d5094a9
feat(instructeurs/procedure/dossiers#extend_conservation): add extends duree conservation in action button list, also rewire this action for user [extend by procedure.duree_conservation_dans_ds by default] but force 1.month for instructeur. add new icon for standby based on https://en.wikipedia.org/wiki/Power_symbol
2021-12-06 07:20:01 +01:00
Martin
d8a8d1fdab
feat(instructeur/dossier/header/_expiration_banner): split trads and add dedicated expiration banner for instructeur. also enhance wording to include duree conservation + extension_conservation
...
feat(expiration_banner): enhance wording of expiration
feat(dossiers/expiration_banner): enhance wording regarding expiration to include duree_conservation_dossiers_dans_ds + extension_conservation, also add spec on expiration_banner for instructeur
2021-12-06 07:05:17 +01:00
Martin
22531560d8
feat(tabs.expirants): re-order so it comes before deleted dossiers
2021-12-06 07:05:17 +01:00
Christophe Robillard
3265ac2d84
localize zone
2021-12-02 19:24:26 +01:00
Christophe Robillard
5b8d872b6e
populate zones
2021-12-02 19:16:11 +01:00
Pierre de La Morinerie
b7d17b0989
models: validate that no drop-downs are empty on publishing
...
Disallow publishing a procedure containing drop-downs with no selectable
values.
2021-12-02 09:00:37 +01:00
Pierre de La Morinerie
d524beee4e
app: remove :instructeur_bypass_email_login_token
from Flipper
2021-12-02 08:51:52 +01:00
Kara Diaby
ffcae81249
change locales
2021-11-30 14:27:58 +01:00
Pierre de La Morinerie
28dfc6a1ba
manager: save bypass_email_login_token to both column and feature
2021-11-30 13:41:25 +01:00
Pierre de La Morinerie
99c77046d2
models: improve error message for invalid champs
...
Avoid prepending the message with 'Draft revision '
2021-11-30 13:34:41 +01:00
Pierre de La Morinerie
52b0fbf9b7
models: validate repetitions on publishing
2021-11-30 13:34:41 +01:00
simon lehericey
c4cde500ce
fix acsv
2021-11-30 09:42:45 +01:00
Pierre de La Morinerie
184a401182
app: rename new_administrateur
to administrateurs
2021-11-30 08:49:38 +01:00
Martin
970e43efb8
feat(stats#index): update Stat model to also query DossierDeleted in stats computation
...
tech(question): discard_and_keep_track! ; are we really keeping track with default_scope { kept } ?
feat(stats): add DeletedDossier in Stat computations
Revert "tech(question): discard_and_keep_track! ; are we really keeping track with default_scope { kept } ?"
This reverts commit d1155b7eeaaf1a9f80189e59667e109541fcb089.
feat(stats): support deleted_dossiers for last_four_months_hash and cumulative_hash. extract sanitize query & merge hashes in methdos
clean(rubocop): lint with rubocop
Update db/migrate/20211126080118_add_index_to_deleted_at_to_deleted_dossiers.rb
Co-authored-by: LeSim <mail@simon.lehericey.net>
fix(rubocop): avoid uneeded allocation
fix(migration): add concurrent index with expected synthax
fix(brakeman): add ignore message since group date_trunc evaluation is used by only ourself
2021-11-26 13:29:40 +01:00
Kara Diaby
67d331e788
modify locales fr and en
2021-11-26 09:45:13 +01:00
Kara Diaby
fef7f79237
add route
2021-11-26 09:45:13 +01:00
kara Diaby
eaac293da3
add a new tab traités on user dossiers
2021-11-26 09:45:13 +01:00
Martin
fdf0f18fda
fix(i18n): wrap text under i18n.t
...
i18n(france_connect/*): replace wording with i18n
fix(lint): i18n key issue
secu(views/france_connect/particulier/merge.html.haml): sanitize france_connect_email just in case
fix(brakeman): sanitize FCI.email_france_connect when used with html_safe via an I18n.t, also add exception to brakeman
2021-11-25 17:34:37 +01:00
Martin
ff073f8884
Add confirmation by email when merging DC/FC accounts
...
feat(fci.confirmation_code): add confirmation code to france_connect_informations
feat(user_mailer.france_connect_confirmation_code): add confirmation by email mail method/preview/spec, pointing to merge_mail_with_existing_account (reuse existing method)
feat(mail_merge): mail merge
feat(merge.cannot_use_france_connect): same behaviour as callback
clean(fci.confirmation_code): use same token for mail validation as merge
feat(resend_france_connect/particulier/merge_confirmation): resend email with link. also enhance some trads, cleanup halfy finished refacto
clean(tech): finalize story by plugging merge_with_new_account to email validation
fix(deadspec): was removed
fix(spec): broken after last refactoring
lint(rubocop): space before parenthesis
lint(haml-lint): yoohoooo space before =
fix(lint): scss now :D
Update app/assets/stylesheets/buttons.scss
cleanup
feat(france_connect): re-add confirm by email, with an option for confirmation by email instead of only confirmation by email
fixup! Add confirmation by email when merging DC/FC accounts
fix(lint): haml_spec failure
2021-11-25 17:34:34 +01:00
mfo
e7d9d047fe
Merge branch 'main' into 6649-etq-usager-instructeur-rendre-la-suppression-plus-visible
2021-11-24 14:07:32 +01:00
simon lehericey
6e7d2e057a
typo
2021-11-24 12:50:52 +01:00
simon lehericey
f60055637a
add missing redirect_uri env
2021-11-24 12:47:01 +01:00
Pierre de La Morinerie
60c2718f29
models: remove custom code for file size validation message
...
With active_storage_validations 0.9.6, we can use the %{max_size}
variable directly in the error message.
2021-11-24 10:06:45 +01:00
Martin
0fd9e15cc1
i18n(expiration_banner): extract test in i18n files
2021-11-23 15:23:22 +01:00
simon lehericey
5234a1854c
manage AgentConnect callback
2021-11-23 14:17:59 +01:00
simon lehericey
3316dfc866
reopen openid_connect gem to support AC encrypted jwt response
2021-11-23 14:17:59 +01:00
simon lehericey
898df449d4
redirect to AgentConnect
2021-11-23 14:17:59 +01:00
simon lehericey
45ce274721
add agent connect secrets
2021-11-23 14:17:59 +01:00
simon lehericey
d2432e34eb
AgentConnect UI
2021-11-23 14:17:59 +01:00
Martin
b6adf5fc72
feat(dossiers/show): enhance header with expirations message/banner. also ensure consistent design between dossier states
...
fix(spec): broken due to last refactoring
spec(dossier.extend_conservation): add system spec
lint(ruby): still not yet ready for auto lint in IDE...
2021-11-23 05:50:25 +01:00
Martin
3d1533dee9
feat(users/dossiers?statut=dossiers-expirant): add dossiers-expirant tab
2021-11-19 15:14:39 +01:00
mfo
82b23b92c0
Merge branch 'main' into 6624/etq-instructeur-je-souhaite-supprimer-des-messages-envoyes-par-erreur
2021-11-17 05:41:56 +01:00
Paul Chavard
406c5a61cc
fix(dossier): fix dossier traitements display
2021-11-16 19:00:20 +03:00
mfo
1d174df2ec
Merge branch 'main' into 6624/etq-instructeur-je-souhaite-supprimer-des-messages-envoyes-par-erreur
2021-11-16 16:37:15 +01:00
Martin
c24bc45137
clean(trads): remove unused i18n
2021-11-16 16:25:32 +01:00
Martin
f0950b592b
clean(CommentaireService): extract soft delete within controller. returning an instance with an error[:base] is not persisted with validation : avoid poluting stuff
2021-11-16 16:13:11 +01:00
Paul Chavard
7914775809
feat(routage): administrateur can disable routage
...
fix #6627
2021-11-16 11:49:51 +03:00
Martin
d4c74b5621
feat(rc.1): refine with better translations, better design
2021-11-15 14:15:05 +01:00
Martin
3b78a9d81a
feat(rc): first stable
2021-11-15 13:53:32 +01:00
Paul Chavard
1adafd22d0
fix(graphql): add graphql_operation to lograge
2021-11-04 16:18:10 +01:00
simon lehericey
652b8367be
accept or refuse merge
2021-11-04 16:10:09 +01:00
simon lehericey
894e8fdd47
move update_email check to before_action
2021-11-04 16:10:09 +01:00
Paul Chavard
ba0211ba52
feat(champ): ask for departement before asking for commune
2021-11-04 11:55:25 +01:00
Pierre de La Morinerie
5f2233d07d
specs: reduce BCrypt complexity during tests
...
BCrypt is used to compute Instructeur tokens, and takes a surprisingly
ong time during specs.
Reducing the complexity to speed it up.
Speeds up this spec from 0m 57s to 0m 20s.
