clemkeirua
43424e4f4e
merge with the work of paul, using 3 links
2019-10-22 09:51:14 +02:00
simon lehericey
f31c184b56
[ fix #1537 ] Remove simple_form gem
2019-10-08 11:08:35 +02:00
clemkeirua
d3063c0b63
remove download_as_zip feature flag
2019-10-03 10:48:24 +02:00
Paul Chavard
5a7e415474
Put graphql behind a feature flag
2019-09-24 10:47:21 +02:00
Paul Chavard
91ad9bd7d3
Configure GraphQL::RailsLogger
2019-09-24 10:47:21 +02:00
Paul Chavard
d24e0e72a7
Correctly create new flipper flags
2019-09-12 10:46:13 +02:00
Paul Chavard
65e227c44b
Migrate to flipper
2019-09-10 16:10:14 +02:00
Chaïb Martinez
dd6c6bfe7a
mailers: add a NO_REPLY address to transactional emails
2019-09-10 13:37:28 +02:00
Paul Chavard
7ffb98e616
Remove carrierwave uploaders
2019-09-10 10:49:12 +02:00
Chaïb Martinez
f2386a5800
Add crips help domaine to defaut policy src
...
[fix #4234 ]
Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
2019-08-27 10:30:10 +02:00
simon lehericey
86d968bb8e
Use rack_attack_enabled?
...
We cannot enable rack attack during the tests as it interferes with features spec.
So we add a flag to enable it during the runtime.
2019-08-20 13:29:29 +02:00
simon lehericey
0f0fecdb25
RackAttack: use remote ip and test it !
2019-08-20 13:29:29 +02:00
pedong
fc8cebd78d
add Gem rack_attack for prevent attack brute-force
2019-08-20 13:29:29 +02:00
Nicolas Bouilleaud
7c7947adeb
Rename gestionnaire to instructeur in a comment
...
About an (unused for now) env var.
2019-08-13 10:27:49 +02:00
simon lehericey
3fde2a6f70
Rename gestionnaire in code to instructeur
2019-08-12 13:47:01 +02:00
maatinito
3703a71ea3
#3928 Added constants to define password min length & complexity
2019-08-01 17:12:14 +02:00
Pierre de La Morinerie
95e24392f9
models: remove old pieces justificatives
2019-07-30 16:11:17 +02:00
pedong
9438f962c5
add alert for account is locked
2019-07-29 17:48:44 +02:00
pedong
8d03a6747c
add lockable to User, Gestionnaire, administration, Administrateur
2019-07-29 17:48:44 +02:00
clemkeirua
99421545ab
replaced api-carto endpoint
2019-07-23 16:21:15 +02:00
Pierre de La Morinerie
76335511c8
omniauth: protect against CSRF
...
See https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284
2019-07-15 18:16:00 +02:00
Paul Chavard
3cb39c2840
Refactor message attachements to use active_storage
2019-07-10 15:35:29 +02:00
simon lehericey
0f9fdf3f75
Activate device email change confirmation
2019-07-09 11:55:17 +02:00
Mathieu Magnin
b34f8fbe3d
Add ActionText
2019-07-03 13:15:49 +02:00
simon lehericey
4b154983fb
Landing: voir les démarches -> comment trouver ma démarche
2019-07-03 12:59:09 +02:00
clemkeirua
dfefb827d9
missing connect-src
2019-07-02 10:50:10 +02:00
clemkeirua
d6f2de2fbf
enable static + activate csp in production
2019-07-02 09:40:38 +02:00
clemkeirua
eaf850c1e9
enable csp
2019-06-27 11:10:29 +02:00
clemkeirua
f19b5f8911
fix csp rule for crisp websocket
2019-06-26 12:37:55 +02:00
clemkeirua
7064f7e973
enable crisp websockets and css
2019-06-25 17:39:08 +02:00
clemkeirua
d3c6021ef4
add duplicate rules as fallback
2019-06-20 11:34:24 +02:00
clemkeirua
dc6c2e6bc0
add missing elements
2019-06-17 17:05:08 +02:00
Nicolas Bouilleaud
dace9a53d3
Add Universign timestamp API query
2019-06-17 16:16:28 +02:00
clemkeirua
765b10026e
more generic elements to the security policy
2019-06-17 09:51:27 +02:00
Pierre de La Morinerie
d410e31344
active_storage: document the virus scan hooks
2019-05-28 11:39:22 +02:00
Paul Chavard
cc4eba2b36
Less mokey patching
2019-05-21 14:21:42 +02:00
clemkeirua
5cbbbb8d3e
more whitelist for the common domains we use
2019-05-20 09:52:44 +02:00
Paul Chavard
42235e81b1
Use active storage load hook to extend blob
2019-05-16 20:43:01 +02:00
Paul Chavard
348b15f595
Put devtools behind feature flags
2019-05-15 18:10:25 +02:00
clemkeirua
6fe4031b2e
use constant for localhost
2019-05-15 16:33:27 +02:00
clemkeirua
b670b60ac6
changement de l'URI de report-uri
2019-05-15 15:32:00 +02:00
Pierre de La Morinerie
d431eeeb93
carrierwave: fix typo
...
