Commit graph

668 commits

Author SHA1 Message Date
Eric Leroy-Terquem
cd9cc65e99 feat(routing): add a feature flag on multi line routing 2023-11-06 15:25:45 +01:00
seb-by-ouidou
528c51cb5e feat: US4.3.9 children management 2023-10-26 10:46:18 +00:00
Martin
a4ef3cdf23 tech(ActiveModel.types.json): renomme en simple_json pour eviter la confusion avec ActiveRecord.types.json 2023-10-19 09:30:52 +02:00
Martin
ecb3909e99 chorus(autocomplete): autocomplete sur le centre de cout, domaine fonctionnel, referentiel de programmation 2023-10-19 07:14:27 +02:00
Eric Leroy-Terquem
37b9420054 fix routage doc url 2023-10-13 16:15:31 +02:00
Eric Leroy-Terquem
e6b98a1e82 doc(routage): add link to routage doc in options page 2023-10-04 14:23:25 +02:00
Colin Darie
c9bde31ef2
Merge pull request #9470 from colinux/improve-watermark
ETQ instructeur: nouveau filigrane des titres d'identité qui améliore la lisibilité des images
2023-09-12 12:09:58 +00:00
Colin Darie
201b31bf36
refactor(watermark): small text based watermarked to increase document visibility 2023-09-12 13:04:31 +02:00
Colin Darie
6e5c466e57 style: update favicons with chart color, apple touch icon and shortcuts names 2023-09-11 17:48:12 +02:00
Bastien Ogier
f7d109a851 changed(brevo): use env vars for smtp relay address and port. 2023-09-06 11:31:24 +02:00
simon lehericey
4955f5d6ec fix: flipper initialization when db down 2023-08-31 12:14:33 +02:00
Martin
a3c6a2c46f correctif(dolist): utilise des liens vers les logos des procedures plutôt que des attachements.inlined 2023-08-14 13:09:05 +02:00
Paul Chavard
ca4066939c chore(pipedrive): remove pipedrive 2023-08-10 10:29:25 +02:00
Paul Chavard
b404064d3b feat(graphql): add mutation flag to lograge 2023-08-02 13:20:58 +02:00
Paul Chavard
0ca72492e3 feat(graphql): use camelize with inflection 2023-08-01 14:55:08 +02:00
Martin
2c3cce104a tech(smtp): passe du relai SMTP de SendInBlue vers le relai SMTP Brevo [changement de nom de la boite] 2023-07-17 15:51:15 +02:00
Colin Darie
e74f4db8c8
feat(sva): under feature flag 2023-07-11 10:02:45 +02:00
Colin Darie
bb4a6e22ce
chore(schema): +procedures#sva_svr 2023-07-11 10:01:45 +02:00
Colin Darie
3885864200
Merge pull request #9289 from demarches-simplifiees/new_pj_scheme
Change le nommage des pjs à %Y/%m/%d/sd/sd.....
2023-07-10 13:20:34 +00:00
Paul Chavard
d5820277c0 feat(cojo): add cojo type de champ 2023-07-10 14:57:34 +02:00
simon lehericey
db70624398 feat(pj): change naming scheme to %Y/%m/%d/sd/sd..... 2023-07-10 11:44:33 +02:00
Eric Leroy-Terquem
7598b0a513 remove previous routing sytem code 2023-07-03 14:58:45 +02:00
simon lehericey
7ce7a3f62c feat: change pj token to year/aa/bb/token to spread pjs under namespaces 2023-06-26 13:50:18 +02:00
kleph
976f46717b prevent /ping requests from being written in centralized_logs
fix #8926
2023-06-21 17:11:32 +02:00
mfo
ab1399da57
Merge pull request #9209 from mfo/US/intercept-email-delivering
amelioration(email_event): re-lever une erreur dans un rescue_from ne la fait pas remonter. change de stratégie pour savoir si oui ou non un mail a ete envoye avec success.
2023-06-20 14:55:49 +00:00
Martin
9b2d05b8a1 amelioration(email_event): re-lever une erreur dans un rescue_from ne la fait pas remonter. change de stratégie pour savoir si oui ou non un mail a ete envoye avec success. 2023-06-20 13:39:29 +02:00
Eric Leroy-Terquem
98cdc63d5c add rerouting feature flag 2023-06-15 14:34:02 +02:00
Paul Chavard
10524643fb fix(hack): fix and test hack for procedures using groupe instructeur api 2023-06-14 19:24:58 +01:00
simon lehericey
f85fa08415 fix: sentry use http_proxy if available 2023-06-09 11:03:04 +02:00
Colin Darie
2a948c6145 chore(dev): report to CSP_REPORT_URI instead of non existing /csp 2023-06-01 19:11:20 +02:00
Colin Darie
de0626eb7a feat(pj): accepts audio .m4a, .aac, .wav as attachment
Closes #9082
2023-05-31 12:52:22 +02:00
krichtof
0051face93
Merge pull request #9014 from demarches-simplifiees/8859-default_zones
Etq admin, lors de la création ou modification d'une démarche, des zones par défaut me sont suggérées
2023-05-26 17:25:21 +00:00
Colin Darie
60733ce44e
Merge pull request #9089 from colinux/update-sentry
ETQ tech je mets à jour Sentry pour essayer d'avoir de meilleures traces
2023-05-25 12:14:17 +00:00
Colin Darie
9c71ddd257 chore(sentry): increase trace sample rate for PATCH/POST requests 2023-05-24 18:46:12 +02:00
Christophe Robillard
9a38ec1184 prepare cohabitation of multiple versions of api entreprise 2023-05-24 11:34:29 +02:00
Paul Chavard
e1a25ee0e5 chore(sentry): read sentry release information from version file 2023-05-24 09:41:39 +02:00
Christophe Robillard
53dd2955e4 add tchap hs adapter 2023-05-16 09:40:53 +02:00
Colin Darie
97049f7b2e chore(lograge): fix rails 7 initialization with ApplicationLogSubscriber 2023-05-03 13:18:09 +02:00
Colin Darie
2144c69e22
chore: disable cookies rotation until we enforce SHA256 digests 2023-05-03 11:35:32 +02:00
Colin Darie
ae88c1de6b