2021-11-03 19:38:01 +01:00
kara Diaby
f1f2b76a3d
revisions
2021-10-27 12:00:39 +02:00
Paul Chavard
6e8e0c7b6b
feat(type_de_champ): reflect changes of secondary labels and descriptions
2021-10-26 12:18:01 +02:00
Pierre de La Morinerie
d0e87a08cf
services: cache zxcvbn dictionaries per-thread
...
Before, every time a password was tested, the dictionaries were parsed
again by zxcvbn.
Parsing dictionaries is slow: it may take up to ~1s. This doesn't matter
that much in production, but it makes tests very slow (because we tend
to create a lot of User records).
With this changes, the initializer tester is shared between calls, class
instances and threads. It is lazily loaded on first use, in order not to
slow down the application boot sequence.
This uses ~20 Mo of memory (only once for all threads), but makes tests
more that twice faster.
For instance, model tests go from **8m 21s** to **3m 26s**.
NB:
An additionnal optimization could be to preload the tester on
boot, before workers are forked, to take advantage of Puma copy-on-write
mechanism. In this way all forked workers would use the same cached
instance.
But:
- We're not actually sure this would work properly. What if Ruby updates
an interval ivar on the class, and this forces the OS to copy the
whole data structure in each fork?
- Puma phased restarts are not compatible with copy-on-write anyway.
So we're avoiding this optimisation for now, and take the extra 20 Mo
per worker.
2021-10-25 12:04:56 +02:00
Pierre de La Morinerie
136d0bc341
config: remove pre and post boot code from puma config
...
This is no longer needed since Rails 5.1.
See https://github.com/rails/rails/pull/31241
2021-10-25 11:28:09 +02:00
simon lehericey
738d08a1d9
change in whitelist
2021-10-19 21:07:24 +02:00
simon lehericey
44c880adc4
allow instructeur and administrateur to change their email to legit domain ( #6550 )
2021-10-19 15:54:57 +02:00
simon lehericey
ce40e1127d
merge with another new account
2021-10-14 14:47:50 +02:00
simon lehericey
19f81b594b
merge with an existing account by using the password
2021-10-14 14:47:50 +02:00
simon lehericey
f7299da1e7
launch merge process if an unlinked DS account with the same email exists
2021-10-14 14:47:50 +02:00
simon lehericey
8c81558e56
english locales
2021-10-12 14:27:20 +02:00
simon lehericey
57a7f82a8f
add cnaf ui
2021-10-12 14:27:20 +02:00
simon lehericey
40d0cfcdc4
add champ validation
2021-10-12 14:27:20 +02:00
simon lehericey
d68129b34d
add cnaf type de champ
2021-10-12 14:26:40 +02:00
simon lehericey
b69dafc3d4
CNAF in lowercase
2021-10-12 14:26:40 +02:00
simon lehericey
05e127af4b
corrige une locale
2021-10-12 14:26:40 +02:00
Pierre de La Morinerie
0b02fce5e4
jobs: move ActiveJobLogSubscriber out of initializers
...
This is a class of its own, it doesn't need to be in the initializers.
2021-10-12 11:40:19 +02:00
kara Diaby
6251c3369b
routes
2021-10-05 15:37:29 +02:00
kara Diaby
6c82e40ddb
routes
2021-10-05 15:00:21 +02:00
Pierre de La Morinerie
f277731b3d
app: upgrade webpacker by running rails webpacker:install
2021-09-30 17:05:26 +02:00
kara Diaby
eb951c75e4
change stats colors
2021-09-28 14:49:24 +02:00
Paul Chavard
357c684688
feat(routage): self managing instructeurs
2021-09-27 15:06:17 +02:00
simon lehericey
75043070da
add CNAFAdapter
2021-09-22 12:08:24 +02:00
simon lehericey
07962cc2c7
service: match remote keys
2021-09-22 12:08:24 +02:00
Ismael MOUSSA S
7c7c9c9ea4
Fix file size validation message
2021-09-21 12:11:20 -05:00
simon lehericey
2e1bed8748
an admin can save its sources
2021-09-21 11:21:10 -05:00
Pierre de La Morinerie
6656d1130b
i18n: refactor admin support locales
...
This allow i18n-tasks to better detect dynamic keys.
2021-09-21 10:44:20 -05:00
Pierre de La Morinerie
f9220891a7
i18n: refactor user support locales
...
This allow i18n-tasks to better detect dynamic keys.
2021-09-21 10:44:20 -05:00
Pierre de La Morinerie
ede23fa542
i18n: remove unused locales about user feedback
2021-09-21 10:44:20 -05:00
Pierre de La Morinerie
274b92c453
i18n: remove simple_form locale files
...
We don't even use simple_form.
2021-09-21 10:44:20 -05:00
Pierre de La Morinerie
f050a4757a
i18n-tasks: consider model names localizations as used
2021-09-21 10:44:20 -05:00
Pierre de La Morinerie
580ae1c063
i18n: add automated check for inconsistent interpolations
2021-09-21 10:44:20 -05:00
Pierre de La Morinerie
b4e850b88b
config: remove old retro-compatibility Job constants
...
These constants were defined so that existing enqueued jobs wouldn't
fail during the app upgrade.
These jobs are long gone. Let's remove the compatibility code.
2021-09-21 10:43:33 -05:00
simon lehericey
75481a644c
Add confirm alert
2021-09-20 13:58:11 +02:00
simon lehericey
7239657a75
[ Fix #6481 ] a user see its waiting transfers
2021-09-20 13:58:11 +02:00
simon lehericey
c34476a766
a user can transfer all its dossier
2021-09-20 13:58:11 +02:00
Paul Chavard
c9accbf5a5
refactor(i18n): localize routage description
2021-09-18 11:51:27 +02:00
Paul Chavard
64298503b1
fix(i18n): fix missing translations in partials
2021-09-18 11:44:41 +02:00
Paul Chavard
0c5c8faf16
feat(routage): enable routage for everyone
2021-09-18 11:22:35 +02:00
Paul Chavard
eea6b961d7
refactor(routage): remove administrateur_routage feature flag
2021-09-18 11:21:26 +02:00
simon lehericey
5dbd81ebeb
show api particulier sources
2021-09-17 13:50:23 +02:00
Pierre de La Morinerie
64e10c6d8c
i18n: fix english file with fr key
2021-09-16 08:16:09 -05:00
Pierre de La Morinerie
c6bc42ad76
i18n: fix english keys scope for passwords views
2021-09-16 07:59:19 -05:00
Pierre de La Morinerie
715b5ea6d8
i18n: move controller keys to the proper scope
2021-09-16 07:59:19 -05:00
Pierre de La Morinerie
0104a71e53
i18n: remove unused english key
2021-09-16 07:51:56 -05:00
Pierre de La Morinerie
973945fb58
i18n-tasks: add gems locales to the search path
2021-09-16 07:51:56 -05:00
Pierre de La Morinerie
446738fbbf
i18n: make dynamic scopes explicit
...
This fixes i18n-tasks not being able to recognize the scopes.
2021-09-16 07:51:56 -05:00
Pierre de La Morinerie
95d1cd6992
i18n: cleanup gender locales
...
The dot in the localized key messes up with i18n-tasks, and causes
false positives for missing strings.
2021-09-16 07:51:56 -05:00
Pierre de La Morinerie
745e19bb8e
localize
2021-09-16 09:07:47 +02:00
simon lehericey
69bb174e29
add feature flipped link to add api particulier token
...
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:56:42 +02:00
simon lehericey
ee6d19e3ee
an admin can save it's api particulier token
...
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:56:42 +02:00
simon lehericey
4c0dd43055
add jetons particulier index page
...
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:37:04 +02:00
simon lehericey
620a5374e8
Add api particulier url in conf
...
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:37:04 +02:00
Peng-Fei DONG
1979c44f9c
set OTP: Enable or Disable
2021-09-09 10:25:15 -05:00
Pierre de La Morinerie
407f46b7de
gems: remove smart_listing
...
It was only used in the old design, which we recently removed
completely.
2021-09-09 09:58:41 -05:00
Pierre de La Morinerie
80f9d4adc0
devise: use password_strength component in SuperAdmin::PasswordsController
2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
ed8b19d2eb
app: use password_complexity in Administrateurs::ActivateController
2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
428ca8755f
app: add a password_complexity component
...
This component will replace the previous `password_field` component.
2021-09-09 09:40:39 -05:00
Paul Chavard
3235f42a63
feat(dossier): add dossier transfers UI
2021-09-08 15:10:43 +02:00
Paul Chavard
d6cbdf2a48
feat(dossier): add dossier transfer models
2021-09-08 14:39:46 +02:00
Ismael MOUSSA S. (T0194673)
9d012d51e8
delete features flag option : 'make_experts_notifiable'
2021-09-07 10:49:20 +02:00
Paul Chavard
6a5a8233b5
feat(i18n): send dossier emails with its user locale and improuve translations
2021-09-07 09:51:23 +02:00
Pierre de La Morinerie
d4d0c0b1f3
gems: clean brakeman obsolete false-positives
...
These were made obsolete by the new brakeman version.