Turns out the `openstack_identity_api_version` has not actually been
filled out for a while, because of a typo.
2019-05-15 14:03:15 +02:00
Chaïb Martinez
3004f96cf5
Add video and webinar URLs to admin pages
...
Fix #3850
Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
2019-05-13 17:47:02 +02:00
clemkeirua
675cc5150c
update on the security policy headers
2019-05-09 14:55:21 +02:00
clemkeirua
64b858ef19
handle Gon + add report-uri URL
2019-05-06 10:07:51 +02:00
clemkeirua
8582b08a98
add security policy
2019-05-06 10:07:51 +02:00
Paul Chavard
f113d108c9
Save virus scan status to blob metadata
2019-05-02 15:58:09 +02:00
Paul Chavard
b9be186d2c
Sentry should send environment information
2019-04-03 18:19:16 +02:00
Paul Chavard
51c79ba6a6
Update webpacker and replace vue with react
2019-04-03 14:38:07 +02:00
Frederic Merizen
98713b6a4d
Proxy for SendinBlue API
2019-03-08 16:33:28 +01:00
Mathieu Magnin
1eed114d78
Add status page in footer
2019-03-05 17:42:00 +01:00
simon lehericey
2920769a68
ActiveStorage: temp url are valid for 1 hour
2019-02-28 18:36:28 +01:00
Pierre de La Morinerie
283f110e9b
stats: improve numeric separators and suffixes
2019-02-01 11:02:37 +01:00
Pierre de La Morinerie
3b92fe93fc
stats: make groupdate week start on Monday
2019-01-10 16:14:14 +01:00
gregoirenovel
5fa5f2aa37
Bump development gems
...
- rubocop (0.61.1 → 0.62.0)
2019-01-05 11:47:55 +01:00
gregoirenovel
0596d53ac2
Enable the Lint/UnusedBlockArgument cop
2019-01-03 10:53:50 +01:00
gregoirenovel
8ffcc16ec5
Avoid EOL ifs
2019-01-03 10:53:50 +01:00
gregoirenovel
7ffe40868b
Use parentheses
2019-01-03 10:53:50 +01:00
pedong
ef1c17beaa
[ Fix #3056 ] get url api in the environment variable
2018-11-27 14:47:10 +01:00
gregoirenovel
dffd132564
Remove a useless file
2018-11-22 01:51:55 +01:00
Frederic Merizen
d901cb286b
[ #2180 ] Bump fog-openstack
2018-11-16 11:11:39 +01:00
Frederic Merizen
6da33f2387
[ #2180 ] Drop fog
2018-11-16 11:11:39 +01:00
Chaïb Martinez
8d02b4dbdf
Add Matomo Suivi page
2018-11-08 14:25:37 +01:00
pengfei
7950597bf5
[ fix #2858 ] env api geo
2018-11-06 12:54:01 +01:00
simon lehericey
b00dec4bf6
Conf: storage.apientreprise.fr -> static.demarches-simplifiees.fr
2018-10-25 17:05:22 +02:00
gregoirenovel
fed1f05456
Add CADRE_JURIDIQUE_URL
2018-10-25 14:45:13 +02:00
gregoirenovel
394524b397
Improve the webhook description
2018-10-25 14:45:13 +02:00
gregoirenovel
cfc58000c6
Improve urls.rb
2018-10-25 14:45:13 +02:00
Paul Chavard
7ffbe417f9
Add ApiGeo RPG adapter
2018-10-23 18:13:44 +02:00
Paul Chavard
ed46e2c3be
Use Typhoeus in ApiGeo adapter
2018-10-23 18:13:44 +02:00
Chaïb Martinez
535fe6d13a
Link directly to the instructeur tutorial in the instructeur email
2018-10-23 11:23:24 +02:00
Chaïb Martinez
796ff972e6
Add a webinaire registration CTA at the end of the admin email
2018-10-23 11:23:24 +02:00
Chaïb Martinez
e8dd6b00bf
Link to the admin tutorial instead of the doc
2018-10-23 11:23:24 +02:00
gregoirenovel
442b4a241b
Make API_ADRRESSE_URL canonical
2018-10-15 20:55:46 +02:00
gregoirenovel
9156acb839
Use double quotes in urls.rb
2018-10-15 20:55:46 +02:00
gregoirenovel
bf63e7d6ab
Use HTTPS for the API Adresse URL
2018-10-15 20:55:46 +02:00
gregoirenovel
a7a6898ce3
Constantize the API Adresse URL
2018-10-15 20:55:46 +02:00
gregoirenovel
f3caa8ef7f
Remove apipie (and maruku)
2018-10-09 17:23:07 +02:00
gregoirenovel
a1bab24681
Change the link to the API documentation
2018-10-09 17:23:07 +02:00
gregoirenovel
a171186dd8
Enable Style/TrailingCommaInHashLiteral
2018-10-03 12:03:21 +02:00
gregoirenovel
6eeba14885
Enable Style/WordArray
2018-10-03 12:03:21 +02:00
Mathieu Magnin
5d6f8de5a0
[ Fix #1285 ] Add a custom dictionary for zxcvbn
2018-09-26 09:02:59 +02:00
gregoirenovel
5db408efdb
[ Fix #1511 ] Remove the now obsolete DS logo
2018-09-24 12:16:58 +02:00
Pierre de La Morinerie
b4aadf43cd
initializers: check that env vars declared in env.example are present
...