fix(devise): default config for devise and turbo stream as navigational format 2023-05-03 11:35:32 +02:00
Colin Darie
33a1e0f22d
fix(loading): in initializer, dolist must be manually loaded 2023-05-03 11:35:31 +02:00
Colin Darie
b3099214b1
chore(rails): we already use json as cookies_serializer 2023-05-03 11:35:31 +02:00
Nicolas Cavigneaux
9097664de5
chore: activate new config defaults for Rails 7 that should be compatible with current version 2023-05-03 11:35:30 +02:00
Nicolas Cavigneaux
6eef70750b
feat: add initializer to handle encrypted cookies rotation
This is needed to keep them working when switching from Rails 6.1 to Rails 7.0
2023-05-03 11:35:29 +02:00
Nicolas Cavigneaux
5ee60cbb0c
chore: update and default initializer for Rails 7 2023-05-03 11:35:29 +02:00
Nicolas Cavigneaux
c1453c5f5c
fix: ensure turbo_stream request are not considered as navigational 2023-05-03 11:35:28 +02:00
Nicolas Cavigneaux
00e640a21d
fix Zeitwerk check 2023-05-03 10:10:38 +02:00
Nicolas Cavigneaux
42689e34ba
chore: bump Rails (and required dependencies) to 7.0.4.2 2023-05-03 10:10:38 +02:00
simon lehericey
07d3496300 spec: always enable super_admin_otp for spec 2023-04-28 10:24:14 +02:00
Colin Darie
5cc2712873
refactor(dolist): drop smtp deliver method 2023-04-27 10:09:29 +02:00
Colin Darie
f7a80eb905
fix: dolist module/class mismatch 2023-04-27 10:09:00 +02:00
Paul Chavard
63b7a83689 feat(graphql): log dossier and procedure id on dossier fetch endoint 2023-04-19 18:00:08 +02:00
Colin Darie
9728493bda
Merge pull request #8924 from colinux/rubocop-upgrades
Tech: update rubocop, active nouveaux cops Rails/*
2023-04-19 13:37:10 +00:00
Colin Darie
b273e7b67e
chore(rubocop): fix Rails/RootPathnameMethods and assimiled cops 2023-04-19 12:55:13 +02:00
Martin
534ce34f87 amelioration(Dolist::ApiSender): lève une Dolist::IgnorableError afin de l'inscrire dans l'historique des EmailEvent 2023-04-19 11:22:13 +02:00
Martin
8fa2bbb67d amelioration(dolist): ne log erreurs pas les erreurs dans sentry lorsque le contact chez dolist est injoingable ou hardbounce 2023-04-19 11:22:13 +02:00
Paul Chavard
a5733002ed feat(graphql): improuve logs 2023-04-05 13:56:26 +02:00
Eric Leroy-Terquem
6f6bbd6ca1 feat(routing): put routing logic behind a feature flag 2023-03-30 10:52:53 +02:00
Colin Darie
b012d00745
Merge pull request #8814 from demarches-simplifiees/webinaire-link-fix
Webinaire link fix
2023-03-29 11:59:23 +00:00
Julie Salha
ed3b2cca6f
update content statement 2023-03-27 10:39:56 +02:00
Colin Darie
9a38da09ed
Merge pull request #8762 from demarches-simplifiees/8589-legal-notice
Accessibilité: internalise la page de mentions légales
2023-03-27 08:12:34 +00:00
Colin Darie
6d3c0de2ab fix(legal): use constant url 2023-03-23 19:01:19 +01:00
Chaïb Martinez
3912f5c93b update link 2023-03-23 16:49:41 +01:00
krichtof
da49497f0b
Merge pull request #8726 from demarches-simplifiees/disable-otp-4-super-admin
desactive le 2FA suivant la config
2023-03-20 10:34:27 +00:00
Colin Darie
c850986c96 chore: log pid for each request 2023-03-15 14:44:31 +01:00
Colin Darie
86f15b8c05 chore(job): config delayed job for long-living export jobs 2023-03-08 18:37:41 +01:00
Christophe Robillard
6af01077b6 disable 2FA according to config
2FA is disabled for superadmin unless `SUPER_ADMIN_OTP_ENABLED` is equal
to `enabled` (default value)
2023-03-02 13:47:48 +01:00
Eric Leroy-Terquem
3aa7793ed3 fix(groupe_instructeurs): can parse a monocolumn csv file 2023-02-22 09:49:26 +01:00
Paul Chavard
6f67ea09bb fix(lograge): send client_ip and request_id to es 2023-02-08 20:09:19 +01:00
Paul Chavard
f22cc8812b secu(graphql): log full queries and variables 2023-02-08 15:10:27 +01:00
Colin Darie
cb98bbad21 Revert "chore(sentry): more traces" 2023-02-06 11:52:30 +01:00
mfo
3cbb491cfc
Merge pull request #8574 from colinux/more-sentry-traces
chore(sentry): more traces
2023-02-06 11:01:06 +01:00
Colin Darie
b3702f4224
chore(sentry): more traces 2023-02-06 10:58:38 +01:00
Martin
6a25120f80 amelioration(dolist_api): echoue avec un fail pour remonter dans notre gestion des retry 2023-02-03 17:19:36 +01:00
Martin
2de9026c13 amelioration(dolist_api): forward le message_id afin de faciliter les investigations 2023-02-03 17:19:36 +01:00
Martin
709a9e82a2 amelioration(dolist): prepare l'usage de dolist par api
amelioration(email): ajoute la delivery_method dolist_api pour envoyer les mails via l'api comme recommandé par le fournisseur
2023-02-03 17:19:36 +01:00
Damien Le Thiec
493a60f221 Add prefill api to rack_attack 2023-01-11 15:35:43 +01:00
François Vantomme
eb812032e1 security(csp): whitelist amazon AWS for S3 storage 2023-01-11 12:59:19 +01:00
François Vantomme
08d276472b refactor(links): use localized FAQ URLs 2023-01-11 11:28:03 +01:00
Colin Darie
05b517a847
fix(mailer): observers on balancer and balanced delivery methods
- Les observers doivent être déclarés *avant*
  le chargement de nos delivery methods (Sendinblue & Dolist),
  sinon ils seront ignorés par ces derniers