2021-09-02 16:12:52 -05:00
Pierre de La Morinerie
f9529da8bd
gems: update brakeman
...
This prevent a false-positive warning about a vulnerable loofah version.
We also need to ignore a new warning, about an unsafe redirect. This is
unsafe when the object given in redirect can be a hash that includes
a `:host` key. But here we are redirecting to a plain string, which is
definitely safe.
2021-09-02 16:11:23 -05:00
Pierre de La Morinerie
a004ac59df
app: move archive to NewAdministrateur::ProceduresController
2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
e7c8a9fff5
app: move clone to NewAdministrateur::ProceduresController
2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
56fa7e7cd6
app: move destroy to NewAdministrateur::ProceduresController
...
The code was already moved; only the route and tests were not.
2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
3e83ad454f
app: move new_from_existing to NewAdministrateur::ProceduresController
2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
7729385d89
controllers: remove dead code on Admin::ProceduresController
...
This code has been migrated to NewAdministrateur::ProceduresController.
2021-09-02 14:51:26 -05:00
Pierre de La Morinerie
3fc934c8fb
app: remove leftovers of publish_validate route
...
The correponding code and feature have been removed a while ago.
2021-09-02 14:50:41 -05:00
Pierre de La Morinerie
0f9d7d6b8c
app: remove old Admin::InstructeursController
...
It was only hosting the deprecated "Instructeurs globally attached to
this admin", which wasn't used anywhere in the app anymore.
2021-09-02 14:40:36 -05:00
lydiasan
ed7a9aaf39
ajout des traductions pour la page reset-link-sent
2021-09-01 17:49:52 +02:00
Paul Chavard
a3cc072bbd
feat(i18n): translate countries selector
2021-08-31 13:15:26 +02:00
Paul Chavard
241f564ecc
refactor(i18n): move signature translation keys to shared
2021-08-26 17:53:59 +02:00
Paul Chavard
89d9a4a477
feat(i18n): translate notification emails actions
2021-08-26 17:53:59 +02:00
Paul Chavard
6eb072e69f
feat(i18n): translate email greetings
2021-08-26 17:53:59 +02:00
lydiasan
156b9894fe
ajout des traductions pour la demande de mdp
2021-08-26 17:43:00 +02:00
Paul Chavard
8c6978c0cb
feat(i18n): translate devise related emails
2021-08-26 12:08:40 +02:00
Paul Chavard
8e1bfb469f
fix(dossier): send expiration notifications 2 weeks prior to supression instead of a month
2021-08-26 11:28:57 +02:00
Pierre de La Morinerie
47e1555dce
i18n: properly translate the locale dropdown title
2021-08-24 12:57:51 -05:00
Pierre de La Morinerie
83b04aca59
i18n: move 'layouts' locales to their proper location
2021-08-24 12:57:51 -05:00
Christophe Robillard
99c16e8dc0
i18n for header
2021-08-20 12:09:01 +02:00
Christophe Robillard
a5750ed4ce
i18n for registration page
2021-08-20 12:09:01 +02:00
Paul Chavard
2e707e118c
fix(i18n): remove space before question mark in english
2021-08-20 10:40:12 +01:00
Christophe Robillard
bf3580ca2f
i18n for page commencer
2021-08-20 09:19:25 +02:00
Paul Chavard
ffa8c0c80a
feat(dossiers): enable dossiers termine expiration behind feature flag
...
feature flag "procedure_process_expired_dossiers_termine" controls if a procedure has expiration
enabled on dossiers termine
re #3796
2021-08-18 16:11:35 +01:00
François Vantomme
17b659539f
Feat (API Particulier): new encryption service
2021-07-30 11:18:44 +02:00
Paul Chavard
020ce2dcaa
fix shared locales namespace
2021-07-28 13:09:50 +02:00
kara Diaby
77b57edb2f
fixup! routes
2021-07-27 19:38:21 +02:00
lydiasan
7de10731a6
i18n: localize dossiers edition
2021-07-20 14:18:20 +02:00
Pierre de La Morinerie
5b4f7f9ae9
app: restore the default cache settings
...
We initially did that to avoid a browser being restarted to display a
cached form with a stale CSRF token – thus provoking an
InvalidAuthenticityToken exception when the form is submitted.
But now that we use a long-lived CSRF token, we can submit forms with
a stale CSRF token successfully (because the long-lived CSRF cookie)
is still valid – so we no longer need to change the HTML cache behavior.
This fixes issues where the browser Back button wants to display a
previous POST document, but can't because of the 'no-store' setting. In
this case the browser either displays an error, or re-attempts the POST
request (without any cookies), which results in an
InvalidAuthenticityToken exception.
See `docs/adr-csrf-forgery.md` for more explanations.
2021-07-20 11:11:52 +02:00
Pierre de La Morinerie
9eb2e13d43
config: report job exceptions after max retry count reached
...
Previously Sentry reported job exceptions even if a retry
strategy was specified. So we had to ignore retried job exceptions
entirely.
Since sentry-delayed-job 0.4.4, we can instead let Sentry report
job exceptions when the retry count is exhausted. Which is
exactly the behavior we want.
2021-07-01 15:06:14 +02:00
Paul Chavard
15ff046428
Improuve revision changes messages
2021-06-24 11:39:49 +02:00
Paul Chavard
8b2c2c6466
Handle carte layers changes
2021-06-24 11:39:49 +02:00
Paul Chavard
35eccb5630
Show separate blocks for types de champ and annotation changes
2021-06-23 09:40:07 +02:00
Paul Chavard
7cb2f91fea
Add revisions feature flag
2021-06-23 09:40:07 +02:00
Paul Chavard
f238710044
Add last_month export
2021-06-23 09:23:10 +02:00
Pierre de La Morinerie
b5bde6608c
routes: replace the email param in the Avis URLs by a query param
2021-06-17 11:15:51 +02:00
Pierre de La Morinerie
ab442cd8d1
routes: remove unused redirections
2021-06-17 11:15:51 +02:00
Pierre de La Morinerie
51159117c9
routes: replace the email param in the URL to a query param
...
This basically moves from:
/lien-envoye/foo@bar.com
to:
/lien-envoye?email=foo@bar.com
This allow to properly censor the data in Matomo (so that email
addresses don't end up stored in Matomo).
2021-06-17 11:15:51 +02:00
kara Diaby
99d00c00ce
change routes
2021-06-15 11:20:20 +02:00
kara Diaby
da1d83b967
add route
2021-06-04 15:29:08 +02:00
Pierre de La Morinerie
fcd5df3c2b
i18n: add missing i18n keys for User model
...
The key for naming the User model was missing – so the default
localization from devise-i18n was used. Unfortunately devise-i18n lacks
the plural form.
This fixes the manager dashboard displaying "User" instead of "Users".
2021-05-27 16:08:55 +02:00
François Vantomme
bc6d5aca0e
Fix (Sentry): prefer Rails secrets over ENV variables
2021-05-27 11:12:27 +02:00
Jon
2a0a65a90f
fix(sentry): specify current environment for sentry config
2021-05-27 11:12:27 +02:00
Paul Chavard
9b0dae4cc2
Fix apostrophes ‘ -> ’
2021-05-26 18:05:14 +02:00
lydiasan
2d6ad4f2c1
Merge branch 'main' into localize-dropdown-button
2021-05-25 14:45:52 +02:00
Pierre de La Morinerie
d93342e1d7
config: cleanup allowed tags after Rails 6.1 migration
2021-05-25 11:06:53 +02:00
Paul Chavard
e74dcb0056
Remove ign feature flag
2021-05-24 11:50:16 +02:00
Paul Chavard
01c558953b
Remove API GEO legacy adapter
2021-05-24 11:50:16 +02:00
kara Diaby
b3caa2e5f4
add route
2021-05-18 11:42:10 +02:00
lydiasan
42153d1d37
ajout du selecteur de langue
2021-05-12 16:30:35 +02:00
Paul Chavard
8a74438dc1
Use conservation_extension instead of en_construction_conservation_extension
2021-05-11 17:33:53 +02:00
Paul Chavard
e8cdded515
Use explicit name to avoid unknown constant errors
2021-05-06 16:10:48 +02:00
Pierre de La Morinerie
b8f71bd52c
i18n: fix enum values for Dossier.state
...
According to Rails i18n guide, enum values should be localized
as `<model>/<enum>`, not as sub-values to the attribute.
This fixes an exception in administrate when displaying a Dossier
in the Manager.
Note: we need to change the way GraphQL attributes are generated, because
`AASM::Core::State#display_name` doesn’t honor the `model/attribute.value`
convention (and instead tries to localize as `model.attribute/value`).
So instead we lookup the localized name using ActiveRecord.
2021-05-06 14:38:25 +02:00
Paul Chavard
327bec0637
Use HELO
2021-05-06 08:59:18 +02:00
Christophe Robillard
2516abc277
activate rack_mini_profiler in dev and display query count
2021-05-05 17:16:10 +02:00
Paul Chavard
bcbfcdc537
Revert "Merge pull request #6142 from tchak/enable_brouillon_extend_conservation"
...