If an environment variable is declared in `config/env.example`, but not
present in the actual environment, the server initialization will raise
an exception.
Empty strings are allowed (because some values are relevant only in
development or production).
2018-09-04 10:20:20 +02:00
gregoirenovel
df742421a8
Remove an env var
2018-09-03 16:13:38 +02:00
Paul Chavard
c67f8dcaaa
Add after_party
2018-08-30 11:54:54 +01:00
Paul Chavard
c3e2d61d0a
Add helpscout config
2018-08-29 10:41:42 +01:00
gregoirenovel
5085357db9
Improve the formatting of the urls.rb file
2018-08-28 10:44:17 +02:00
gregoirenovel
9284afc649
Use a constant for the API Entreprise URL
2018-08-28 10:44:16 +02:00
gregoirenovel
5f60e204d1
Use parentheses
2018-08-27 09:21:20 +02:00
Paul Chavard
3e23ba5a4f
[ENV] Add lograge config
2018-08-23 15:55:32 +02:00
Mathieu Magnin
907f48e148
[ENV] Configure Raven (Sentry)
2018-08-23 15:55:32 +02:00
Paul Chavard
296e3a9b09
[ENV] Add fog config
2018-08-23 15:55:32 +02:00
Mathieu Magnin
db8e750f1a
[ENV] Configure Api Entreprise token
2018-08-23 15:55:32 +02:00
Mathieu Magnin
5ff869e1bc
[ENV] Add Mailjet conf
2018-08-23 15:55:32 +02:00
Mathieu Magnin
aa0a4cf87f
[ENV] Devise config
2018-08-23 15:55:32 +02:00
Mathieu Magnin
9eb48413b5
[ENV] Active storage config in storage.yml
2018-08-23 15:55:31 +02:00
Mathieu Magnin
8934d495e9
[ENV] GH config in secrets.yml
2018-08-23 15:55:31 +02:00
Mathieu Magnin
238d94cdc3
[ENV] France connect particulier config in secrets.yml
2018-08-23 15:55:31 +02:00
gregoirenovel
9c94308209
Enforce a minimum Edge version
2018-08-22 11:20:52 +02:00
gregoirenovel
3d14ae418f
Unify the syntax in browser.rb
2018-08-22 11:20:39 +02:00
gregoirenovel
fad18d6173
Update the minimum browsers versions
2018-08-21 18:21:14 +02:00
Paul Chavard
40a1e22cc9
Remove logstasher and add custom job structured logger
2018-08-16 12:26:13 +02:00
Paul Chavard
c7b97073ee
Log backtrace on exceptions
2018-08-13 18:32:00 +02:00
Paul Chavard
9de3e6e74b
Make info extraction method more safe
2018-08-13 18:32:00 +02:00
simon lehericey
839b7627ac
[ fix #2387 ] Rack: increase max multipart number
2018-08-13 17:45:47 +02:00
Paul Chavard
a6a4790a35
Replace logstasher with lograge
2018-08-13 12:44:00 +02:00
simon lehericey
9196a3ef4c
Logstasher: remove bugging initializer
2018-08-10 13:07:41 +02:00
Paul Chavard
a0979b1d57
Fix logstasher custom fields
2018-08-07 16:26:44 +02:00
Pierre de La Morinerie
fdbda30877
javascript: transpile compatible JS for all browsers we support
2018-08-06 17:50:10 +02:00
Pierre de La Morinerie
22b83dd67c
browsers: enforce IE 11 as the minimum required IE version
...
This is already documented in the README, but not enforced.