- dans le balancer, on ne peut pas appeler `.deliver` une seconde fois,
  sinon les observers (et interceptors) sont invoqués deux fois.
2023-01-11 00:57:16 +01:00
Colin Darie
6cb2389eef chore(email): add an observer which log the emails dispatched 2023-01-10 16:07:35 +01:00
François Vantomme
043dde8841
refactor(env): remove useless DOSSIER_DEPOSIT_RECEIPT_LOGO_SRC var 2022-12-22 19:44:57 +01:00
simon lehericey
172a9d5599 feat(timestamp): add certigna 2022-12-07 19:28:01 +01:00
simon lehericey
8771205679 clean(flipper): remove unused expert_not_allowed_to_invite 2022-12-05 12:22:29 +01:00
simon lehericey
905e3ab64e clean(flipper): remove unused gates 2022-12-05 12:22:29 +01:00
simon lehericey
ebd68484df clean(flipper): remove unused groups 2022-12-05 12:22:29 +01:00
Paul Chavard
07173401de fix(graphql): load playground from CDN 2022-11-17 15:50:05 +01:00
mfo
98b9547c36
Merge pull request #8017 from adullact/feature/self-hosted-sentry
Accepter les instances auto-hébergées de Sentry dans la Content Security Policy
2022-11-17 09:22:08 +01:00
Paul Chavard
6ad057dcee feat(graphql): upgrade playground version 2022-11-15 11:48:29 +01:00
François Vantomme
9bdce77faa
chore(csp): allow self-hosted Sentry 2022-11-08 09:49:45 +01:00
Paul Chavard
7de52d582a feat(conditional): remove conditional feature flag 2022-11-04 13:37:37 +00:00
Eric Leroy-Terquem
09c5b9dc99 remove categories_type_de_champ feature flag 2022-11-03 14:28:27 +01:00
Kara Diaby
b5b57b066f config initializers administrate 2022-11-02 10:19:43 +01:00
Colin Darie
72363eea48 chore(delayed_job/sentry): sample traces different from Rails requests 2022-10-26 22:57:41 +02:00
Colin Darie
59c93833a1 chore(delayed_job/sentry): don't wait for all (~25) attempts before reporting 2022-10-26 22:57:41 +02:00
simon lehericey
097082afc9 fix(dolist): reduce message name variability 2022-10-20 15:29:56 +02:00
simon lehericey
1cd0d45ece chore: mini profiler ignore vite routes 2022-10-06 16:56:26 +02:00
Eric Leroy-Terquem
ff2e9f0816 add feature flag 2022-10-05 09:21:08 +02:00
Martin
7125e8538a clean(engagement): remove last pieces of engagement champs 2022-10-04 07:17:47 +02:00
Christophe Robillard
8303df7263 update saml idp config 2022-10-03 13:41:58 +02:00
Colin Darie
5f08df7561 refactor(dsfr/button): remove useless & verbose Dsfr::ButtonComponent, in favor of good link_to / f.submit 2022-09-07 17:56:19 +02:00
Colin Darie
3148266b49 refactor(rgaa/contact): inject invisible_captcha styles into head instead of div 2022-08-31 17:46:04 +02:00
Christophe Robillard
f77c0fdfe4 add saml sp only if vars present 2022-08-25 21:31:14 +02:00
Christophe Robillard
3d175f107e add dolist saml config 2022-08-23 15:05:20 +02:00
Paul Chavard
f48048179c fix(conditional): enable conditional per procedure 2022-08-03 09:16:10 +02:00
simon lehericey
5d5f46b4d8 instances : prawn does not like svg
win 10% on pdf generation
2022-07-20 15:48:16 +02:00
Martin
87af7f3261 feat(exports): implement admin export 2022-07-20 14:08:33 +02:00
Paul Chavard
ea18c2b9ba chore(build): use vitejs 2022-06-23 15:22:54 +02:00
Pierre de La Morinerie
c1616adf8c app: remove procedure-estimated-fill-time feature-flag
The feature is now enabled for every procedure.