This reverts commit 48eb4d9778
, reversing
changes made to 5539d5cb8c
.
# Conflicts:
# app/models/dossier.rb
# db/schema.rb
2021-05-04 16:03:29 +02:00
Paul Chavard
b2a867266a
Allow users to extend conservation on drafts
2021-04-29 19:50:30 +02:00
Christophe Robillard
f40d96fbd2
Revert "Revert "Export de tous les dossier d'une démarche""
...
This reverts commit d9a588b52e
.
2021-04-29 17:29:47 +02:00
krichtof
d9a588b52e
Revert "Export de tous les dossier d'une démarche"
2021-04-29 16:07:18 +02:00
Pierre de La Morinerie
fbfe5c3817
jobs: also retry native ActiveStorage's jobs on transient errors
2021-04-29 14:08:12 +02:00
Christophe Robillard
59a08ad307
affiche quand l'archive a été générée
2021-04-28 11:40:58 +02:00
Christophe Robillard
8b2849408c
instructeurs can create and download archives
2021-04-28 11:40:58 +02:00
Pierre de La Morinerie
4a12e973bf
i18n: add unbreakable spaces to reset_link_sent locales
2021-04-27 13:56:57 +02:00
Pierre de La Morinerie
d530b272a1
password: add specific page for reset instructions
2021-04-22 14:24:15 +02:00
Pierre de La Morinerie
9ad57fde2a
initializers: lazy-load Mailjet gem
...
This fixes an error message on app startup about autoloaded
constants:
> DEPRECATION WARNING: Initialization autoloaded the constants ActionText::ContentHelper and ActionText::TagHelper.
The reason for this error is that the Mailjet gem forces the
immediate loading of `action_mailer`. Which leads to the
following sequence of events:
On app init, when bundler requires all the gems in the Gemfile:
- The Mailjet gem is required,
- It loads `ActionMailer::Base`.
Later, when Rails initializes itself:
- `ActionText` creates an `action_text.helpers` initializer,
- This initializer register hooks to add `ActionText` helpers
when either `action_controller_base` or `action_mailer` are loaded,
- But as `action_mailer` has already been loaded, the hook is trigerred
immediately,
- ActiveSupport::Dependencies notices `ActionText` constants do not
exist yet, auto-load them, and add the constants to
`ActiveSupport::Dependencies.autoloaded_constants`.
And even later, at the end of the Rails initialization process:
- The `:warn_if_autoloaded` initializer is run,
- It notices that `autoloaded_constants` is not empty, and prints the
warning message.
See https://github.com/mailjet/mailjet-gem/issues/213
2021-04-20 15:11:43 +02:00
Pierre de La Morinerie
8cb7a49dd9
password: add password reset instructions
2021-04-20 09:34:53 +02:00
Pierre de La Morinerie
85691b9f2e
sign_in: no need to specify password length
2021-04-20 09:34:52 +02:00
Pierre de La Morinerie
6b14420ffa
sign_in: improve "Forgot password?" appearance on mobile
2021-04-20 09:34:52 +02:00
kara Diaby
881491c697
add route
2021-04-19 10:23:45 +02:00
Paul Chavard
f08d704d5f
Fix api docs URL
2021-04-15 17:06:23 +02:00
Pierre de La Morinerie
c96a2550d8
ci: check for zeitwerk errors
...
If a zeitwerk-incompatible class is introduced, it won't break
any test before reaching production.
2021-04-15 13:17:46 +02:00
Christophe Robillard
54f2b9dc7e
[manager] remove super admin
2021-04-15 10:12:11 +02:00
Christophe Robillard
db48ea02aa
[manager] list superadmins
2021-04-15 10:12:11 +02:00
Paul Chavard
651a928b7c
Improuve export UI
2021-04-08 14:40:26 +01:00
simon lehericey
44f9ae3c65
only preload what is needed on most requests
2021-04-06 18:23:14 +02:00
simon lehericey
b87a691176
use env for localization to avoid db round trip
2021-04-06 18:23:14 +02:00
simon lehericey
cd4ad6878c
remove insee_api_v3 feature
2021-04-06 18:23:14 +02:00
simon lehericey
06d2eb2d21
remove feature xray
2021-04-06 18:23:14 +02:00
simon lehericey
c2847d1481
remove unused mini_profiler var
2021-04-06 18:23:14 +02:00
simon lehericey
6f2b2c3c1f
use env for maintenance mode to avoid DB roundtrip
2021-04-06 18:23:14 +02:00
simon lehericey
1715a4899f
remove coronavirus banner
2021-04-06 18:23:14 +02:00
Pierre de La Morinerie
62051c926a
app: move update_allow_decision_access to ExpertsController
2021-04-06 14:54:18 +02:00
Pierre de La Morinerie
c82c72402d
app: move the experts list to ExpertsProceduresController
2021-04-06 14:29:02 +02:00
Pierre de La Morinerie
7acb4cee83
controllers: use standard action names in ExpertsProceduresController
2021-04-06 13:45:51 +02:00
Pierre de La Morinerie
3f25624a5a
routes: nest ExpertsProcedures routes in a resource
2021-04-06 13:18:51 +02:00
Pierre de La Morinerie
42b3ba1e1b
config: migrate all config to Rails 6.1 defaults
2021-04-06 12:12:57 +02:00
Pierre de La Morinerie
ce427784e7
config: enable has_many_inversing
2021-04-06 12:12:57 +02:00
Pierre de La Morinerie
6bc608a821
config: enable most Rails 6.1 defaults
2021-04-06 12:12:57 +02:00
Pierre de La Morinerie
c2ce20d40c
config: form_with now generates local forms by default
...
We can remove the `local: true` parameter, as it is now implied by
default.
2021-04-06 12:12:57 +02:00
Pierre de La Morinerie
b65de3e583
config: make the queue names explicit
...
With Rails 6.1, the default queue is now the global application queue.
We want to retain our custom queues in some cases, so configure them
epxlicitely.
2021-04-06 12:12:57 +02:00
Fabrice Gangler
6f0b594fc5
doc: add ACCESSIBILITE_URL to env.example.optional file
...
Refs: #6050
2021-04-06 11:33:42 +02:00
kara Diaby
39d0dd2af1
yml traduction
2021-04-06 10:38:46 +02:00
kara Diaby
5b7b2d4966
change routes
2021-04-06 10:38:46 +02:00
Christophe Robillard
dbfc878bf5
supprime la page accessibilité
2021-03-30 15:12:18 +02:00
Christophe Robillard
d89dc785f0
met à jour le lien de bas de page Accessibilité
...
Ce lien pointe désormais vers notre site de documentation
2021-03-30 15:08:20 +02:00
simon lehericey
5624e87867
add webserver file logic
2021-03-29 18:45:40 +02:00
Pierre de La Morinerie
5990439ab7
app: update code to Rails 6.1
2021-03-25 13:24:53 +01:00
lydiasan
8dce3e5d2a
i18n: localize users/sign_in page
2021-03-25 11:59:05 +01:00
kara Diaby
fe7fb882c8
remove useless routes
2021-03-24 16:20:44 +01:00
Christophe Robillard
83cf0fa903
detect staging env
2021-03-24 15:30:12 +01:00
Pierre de La Morinerie
56b3601063
app: enable Bootsnap
...
Bootsnap speeds up the initial loading of the Rails app by:
- Optimizing the LOAD_PATH dynamically
- Caching the result of Ruby bytecode compilation
Cached data are written to `tmp/cache/bootsnap*`.
This is enabled in the default Rails app template.
2021-03-19 08:05:14 +01:00
kara Diaby
c7392d8140
changes routes
2021-03-18 11:38:52 +01:00
kara Diaby
d2ab2debb6
add expert logic
2021-03-18 11:27:51 +01:00
Pierre de La Morinerie
ac5303d56d
config: make Sentry ignore rescued ActiveJob exceptions
...
For now the Sentry delayed_job integration reports errors that are
rescued with `retry_on`.
Ignore these errors manually for now.
See https://github.com/getsentry/sentry-ruby/issues/1347
2021-03-18 10:52:10 +01:00
Pierre de La Morinerie
75a1046315
active_storage: refactor concerns
...
Follow-up of #5953 .
Refactor the concerns with two goals:
- Getting closer from the way ActiveStorage adds its own hooks.
Usually ActiveStorage does this using an `Attachment#after_create`
hook, which then delegates to the blob to enqueue the job.
- Enqueuing each job only once. By hooking on `Attachment#after_create`,
we guarantee each job will be added only once.
We then let the jobs themselves check if they are relevant or not, and
retry or discard themselves if necessary.
We also need to update the tests a bit, because Rails'
`perform_enqueued_jobs(&block)` test helper doesn't honor the `retry_on`
clause of jobs. Instead it forwards the exception to the caller – which
makes the test fail.
Instead we use the inline version of `perform_enqueued_jobs()`, without
a block, which properly ignores errors catched by retry_on.
