Commit graph

5945 commits

Author SHA1 Message Date
Frederic Merizen
2eb2e2887d
Merge pull request #2742 from betagouv/frederic/fix_2579-injection_sql_filtrage_instructeur
Injection sql filtrage instructeur
2018-10-03 10:38:33 +02:00
Frederic Merizen
8bb08a1b8b [#2579] Validate columns on ProcedurePresentation model 2018-10-03 10:17:46 +02:00
Frederic Merizen
103f466cb8 [Fix #2579] Protect get_value against method name injection 2018-10-03 10:17:46 +02:00
Frederic Merizen
6fa0c8d2d6 [#2579] Add unit tests for get_value 2018-10-03 10:17:46 +02:00
Frederic Merizen
1ac8840bc9 [#2579] Protect against SQL injection on column and table in filtered_ids 2018-10-03 10:17:46 +02:00
Frederic Merizen
670edc3279 [#2579] Sanitize order 2018-10-03 10:17:46 +02:00
Frederic Merizen
314e9354c1 [#2579] Simplify sorted_ids 2018-10-03 10:17:46 +02:00
Frederic Merizen
3bb6fd2d47 [#2579] Remove no-op
(sanitize_sql_for_order does not do anything when its argument is a string)
2018-10-03 10:17:46 +02:00
Frederic Merizen
d2362c29ed [#2579] Add unit tests for DossierFieldService.sorted_ids 2018-10-03 10:17:46 +02:00
Frederic Merizen
b8f88ece5c [#2579] Fix injection SQL dans le filtrage instructeur 2018-10-03 10:17:46 +02:00
Pierre de La Morinerie
21d1788018
Merge pull request #2731 from tchak/remove-cgu-checkbox
Remove CGU checkbox
2018-10-03 09:19:20 +02:00
Paul Chavard
941c529b2c Remove CGU checkbox
fix #2725
2018-10-03 08:59:02 +02:00
Pierre de La Morinerie
651f459dcc
Merge pull request #2746 from betagouv/frederic/drop_search_view
Remove now unused view
2018-10-03 08:27:11 +02:00
Frederic Merizen
892f9ca668 Remove now unused view 2018-10-02 18:30:30 +02:00
Mathieu Magnin
32bdd79f8a
Merge pull request #2736 from betagouv/add-mail-templates-to-manager
Add mail templates to manager
2018-10-02 17:38:07 +02:00
Mathieu Magnin
1dc2c30b24 Add mail templates to manager 2018-10-02 17:27:28 +02:00
Mathieu Magnin
a6910d668e
Merge pull request #2737 from betagouv/fix-2674
Add Services to manager
2018-10-02 16:27:14 +02:00
Mathieu Magnin
a029aa62b1 [Fix #2674] Add Services to manager 2018-10-02 16:17:17 +02:00
Pierre de La Morinerie
776e684b1b
Merge pull request #2734 from betagouv/remove-old-dossier-details
[Dossier] Suppression de l'ancien code
2018-10-02 16:04:28 +02:00
Pierre de La Morinerie
20f0151e8a dossier: remove pdf.svg 2018-10-02 15:43:37 +02:00
Pierre de La Morinerie
36c1aa118d dossier: remove RecapitulatifController
And add a redirection to the new URLs.
2018-10-02 15:42:29 +02:00
Pierre de La Morinerie
d476953108 dossier: remove Invites view 2018-10-02 14:40:47 +02:00
Pierre de La Morinerie
bf9f427299 dossier: remove DescriptionController 2018-10-02 14:40:47 +02:00
Pierre de La Morinerie
3392df0029 dossier: remove CommentairesController 2018-10-02 14:40:38 +02:00
Pierre de La Morinerie
0e359653db
Merge pull request #2733 from betagouv/more-visible-button
Make the annotations privées submit button more visible
2018-10-02 14:38:52 +02:00
gregoirenovel
553a6b53f2 Make the annotations privées submit button more visible 2018-10-02 14:18:07 +02:00
Pierre de La Morinerie
c50ad6da3a
Merge pull request #2723 from betagouv/dossier-details-remove-feature-flag
[Dossier] Suppression du feature-flag
2018-10-02 12:32:54 +02:00
Pierre de La Morinerie
758ccff984 dossier: remove feature flag 2018-10-02 12:25:44 +02:00
Pierre de La Morinerie
f007eaa2ee dossier: enable new UI by default 2018-10-02 12:23:53 +02:00
Pierre de La Morinerie
1cf316017f
Merge pull request #2708 from betagouv/fix-2707
Ajout d'une astuce dans l'ajout d'instructeur
2018-10-02 11:50:44 +02:00
Chaïb Martinez
da134c6d4b Ajout d'une astuce dans l'ajout d'instructeur 2018-10-02 11:43:44 +02:00
gregoirenovel
cc2294918d
Merge pull request #2727 from betagouv/fix-destroy
Fix scope for logo/notice/deliberation deletion
2018-10-02 11:14:27 +02:00
gregoirenovel
cf69c28979 Fix scope for logo/notice/deliberation deletion 2018-10-02 11:03:48 +02:00
gregoirenovel
696f3cd8f9
Merge pull request #2721 from betagouv/end-if
Do one thing per line
2018-10-01 16:18:44 +02:00
gregoirenovel
b994fa4206 Do one thing per line 2018-10-01 16:15:46 +02:00
Pierre de La Morinerie
8a55fba127
Merge pull request #2724 from betagouv/tour-de-france-fix
Fix a mistake in the Tour de France page
2018-10-01 16:11:13 +02:00
gregoirenovel
3965709bd0 Fix a mistake in the Tour de France page 2018-10-01 15:33:19 +02:00
Paul Chavard
8c5c70b783
Merge pull request #2688 from betagouv/wip/refactor-dropdowns
dropdown: refactor to make the button an actual button
2018-09-27 17:55:18 +02:00
Pierre de La Morinerie
cd938b4c36 dropdown: refactor to make the button an actual button 2018-09-27 17:43:08 +02:00
Paul Chavard
3ede25e1b0
Merge pull request #2706 from betagouv/fix-links
[Dossier] Correction des anciens liens restants
2018-09-27 17:42:29 +02:00
Pierre de La Morinerie
c79c1a2636 carto: update link to dossier 2018-09-27 17:22:59 +02:00
Pierre de La Morinerie
0526551e71 templates: update link to dossier 2018-09-27 17:22:59 +02:00
Pierre de La Morinerie
40cf7ebdcb mailers: update links to messagerie 2018-09-27 17:22:59 +02:00
Pierre de La Morinerie
5f1ce48d2e invites: update link to dossier 2018-09-27 17:22:59 +02:00
Pierre de La Morinerie
08dfe7d13a support: update link to messagerie 2018-09-27 17:22:59 +02:00
Pierre de La Morinerie
421a4107da dossier: rename dossier_spec to brouillon_spec 2018-09-27 17:22:59 +02:00
Paul Chavard
8a01d60595
Merge pull request #2701 from tchak/password-check-as-ujs
Replace password strength js with ujs
2018-09-27 16:20:07 +02:00
Paul Chavard
3c66fceba5 Replace password strength js with ujs 2018-09-27 16:00:14 +02:00
Paul Chavard
f0aa78c8a8
Merge pull request #2693 from tchak/draft-demarche-ux
Add more information about lien demarche
2018-09-27 15:59:49 +02:00
Paul Chavard
5a795ae30b Add more information about lien demarche 2018-09-27 15:47:33 +02:00