Ref #7338
2022-06-01 11:11:55 +02:00
Pierre de La Morinerie
149c6399f5 view: properly hide labels of the datetime selector
The accessibility labels where not properly hidden, which
resulted in the labels being visible and stacked vertically.
2022-05-31 15:35:40 +02:00
Pierre de La Morinerie
3e91a16895 app: display estimated fill duration on procedure description 2022-05-25 10:39:15 +02:00
Pierre de La Morinerie
4fcb85fd65 app: remove procedure_dossier_papertrail feature flag
The feature is now enabled for all procedures.
2022-05-24 17:32:11 +02:00
simon lehericey
faae2f55d8 Flipper: remove deprecated conf
https://github.com/jnunemaker/flipper/pull/523
2022-05-16 16:10:35 +02:00
Paul Chavard
9e0b3b642f cleanup(sendinblue): remove sendinblue tracking 2022-05-06 11:14:44 +02:00
Martin
3737311390 feat(procedure.procedure_expires_when_termine_enabled): enable by default, allow contributor to choose the default settings of this flag using an env var during migration. ie: DEFAULT_PROCEDURE_EXPIRES_WHEN_TERMINE_ENABLED=true|false
feat(administrateurs/procedures#show): warning/alert when procedure_expires_when_termine_enabled is not true on current procedure