2021-03-16 11:49:14 +01:00
Pierre de La Morinerie
70104d7059
config: avoid blocking legitimate requests from mobile ISPs
2021-03-11 18:28:10 +01:00
Paul Chavard
1644c9d44b
Another attempt at fixing IE
2021-03-09 11:29:20 +01:00
Pierre de La Morinerie
b0735aafe0
config: fix DynamicSmtpSettingsInterceptor warning again
...
This warning re-appeared when running mailer tests:
```
DISABLE_SPRING=1 bin/rspec spec/mailers/administration_mailer_spec.rb
```
It is now fixed properly, in a way recommanded by the documentation.
2021-03-04 22:52:19 +01:00
Paul Chavard
d4a34edab5
fix mapbox-gl transpilation
2021-03-04 19:04:39 +01:00
Paul Chavard
600f49a0ff
Hide groupe instructeur selector when routage is done via API
2021-03-04 11:06:04 +01:00
Paul Chavard
1c811083c0
Cleanup feature flags usage
2021-03-04 11:06:04 +01:00
Pierre de La Morinerie
d36a684315
config: fix zeitwekr warning when reloading the app
...
Turns out we need not only to load the Job constants later, but also
not to do the same work twice – otherwise we'll get a
> ApiEntreprise::Job constant is already defined
when attempting to re-define the constant.
2021-02-24 19:01:27 +01:00
Pierre de La Morinerie
9f676c76e1
config: fix zeitwerk warning about DynamicSmtpSettingsInterceptor
...
Fix a warning when running tests:
> DEPRECATION WARNING: Initialization autoloaded the constant DynamicSmtpSettingsInterceptor.
>
> Being able to do this is deprecated. Autoloading during initialization is going
to be an error condition in future versions of Rails.
>
> Reloading does not reboot the application, and therefore code executed during
> initialization does not run again. So, if you reload DynamicSmtpSettingsInterceptor, for example,
> the expected changes won't be reflected in that stale Class object.
>
> This autoloaded constant has been unloaded.
>
> Please, check the "Autoloading and Reloading Constants" guide for solutions.
However if we fix as recommanded, the interceptor will get added
each time the classes are reloaded. And as the actual class instance
changed after the reloading, they won't be de-duplicated – *and*
there's no way to remove the old interceptor without having a reference
to the (now-deleted) class.
Instead we load the interceptor once, and add a message about the class
not being auto-reloaded.
2021-02-24 19:00:29 +01:00
Pierre de La Morinerie
68425929c6
config: disable Sentry sampling when not enabled
...
This removes spam in the debug console when running locally.
Removed messages look like a swarm of:
> [Tracing] Discarding <rails.request> transaction </assets/marianne.png> because it's not included in the random sample (sampling rate = 0.001)
2021-02-24 17:45:18 +01:00
Pierre de La Morinerie
e51948ab5c
stylesheets: merge print rules with the application stylesheet
...
- Having a separate stylesheet for print rules is not a best practice
(it makes an extra network request)
- It makes migrating to Sprockets 4 easier
2021-02-24 17:09:51 +01:00
Pierre de La Morinerie
fb305e31c4
config: move application_name to an initializer
...
It seems cleaner not to require a file before the Rails configuration
runs.
2021-02-24 15:06:55 +01:00
Pierre de La Morinerie
a2175ed6e3
config: reload compatibility aliases on classes reload
...
Fixes zeitwerk complaining that the compatibility aliases loaded in an
initializer will never be reloaded.
In our case it doesn't matter that much, but it will reduce the console
spam.
2021-02-23 09:24:13 +00:00
Paul Chavard
228a83f8a5
Add api address external data fetch
2021-02-17 19:10:16 +01:00
Paul Chavard
7223d77058
Remove unused paths from assets pipeline
2021-02-17 10:16:54 +01:00
Paul Chavard
1c164c4376
Use jsx extension
2021-02-16 18:14:10 +01:00
Pierre de La Morinerie
2ce3149d92
test: don't cache classes during tests
...
When running several individual tests in succession using Spring,
we get an error message:
> zeitwerk error: reloading is disabled because config.cache_classes is true
Caching classes during tests used to be recommended – but Rails 6
now recommands to reload them:
- Spring takes care of the caching for us,
- It makes zeitwerk happy.
See discussion in 65344f254c
A potential downside used to be that when running system tests using
Capybara, each web request would reload the classes, which invalidated
the model objects of the test case. But it seems to be fixed now.
2021-02-16 15:59:35 +01:00
kara Diaby
9492b09f85
make and expert notifiable (controller and routes)
2021-02-16 09:46:18 +00:00
Paul Chavard
cfa80578a7
Adjust sentry sample rate
2021-02-12 11:35:58 +01:00
Pierre de La Morinerie
211ddeda45
config: enable zeitwerk
...
Check that everything works using
bin/rails zeitwerk:check
2021-02-11 12:30:43 +01:00
Pierre de La Morinerie
819325c761
zeitwerk: move our Array extension to initializers/core_ext
2021-02-11 12:30:43 +01:00
Christophe Robillard
a288a13805
disable france connect authentication for admin and instructeurs
2021-02-10 18:13:47 +01:00
Paul Chavard
0697e50b7c
lower sentry sampling to 1%
2021-02-10 17:52:18 +01:00
Paul Chavard
eac967f84e
Add sentry traces (20% for now)
2021-02-10 15:35:21 +01:00
Pierre de La Morinerie
0af7188d8c
zeitwerk: add inflections
2021-02-09 13:09:10 +01:00
Pierre de La Morinerie
7d1c79bf4b
zeitwerk: Url -> URL
2021-02-09 13:07:30 +01:00
Pierre de La Morinerie
150ddab660
zeitwerk: Api -> API
2021-02-09 13:07:30 +01:00
Fabrice Gangler
229f495753
allow email footer logo to be configured in .env file
...
Refs: #5873
2021-02-09 09:39:02 +01:00
Fabrice Gangler
3034716963
allow mailers/_bizdev_signature to be configured in .env file
...
Refs: #5871
2021-02-04 13:09:40 +01:00
Fabrice Gangler
d039798ac8
allow logo in PDF export to be configured in .env file
...
Refs: #5869
2021-02-04 12:24:31 +01:00
Pierre de La Morinerie
3b5617b123
mailers: remove dead AdministrationMailer code
2021-02-04 12:15:13 +01:00
Judith
6d89a83d14
unused locales clean-up
2021-02-04 12:15:13 +01:00
Judith
ed10a9dd62
gem i18n-tasks added to Gemfile
2021-02-04 12:15:13 +01:00
Paul Chavard
c46ab38055
Add sentry-rails
2021-01-28 15:31:27 +01:00
simon lehericey
d72f0c6dd2
Add authorized content type for pj
2021-01-18 17:23:08 +01:00
Paul Chavard
91be115c70
Add annuaire_education champ ui
2021-01-14 17:57:48 +01:00
Paul Chavard
54f2084aef
Add annuaire_education champ
2021-01-14 17:57:48 +01:00
Paul Chavard
5c9f2e8783
Add api education adapter and job
2021-01-14 17:57:48 +01:00
kara Diaby
8f6440f615
Admins can see the list of invited experts
2020-12-21 14:55:51 +01:00
simon lehericey
9848dc2295
update brakeman
2020-12-17 10:51:09 +01:00
simon lehericey
d760402393
fix typo
2020-12-16 15:00:26 +01:00
simon lehericey
57bff8ca70
improve deletion mail
2020-12-16 15:00:26 +01:00
kara Diaby
c7643154d1
final optims after sim review
2020-12-16 15:00:26 +01:00
kara Diaby
00b5ad7a10
EQT instructeur, je peux supprimer un dossier terminé
2020-12-16 15:00:26 +01:00
Fabrice Gangler
a8081d4b83
allow configuration of the URLs of FAQ and documentation websites in an .env file
...
Refs: #5801
2020-12-15 16:40:10 +01:00
Christophe Robillard
15a395fbc7
superadmin: check complexity password server side
2020-12-15 16:26:09 +01:00
Christophe Robillard
94b3ec942b
super_admin: check password complexity client side
2020-12-15 16:26:09 +01:00
Fabrice Gangler
3a9f82bd6f
Fix(form /contact-admin): use APPLICATION_NAME
...
Refs: #5799
2020-12-15 16:14:51 +01:00
Fabrice Gangler
064ea776c7
allow default logo of a procedure to be configured in .env file
...
Refs: #5795
2020-12-14 13:41:10 +01:00
simon lehericey
b19dc34cc1
fix deploy i_am_a_worker_test
2020-12-11 09:50:17 +01:00
Paul Chavard
3c6e30a326
Show titre identite link only once watermark is added
2020-12-10 16:50:03 +01:00
clemkeirua
704cafc385
restart delayed_job only for workers
2020-12-10 15:12:05 +01:00
Paul Chavard
5c07882679
Merge pull request #5768 from adullact/5764_allow_images_to_be_configured
...