2018-08-06 16:33:10 +02:00
Paul Chavard
3645c56416
Use Chartkick with defer option
2018-08-01 17:02:30 +02:00
Pierre de La Morinerie
956c3fe36c
Replace hardcoded phone numbers by a CONTACT_PHONE constant
2018-06-25 11:51:15 +02:00
gregoirenovel
23931a7591
Remove the contact_email locale
2018-06-01 00:00:11 +02:00
gregoirenovel
185f08f63e
Add constants for email addresses
2018-06-01 00:00:11 +02:00
gregoirenovel
661010100d
[ Fix #1536 ] Remove stringupcasepatch
2018-05-31 11:49:25 +02:00
simon lehericey
569da996d2
[ fix #1915 ] enable devise paranoid mode
2018-05-23 16:11:03 +02:00
simon lehericey
5bd589344e
Devise: confirm user email
2018-05-23 15:55:52 +02:00
gregoirenovel
a246181afd
Add API_GEO_URL
2018-05-22 19:01:46 +02:00
gregoirenovel
1839269dd9
Add API_CARTO_URL
2018-05-22 18:53:34 +02:00
gregoirenovel
0b35bfffa5
Move constants to urls.rb
2018-05-22 17:35:11 +02:00
gregoirenovel
5757782d29
Fix the mentions legales link
2018-05-22 17:28:17 +02:00
gregoirenovel
a98ab683aa
Update FAQ_URL
2018-05-22 17:23:56 +02:00
gregoirenovel
de201fca04
Add FAQ_URL
2018-05-22 17:23:56 +02:00
gregoirenovel
6ac8d6abf8
Update the DOC_URL
2018-05-22 17:23:56 +02:00
gregoirenovel
b93ec30a2d
Make the GitBook URLs depend on DOC_URL
2018-05-22 17:23:56 +02:00
gregoirenovel
52d878fea8
Remove trailing slash from DOC_URL
2018-05-22 17:23:56 +02:00
gregoirenovel
5126503cfc
Add MENTIONS_LEGALES_URL
2018-05-22 17:23:56 +02:00
gregoirenovel
dc962f0c0a
Add LISTE_DES_DEMARCHES_URL
2018-05-22 17:23:56 +02:00
gregoirenovel
5e2219416e
Add the DOC_URL constant
2018-05-22 17:23:56 +02:00
Mathieu Magnin
3e176d4e08
Remove use of staging.apientreprise
2018-05-09 13:56:29 +02:00
simon lehericey
959ff6be2c
[ fix #1902 ] decrease session timeout to 1 hour
2018-05-02 11:28:18 +02:00
Paul Chavard
d9dbf7b7f9
Remove legacy features support
2018-04-26 16:28:45 +02:00
gregoirenovel
049a2d88b9
Bump rails to 5.2 final
2018-04-24 16:07:19 +02:00
Paul Chavard
71c852fc85
Remove Feature
2018-04-18 16:51:21 +02:00
Paul Chavard
45019ce75c
Use Flipflop instead of Feature
2018-04-18 16:51:21 +02:00
Paul Chavard
27592ae072
Add simple web hooks to procedures
2018-04-09 11:02:24 +02:00
gregoirenovel
c5953f8aef
Use .join to generate urls (unification)
2018-04-09 09:54:10 +02:00
Paul Chavard
45ef32e6d9
Add SIRET Type De Champ
2018-04-05 10:29:29 +02:00
simon lehericey
6a74aaa42a
[ fix #1697 ] Pipedrive: use a job to process an admin creation
2018-03-27 14:52:39 +02:00
simon lehericey
ec3d558af0
Pipedrive: extract methods in service
2018-03-27 14:52:39 +02:00
gregoirenovel
57b42e24e5
SIADEURL -> API_ENTREPRISE_URL
2018-03-19 11:39:46 +01:00
gregoirenovel
658bd95f86
Add a constant to SIADEURL
2018-03-19 11:39:46 +01:00
gregoirenovel
031b9c0bab
Update documentation links to GitBook v2
2018-03-15 09:37:24 +01:00
gregoirenovel
acc2ed5646
Move CGU_URL to a new initializer
2018-03-12 18:13:23 +01:00
gregoirenovel
657b9d2e93
Change link to doc
2018-03-12 17:51:39 +01:00
gregoirenovel
0a9f442260
Enable some Rails cops
2018-03-06 17:18:44 +01:00
gregoirenovel
be5849a7f5
Remove unneeded quotes
2018-03-05 19:21:20 +01:00
gregoirenovel
ad2e418490
Change the cookie key
2018-03-01 10:33:53 +01:00
gregoirenovel
67da280fa0
Change logos that included “tps”
2018-03-01 10:33:53 +01:00