feat(administrateur/procedure#update): after an update redirect to procedure show: suggested by: https://ux.stackexchange.com/questions/55291/after-updating-form-should-redirect-back-to-form-itself-or-to-the-show-page-or-b and confirmed by Olivier

clean(Flipper.archive_zip_globale): no more in use, so remove all occurences

Update app/views/administrateurs/procedures/_suggest_expires_when_termine.html.haml

Co-authored-by: Pierre de La Morinerie <kemenaran@gmail.com>

Update app/views/administrateurs/procedures/_suggest_expires_when_termine.html.haml

Co-authored-by: Pierre de La Morinerie <kemenaran@gmail.com>

Update app/views/administrateurs/procedures/_suggest_expires_when_termine.html.haml

Co-authored-by: Pierre de La Morinerie <kemenaran@gmail.com>

Update spec/views/administrateurs/procedures/show.html.haml_spec.rb

Co-authored-by: Pierre de La Morinerie <kemenaran@gmail.com>

fix(review): typo, why ena?, who knows

fix(env.example.optional): add missing DEFAULT_PROCEDURE_EXPIRES_WHEN_TERMINE_ENABLED
2022-05-05 13:07:11 +02:00
Pierre de La Morinerie
9bc5364ca2 app: add controller and view to generate a deposit receipt 2022-05-04 16:09:52 +02:00
Pierre de La Morinerie
fe56b7bb68 config: add papertrail feature-flag 2022-05-04 16:09:52 +02:00
Martin
a0df24b631 clean(SMTP.balancing): remove some env vars 2022-05-03 16:46:35 +02:00
simon lehericey
ea361643be types_de_champ -> types_de_champs_public 2022-05-03 11:05:24 +02:00
simon lehericey
aa0ef955d5 dolist config 2022-04-28 15:48:54 +02:00
Paul Chavard
433c01b1e6 Revert "Merge pull request #7137 from betagouv/faster_pdf"
This reverts commit 9da44bd913, reversing
changes made to ebac71796c.
2022-04-12 19:22:07 +02:00
simon lehericey
af27af7900 ! instances : prawn does not like svg
win 10% on pdf generation
2022-04-12 11:56:56 +02:00
Martin
7c0e8e406b fix(users/profiles#update): allow people from @assurance-maladie.fr to be a target email when user change his email 2022-04-06 16:07:25 +02:00
Paul Chavard
44c64669e9 Revert "Merge pull request #6787 from tchak/use-vite"
This reverts commit 5d572727b5, reversing
changes made to 43be4482ee.
2022-03-31 12:07:52 +02:00
simon lehericey
250b699664 remove duplicate csp 2022-03-29 16:27:08 +02:00
Paul Chavard
187e84a010 feat(assets): use vitejs to build javascript 2022-03-29 16:27:08 +02:00
simon lehericey
7ecf20ce75 harden email validation 2022-03-24 13:00:54 +01:00
Pierre de La Morinerie
2e04435117 gems: add strong_migrations 2022-03-16 10:30:25 +01:00
François Vantomme
d5cd0101c8 feat(footer): customize using custom views & locales 2022-03-10 17:31:20 +01:00
Pierre de La Morinerie
3481d27cba config: block browser external connections during system tests
During system tests, we don't want the headless browser to load
external resources:

- It is faster (we don't wait for external resources to be loaded)
- It avoids leaking our test setup to external service

Fixes #6982
2022-02-22 17:24:25 +01:00
Pierre de La Morinerie
6d5f44d489 config: translate the CSP comments from french to english 2022-02-22 17:17:55 +01:00
Pierre de La Morinerie
c2729ab7e2 config: add Matomo to the frame_src Content Security Policy
Solves the Matomo iframe being blocked on `/suivi`. Fix #5868
2022-02-15 15:56:53 +01:00
Pierre de La Morinerie
3276db016f config: add Matomo to the connect_src Content Security Policy
Solves Matomo connections being blocked. Fix #6949
2022-02-15 15:56:53 +01:00
Pierre de La Morinerie
6fa52e8a5a config: report CSP violations to report-uri 2022-02-15 12:49:52 +01:00
Pierre de La Morinerie
0b2775a1a6 config: add back DS_PROXY_URL to CSP
Otherwise a bunch of "static.demarches-simplifiees.fr" domains would
be missing.
2022-02-15 12:49:52 +01:00
François Vantomme
d5f207d98c refactor(url): use env variables in content security policies 2022-02-15 12:49:52 +01:00
Jon
31996c7d09 chore(smtp): add mailcatcher configuration 2022-02-15 09:34:07 +01:00
François Vantomme
ac915494df feat(landing): hide testimonial & users sections 2022-02-15 08:49:23 +01:00
François Vantomme
e8f62e78fe feat(matomo): configure Matomo iframe URL with an env variable 2022-02-09 12:44:13 +01:00
Pierre de La Morinerie
3e20ea13d8
Revert "Utilisation des variables d'environnement lors de la déclaration des Content Security Policies" 2022-02-08 22:20:08 +01:00
François Vantomme
8eaecd184a refactor(url): use env variables in content security policies 2022-02-08 15:15:55 +01:00
Pierre de La Morinerie
847abca122 config: simplify mailer configuration again
Move everything to initializers, and replace the email settings
interceptor by a BalancerDeliveryMethod.

It has the advantage that it can be configured entirely from the
`config/environment.rb` file, without an extra file to look at.
2022-02-08 12:44:43 +01:00
François Vantomme
51cfd3d7ad
feat(env): add env variables for the provider data 2022-02-04 18:20:06 +01:00
Pierre de La Morinerie
387701e7cb config: add a new SAML_IDP_ENABLED env var
This fixes the app crashing on launch when using the production profile,
because the certificates are not present.
2022-01-26 16:45:50 +01:00
Martin
252eee272b feat(support#create): block with invisible captcha [avoid painful captcha] 2022-01-04 14:49:00 +01:00
Pierre de La Morinerie
d524beee4e app: remove :instructeur_bypass_email_login_token from Flipper 2021-12-02 08:51:52 +01:00
simon lehericey
c4cde500ce fix acsv 2021-11-30 09:42:45 +01:00
simon lehericey
3316dfc866 reopen openid_connect gem to support AC encrypted jwt response 2021-11-23 14:17:59 +01:00
simon lehericey
45ce274721 add agent connect secrets 2021-11-23 14:17:59 +01:00
Paul Chavard
1adafd22d0 fix(graphql): add graphql_operation to lograge 2021-11-04 16:18:10 +01:00