#5764 - Allow logos (mail, webapp) and favicons to be configured in .env file
2020-12-10 12:54:55 +01:00
Paul Chavard
5e29bb02b2
Merge pull request #5753 from adullact/5752_doc_add_DEMANDE_INSCRIPTION_ADMIN_PAGE_URL_to_env.example.optional
...
#5752 - Doc: add DEMANDE_INSCRIPTION_ADMIN_PAGE_URL to env.example.optional file
2020-12-10 12:54:26 +01:00
Christophe Robillard
23ae528c6b
affiche Madame ou Monsieur
...
mais continue à enregistrer en base Mme ou M.
2020-12-08 21:30:54 +01:00
Fabrice Gangler
0d80d2ddd1
allow logos (mail, webapp) and favicons to be configured in .env file
...
Refs: #5764
2020-11-27 01:41:47 +01:00
Fabrice Gangler
fe630b02b0
doc: add DEMANDE_INSCRIPTION_ADMIN_PAGE_URL to env.example.optional file
...
Refs: #5752
2020-11-25 19:51:48 +01:00
Paul Chavard
18dfacb933
Make watermark configurable
2020-11-25 16:19:06 +01:00
Paul Chavard
b48e7813d2
Put watermark code behind a feature flag
2020-11-25 16:19:06 +01:00
Paul Chavard
371179dc5b
Watermark titres identite
2020-11-25 16:19:06 +01:00
Fabrice Gangler
d3caf30bf3
allow CGU URL and Legal Notice URL to be configured in .env file
...
Refs: #5754
2020-11-20 22:11:42 +01:00
Christophe Robillard
d91e9b372f
add sendinblue login link to manager
2020-11-16 12:19:54 +01:00
Christophe Robillard
9347951cea
act as an saml identity provider
2020-11-16 12:19:54 +01:00
clemkeirua
fc690df554
add access to super admins to delayed_job and flipper
2020-11-09 07:48:15 +00:00
Christophe Robillard
5562e65bf3
refacto: rename administration to super_admin
2020-11-05 16:03:55 +01:00
Christophe Robillard
a88172eb01
configure otp_secret_key secret
2020-11-05 16:03:55 +01:00
Christophe Robillard
efd8ec85e8
recover superadmin password or reset otp
2020-11-05 16:03:55 +01:00
Christophe Robillard
8d23f6ae99
remove useless redirection for manager sign_in and out
...
The manager alias for signin causes layout problems
2020-11-05 16:03:55 +01:00
Christophe Robillard
2a0ebd062a
enable 2FA for manager
...
when trying to access manager, if superadmin did'nt enable otp, he/she is redirected to a page to enable 2FA. When superadmin is enabling 2FA, he has to to scan a qrcode with the 2FA application client. And afterwards, the superadmin has to log in with email, password and OTP code.
2020-11-05 16:03:55 +01:00
Christophe Robillard
305ccdc0cd
add recoverable and two_factor stragegy for administration
2020-11-05 16:03:55 +01:00
Christophe Robillard
6c2eb22960
remove github authentication for manager
2020-11-05 16:03:55 +01:00
simon lehericey
d82d1132c2
Remove rack_mini_profiler from prod as it could show env var and force us to allow unsafe_eval and script in csp
2020-10-30 17:08:31 +01:00
kara Diaby
3d56b1d8b0
fix bootstrap cdn
2020-10-22 15:00:01 +02:00
clemkeirua
f298d2c2ba
dedicated screen for inspecting user emails
2020-10-13 17:36:43 +02:00
clemkeirua
d7fff61d5d
ajout de la gem sendinblue
2020-10-13 17:36:43 +02:00
clemkeirua
27b8797296
ajout d'une route /manager/users/:id/emails
2020-10-13 17:36:43 +02:00
Kara Diaby
0bd48999bd
Revert "feat/5635 - Supprime la possibilité pour l'expert invité d'envoyer un message"
2020-10-12 09:24:34 +02:00
kara Diaby
6636b7f14c
Supprime la possibilité pour l'expert invité d'envoyer un message à l'usager
2020-10-08 11:14:09 +02:00
Paul Chavard
0aa06d0197
[GraphQL] expose dossier pdf, geojson and attestation
2020-10-06 21:54:43 +02:00
kara Diaby
57adb90c8f
add the possibility for administrator to refuse external review on a specific procedure
2020-10-01 10:55:19 +02:00
kara Diaby
e174079850
fix send a copy link
2020-09-30 10:03:08 +02:00
clemkeirua
0d88674cea
better translations
2020-09-25 09:35:16 +00:00
Paul Chavard
a49c962ab3
Redirect demandes to DEMANDE_INSCRIPTION_ADMIN_PAGE_URL
2020-09-24 09:57:43 +02:00
Paul Chavard
ea4bcf59ad
remove demandes/new page
2020-09-23 16:27:17 +02:00
kara Diaby
cb4e91c405
Add iban type de champ
2020-09-23 15:56:26 +02:00
Christophe Robillard
61ea73580f
use buttons instead of select for contact page
2020-09-22 16:09:15 +02:00
clemkeirua
111f309c7f
changement de l'adresse de création de compte administrateur
2020-09-21 17:02:37 +02:00
clemkeirua
f9c4e967d6
remove :autosave_dossier_draft
2020-09-21 08:46:01 +00:00
kara Diaby
5c68d75107
add titre_identite champ
2020-09-18 14:57:08 +02:00
clemkeirua
1e32a3c11f
add complexity check to admin account creation
2020-09-18 11:16:34 +02:00
clemkeirua
08d0fa80fa
remove old route
2020-09-17 14:03:31 +02:00
clemkeirua
6643b598c3
remove :administrateur_graphql
2020-09-17 09:24:50 +02:00
clemkeirua
1be07c1ef5
remove :administrateur_champ_integer_number
2020-09-17 09:24:50 +02:00
clemkeirua
01ac4d7e19
remove operation_log_serialize_subject
2020-09-17 09:24:50 +02:00
kara Diaby
13e4589905
Publications page to the new UI (admin)
2020-09-16 09:15:44 +02:00
simon lehericey
5459c2fa7f
Fix uninitialized excon constant
2020-09-08 18:36:24 +02:00
simon lehericey
19d73f13f0
variabilize banner message
2020-09-08 14:52:42 +02:00
kara Diaby
ae61c279af
migrate emails text editor to new interface
2020-09-03 14:42:22 +02:00
simon lehericey
bd6705b90a
Remove image and video analyzer which are not used
2020-09-02 17:00:26 +02:00
Judith
7eee9beed7
adapting the specs
2020-09-01 16:48:41 +02:00
Judith
9553dae7bd
gem devise-i18n added to Gemfile to remove the config/locales/devises.*.yml files.
2020-09-01 16:47:40 +02:00
Judith
25a24ba7c8
removal of translation keys already present in the gem rails-i18n
2020-09-01 16:33:58 +02:00
Fabrice Gangler
1a43f888fb
Feat: allow to disable France-Connect
...
Refs: #5440
2020-09-01 15:51:10 +02:00
Judith
7bc5a0a278
internationalization of /contact-admin
2020-09-01 12:58:19 +00:00
Fabrice Gangler
60d6b1909d
Fix for using APPLICATION_NAME in .env file
...
Refs: #5450
2020-08-28 03:46:19 +02:00
Judith
af25fdd77c
gem http_accept_language installed and (de)activable with feature flag
2020-08-27 16:15:01 +02:00
Judith
bfa4231f5e
date and number formats changed according to rails-I18n locale
2020-08-27 11:03:34 +02:00
Judith
2f0953692c
Internationalization of the Contact page in FR and EN
2020-08-27 11:03:34 +02:00
Pierre de La Morinerie
82c89fb56f
config: remove comment about ActiveStorage integration with VirusScanner
...
As the comment states, it would be nice to load the Virus Scanner on
the Attachment (rather than the blob).
However, in order not to clobber the blob metadata, we want to run the
VirusScanner once the blob analyzer did run.
And the most direct way to detect that the blob analyzer did run is to
add an `on_update_commit` hook on the blob, as this hook will be
trigerred when saving changes to the metadata. This is what the current
solution uses.
So the current solution is almost optimal, and has a low chance of
accidentally clobbering the blob metadata – as the virus scanner is only
started when the analysis phase is finished.
2020-08-26 16:11:01 +02:00
Christophe Robillard
090a247ba9
validates phone champ server side
2020-08-20 15:33:03 +02:00
Pierre de La Morinerie
d77efec7a0
config: enable active_record.belongs_to_required_by_default
2020-08-18 15:57:37 +02:00
Pierre de La Morinerie
ededf5c6c5
config: don't explicitely eager-load lib/
...
Rationale:
- `lib/` is supposed to contain code mostly independant from Rails;
- By default, Rails doesn't eager-load `lib/` anymore (this used to be
the case, but since a few releases).
If this commits triggers some errors, then these errors should be fixed
(rather that `lib/` being added again to the load path).
2020-08-18 11:02:09 +02:00
Pierre de La Morinerie
c514898b84
config: don't explicitely eager-load controllers/concerns
...
Per the documentation, Rails automatically loads `**/concerns` paths.
See https://guides.rubyonrails.org/autoloading_and_reloading_constants_classic_mode.html#autoload-paths-and-eager-load-paths
2020-08-18 11:02:09 +02:00
kara Diaby
9b66c894b2
Adapt configuration email view to the new UI
2020-08-06 16:56:24 +02:00
Pierre de La Morinerie
527a330c7a
config: use Rails 6.0 config defaults
...
We already flipped the new defaults, so this is a no-op.
2020-08-05 17:22:46 +02:00
Pierre de La Morinerie
bc0244456c
config: explicitely use the classic autoloader
...
I'm sure we can use zeitwerk in the future, but let's retain the classic
loader until the config issues are proved to be safe.
2020-08-05 17:22:46 +02:00
Pierre de La Morinerie
fbbcd97463
config: flip config.active_record.collection_cache_versioning
...
This is related to internal cache implementation, and doesn't affect us.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
4a9f081cfc
config: flip config.action_mailer.delivery_job
...
This is safe in all cases – except that it prevents a downgrade to
Rails 5. We don't intend to downgrade now, so this is fine.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
b556e2a99a
config: flip config.active_storage.replace_on_assign_to_many
...
We don't have any `has_many_attached` relations in the code base, so
this is safe.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
54a4db1c47
config: flip config.active_storage.queues
...
ActiveStorage jobs are now moved to their own queue.
For consistency, we also move our own analysis jobs (VirusScannerJob)
on the same `:active_storage_analysis` queue.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
c6cdd08373
config: flip config.active_job.return_false_on_aborted_enqueue
...
We don't have any instance of aborting inside a job in the code base,
so this setting is safe to flip.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
65809f8ea0
config: flip action_dispatch_return_only_media_type_on_content_type
...
This makes `ActionDispatch::Controller#content_type` return not only
the MIME type, but also in some circumstances the charset.
Example:
```ruby
reponse.content_type == 'text/html; charset=utf-8'
```
The MIME type-only fragment can now be accessed using `#media_type`.
Changes to the tests are not stricly necessary (because no charset is
present in the actual value), but represent the intent better.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
8427f0eb75
config: flip config.action_dispatch.use_cookies_with_metadata
...
This makes cookies more secure, by adding an automatic "purpose" field
to each cookie.
Cookies generated by Rails 5 are still forward-compatible. However
from now on the generated cookies will not be backward-compatible with
Rails 6.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
e8fa65f79d
config: flip config.action_view.default_enforce_utf8
...
This prevents charset workaround on IE 8 and lower. We don't support
these browsers anyway, so we can flip the feature off.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
a1be888f7c
config: use Rails 5.2 config defaults
2020-08-05 16:48:29 +02:00
Pierre de La Morinerie
0d55919fab
config: use Rails 5.1 defaults
...
New or changed defaults are:
- config.assets.unknown_asset_fallback: false
- config.action_view.form_with_generates_remote_forms: true
2020-08-05 13:02:56 +02:00
Kara Diaby
4afc07c677
Merge pull request #5403 from tchak/add-carte-ign
...
Add carte ign
2020-08-03 11:04:32 +02:00
jpoulvel
bf94cc021b
Merge pull request #5424 from betagouv/new_design_edit_attestation
...
New design page admin/attestation_templates/edit
2020-07-31 11:18:22 +02:00
Paul Chavard
4c87e547b3
Put IGN map behind a feature flag
2020-07-30 17:22:28 +02:00
Paul Chavard
f1cbc9846e
Add carte ign
2020-07-30 16:58:20 +02:00
Keirua
b3e98048f9
Merge pull request #5418 from betagouv/mise-en-avant-france-connect
...
#5428 - France connect avant les boutons de login/signup
2020-07-30 10:32:12 +02:00
jpoulvel
62e04a6ca9
Merge branch 'dev' into new_design_edit_attestation
2020-07-30 09:53:09 +02:00
kara Diaby
d4c6e501c6
Ajoute la liste des démarches de l'interface administrateur sur la nouvelle UI
2020-07-29 15:35:52 +02:00
Judith
5df3838173
- tranferred controllers from admin to mew_administrateur
...
- removed admin/attestation_templates views
- changed routes accordingly
2020-07-29 12:26:27 +02:00
Keirua
347dbe4c87
Merge pull request #5417 from betagouv/cleanup-incident-janvier
...
Suppression du message d'alerte suite aux problèmes d'upload
2020-07-29 11:00:12 +02:00
clemkeirua
b8eea05163
ajout de traductions
2020-07-29 09:27:16 +02:00
clemkeirua
db0d230531
add cdn.jsdeliver.net to the CSP
2020-07-27 16:54:46 +02:00
clemkeirua
de1df85462
suppression du message d'alerte suite aux problèmes d'upload
2020-07-27 10:32:03 +02:00
Fabrice Gangler
1352cde321
Feat: allow emails senders to be configured in .env file
...
Refs: #5408
2020-07-24 10:50:55 +02:00
clemkeirua
7e085c657d
specific deactivation of rubocop DS/ApplicationName rule
2020-07-23 16:20:16 +02:00
clemkeirua
c658428441
added application name in config/
2020-07-23 16:17:54 +02:00
clemkeirua
c1208add62
remplacement de demarches-simplifiees.fr par un paramètre dans les vues
2020-07-23 16:16:36 +02:00
clemkeirua
31a262efef
extraction d'urls doc/faq/… dans url.rb
2020-07-23 16:16:36 +02:00
clemkeirua
3340a2b091
ajout du nom d'application tot au demarrage
...
The application name is used in the views, but also in the initializers and in the config/ directory
According to rails doc (https://guides.rubyonrails.org/v6.0/configuring.html#locations-for-initialization-code ),
if we want to do some things before the initializers and the environment, the only place to do so is in config/application.rb
2020-07-23 16:16:36 +02:00
Paul Chavard
8b9e73a30a
Merge pull request #5382 from adullact/feat_status-page-customisation
...
#5379 - Allow status page URL to be configured in the .env file
2020-07-22 22:10:58 +02:00
Paul Chavard
35461f0159
Add revisions migrations
2020-07-21 19:35:30 +02:00
Keirua
b2aa90b729
Merge pull request #5392 from betagouv/fix-CI-accessibility-errors
...
Fix CI accessibility errors
2020-07-21 17:15:45 +02:00
krichtof
8c5308b9dc
Merge pull request #5396 from betagouv/5395-relancer-expert
...
5395 instructeur : relance un expert pour une demande d'avis
2020-07-21 15:02:53 +02:00
Christophe Robillard
689a51588f
translations for avis list view
2020-07-21 10:46:55 +02:00
Fabrice Gangler
62672c02e0
move STATUS_PAGE_URL into env.example.optional
2020-07-20 16:37:31 +02:00
Fabrice Gangler
f7402afa06
add env.example.optional
2020-07-20 16:31:02 +02:00
Christophe Robillard
d9cb5c067f
relance un expert
2020-07-20 16:26:16 +02:00
Christophe Robillard
bde8fe2c5d
update wording for revoke
2020-07-20 16:08:35 +02:00
Pierre de La Morinerie
b192b48fc7
config: use Rails 5.0 options
...
Stop overriding Rails 5.0 options, and use the framework defaults.
(Except for `active_record.belongs_to_required_by_default`, which is a
lot of work and will be fixed later.)
2020-07-20 15:54:48 +02:00
clemkeirua
c0cf8b1341
fix display of labels for datetime on screenreaders
2020-07-20 11:37:01 +02:00
Gangler Fabrice
39feca251d
allow status page URL to be configured in .env
2020-07-17 15:53:49 +02:00
Christophe Robillard
3ea34834a7
revoke expert avis
2020-07-16 21:05:11 +02:00
kara Diaby
9dc542af09
Revert "Revert "Feat/5287 - New design for admin procedure detail""
...
This reverts commit cf5eb3f251
.
2020-07-15 17:00:03 +02:00
Christophe Robillard
8111babdd6
user: revoque un invité sur un dossier
2020-07-14 18:25:31 +02:00
Kara Diaby
cf5eb3f251
Revert "Feat/5287 - New design for admin procedure detail"
2020-07-13 11:36:42 +02:00
kara Diaby
7f3b38cfee
Merge admin dashboard to new design for procedure details
2020-07-09 12:18:22 +02:00
clemkeirua
60c3047e4f
mise à jour de doc pour se passer d'overmind
2020-07-09 09:32:09 +02:00
Christophe Robillard
2c56511204
validate api_entreprise_token
2020-07-08 18:59:22 +02:00
Christophe Robillard
8f9d6d2871
show which instructeur took decision and when
...
and also replace "sans suite" by "classé sans suite"
2020-07-08 18:15:15 +02:00
Pierre de La Morinerie
58c97efde4
config: enable debug assets in development
...
Historically, debug assets were disabled because they made reloading
pages very slow. This seems fixed by Rails 6.
2020-07-08 17:48:21 +02:00
clemkeirua
68b37cf6aa
config: make default Rails 5 config explicit
2020-07-08 11:00:12 +02:00
Pierre de La Morinerie
e2b8545222
config: fix missing default list of allowed HTML tags
...
See https://github.com/rails/rails/issues/39586
2020-07-07 18:03:56 +02:00
Paul Chavard
6a24c3f812
Rails app:update
2020-07-07 18:03:56 +02:00
Judith
9793128f61
'Services' routes moved under 'new_administrateur' scope and '/admn' added in their url
2020-07-07 14:08:01 +00:00
Judith
782706537d
Changed the routes to pass all new design admin pages under
...
'new_administrateur' scope, except 'services'.
As a result, the url of these pages will all include '/admin'.
2020-07-07 14:08:01 +00:00
Christophe Robillard
1d86f863d3
rename avis#all to avis#index
2020-06-30 09:17:27 +02:00
Christophe Robillard
bbec76d33b
rename avis#index to avis#procedure
2020-06-30 09:17:27 +02:00
Christophe Robillard
90d6d337a9
explain redirection urls for expert
2020-06-30 09:17:27 +02:00
Christophe Robillard
84d619c974
redirect old urls in avis mails with new urls
2020-06-30 09:17:27 +02:00
Christophe Robillard
72d27ffdb2
replace instructeur_avis_index url by instructeur_all_avis url
2020-06-30 09:17:27 +02:00
Christophe Robillard
dcb9afaf25
refactor expert avis url : fix avis_controller_spec
2020-06-30 09:17:27 +02:00
kara Diaby
6b07cc0659
Move admin/assigns to the new UI like groupe_instructeurs
2020-06-29 14:44:28 +02:00
clemkeirua
6452a20491
rename 'Menu déroulant's
2020-06-29 08:59:12 +00:00
simon lehericey
102fb6629e
remove ip constraint on ping
2020-06-22 15:29:51 +02:00
clemkeirua
6a3811a4e2
fix catalog v3
2020-06-19 14:20:32 +02:00
clemkeirua
319655482f
clean config for keystone v3
2020-06-19 14:20:32 +02:00
krichtof
ff6eaf73db
Revert "Suppression de l'utilisation de Keystone v2"
2020-06-04 17:32:25 +02:00
Paul Chavard
901b6e23a8
Remove legacy carto
2020-06-04 16:03:23 +02:00
clemkeirua
def744d627
remove now useless keystone v2
2020-06-04 12:05:27 +00:00
Christophe Robillard
705487dab6
define max_attempts for jobs
2020-06-02 20:21:11 +02:00
clemkeirua
868decd06e
add overide for fog openstack v3
2020-06-02 15:03:37 +02:00
Pierre de La Morinerie
b0db74ea79
config: fix spring randomly crashing in the pg gem
...
See https://github.com/ged/ruby-pg/issues/311
2020-05-25 09:23:41 +00:00
Pierre de La Morinerie
c9820adbc4
urls: fix link to autosave FAQ article
2020-05-18 16:53:19 +02:00
Pierre de La Morinerie
6eca93faab
urls: fix link to admin FAQ category
2020-05-18 16:53:19 +02:00
clemkeirua
22a518c921
ajout d'un bouton d'export des mails des demandeurs
2020-05-18 12:46:42 +00:00
Pierre de La Morinerie
93bb5283ff
app: remove the feature flag for pieces justificatives auto-upload
...
The feature works as intended: we can remove the feature flag.
2020-05-14 17:39:07 +02:00
Keirua
a869a04e1e
Mise à jour de l'URL de doc sur l'archivage
...
Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>
2020-05-13 16:45:27 +02:00
clemkeirua
84888be255
clarification de l'archivage/suppression
2020-05-13 16:45:27 +02:00
Christophe Robillard
aab4bb81ee
return bilan bdf csv for expert
2020-05-11 13:05:50 +02:00
Paul Chavard
4f2e504cc2
Add carto import api
...
takes a FeatureCollection to import and returns an augmented champ FeatureCollection
2020-05-07 12:06:42 +02:00
Paul Chavard
05e408225b
Implement atomic operations on MapEditor
2020-05-06 16:46:14 +02:00
Christophe Robillard
22e2c2e133
render csv bidf bilans
2020-04-30 16:15:16 +02:00
Paul Chavard
843e033c38
Allow instructeurs to download a GeoJSON document for a given dossier
2020-04-30 15:49:43 +02:00
kara Diaby
2fc438ab65
Fix safari and firefox compatibility mapbox gl
2020-04-30 14:14:03 +02:00
Christophe Robillard
14ff18ca80
store specific api-entreprise token for a procedure
2020-04-28 15:17:11 +02:00
clemkeirua
1ac7ec2dca
precision dans mail suppression dossier en construction
2020-04-28 12:42:00 +00:00
kara Diaby
9aea1fffee
Migrate the map editor to mapbox-gl with react component
2020-04-27 11:30:32 +02:00
Paul Chavard
f1b531911b
Handle processed dossiers in deletion mailers
2020-04-22 15:39:10 +02:00
Pierre de La Morinerie
37645d3df2
config: fix (again) the CSP when running a LiveReload server locally
...
When running the app using `bin/webpack-dev-server` (the external
(and fast) assets server), LiveReload is used. We need to explicitely
allow the LiveReload connections in the CSP policy.
Turns out we now need to specify the protocol explicitely.
2020-04-20 17:24:16 +02:00
Pierre de La Morinerie
968e470684
config: never cache rails-generated pages
...
This instruct browsers to never cache content directly generated by the
controllers. This includes HTML pages, JSON responses, PDF files, etc.
This is because Some mobile browsers have a behaviour where, although
they will delete the session cookie when the browser shutdowns, they
will still serve a cached version of the page on relaunch.
The CSRF token in the HTML is then mismatched with the CSRF token in the
session cookie (because the session cookie has been cleared). This
causes form submissions to fail with an
"ActionController::InvalidAuthenticityToken" exception.
To prevent this, tell browsers to never cache the HTML of a page.
(This doesn’t affect assets files, which are still sent with the proper
cache headers).
See https://github.com/rails/rails/issues/21948
2020-04-14 18:29:17 +02:00
Paul Chavard
7a8fd3c679
Use graphql playground instead of graphiql
2020-04-09 19:38:19 +02:00
Christophe Robillard
ae18ff6627
Notifie tous les instructeurs lors dépôt dossier
...
- envoie un mail à tous les instructeurs d'une procédure après le dépôt
d'un nouveau dossier
2020-04-09 14:33:56 +02:00
Christophe Robillard
415d5c765e
envoie une notification à chaque follower_instructeur après un commentaire déposé
2020-04-09 14:17:07 +02:00
kara Diaby
d18bc1c421
Improve the mapbox-gl support detection for older browsers
2020-04-09 11:01:20 +02:00
kara Diaby
56e9834389
Revert "Revert "Revert "Revert "feat/4893 - migrate the mapReader to mapbox-gl with react""""
...
This reverts commit 473ed00b6c
.
2020-04-09 11:01:20 +02:00
Pierre de La Morinerie
7e19dd2cda
Revert "Revert "Fix middle-click on "Delete attachment" button""
...
This reverts commit 6e8bd6957f
.
2020-04-09 10:40:08 +02:00
clemkeirua
34188c432c
refactor _new_header so that user and instructeur search share similar signature
2020-04-09 09:42:31 +02:00
Pierre de La Morinerie
6e8bd6957f
Revert "Fix middle-click on "Delete attachment" button"
2020-04-08 17:40:58 +02:00
Pierre de La Morinerie
8ceb555941
routes: cleanup attachment routes
2020-04-08 11:57:06 +02:00
kara Diaby
473ed00b6c
Revert "Revert "Revert "feat/4893 - migrate the mapReader to mapbox-gl with react"""
...
This reverts commit fe0b3c2215
.
2020-04-07 18:14:07 +02:00
kara Diaby
fe0b3c2215
Revert "Revert "feat/4893 - migrate the mapReader to mapbox-gl with react""
...
This reverts commit 3e21b78142
.
2020-04-07 18:11:11 +02:00
Pierre de La Morinerie
3e21b78142
Revert "feat/4893 - migrate the mapReader to mapbox-gl with react"
2020-04-07 15:32:14 +02:00
Pierre de La Morinerie
91260e2867
dossier: fix upload route of piece_justificative in repetitions
...
In repetitions, `form.index` doesn't make much sense. Turns out we
don't really need the index of the champ: we can just use the champ id.
2020-04-06 11:50:31 +02:00
kara Diaby
aa56cfd7a0
migrate map to mapbox-gl with a react component
2020-04-02 15:39:47 +02:00
Paul Chavard
7ba4c513e6
Refactor notify near deletion mailers
2020-04-01 17:40:52 +02:00