Paul Chavard
3b6528decf
feat(i18n): enable localization by query param
...
Providing a query param ("locale") will enable localization. A language picker will be shown once
localization is activated. Locale is stored in a cookie "locale".
2021-08-24 12:42:40 +02:00
Pierre de La Morinerie
831672391e
app: use a long-lived cookie for CSRF token
...
See the ADR document for rationale.
2021-07-20 11:11:52 +02:00
Pierre de La Morinerie
09933454ff
app: improve InvalidAuthenticityToken logging
...
- Log on all controllers
- Improve description of the controller action involved
- Ignore Safari bogus requests
2021-07-06 12:42:01 +02:00
Pierre de La Morinerie
a99a6cc49f
controllers: use default Rails settings for protecting against forgery
...
Rails uses `config.action_controller.allow_forgery_protection` to
enable or disable forgery protection globaly.
This is disabled for tests by default. So our custom config is not
required.
2021-06-22 13:21:55 +02:00
François Vantomme
bc6d5aca0e
Fix (Sentry): prefer Rails secrets over ENV variables
2021-05-27 11:12:27 +02:00
lydiasan
e85dcf4c58
Update app/controllers/application_controller.rb
...
Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>
2021-05-25 13:32:26 +02:00
lydiasan
71069c0e1b
correction de la variable d'environnement 'LOCALIZATION_ENABLED'
2021-05-25 10:05:52 +02:00
lydiasan
42153d1d37
ajout du selecteur de langue
2021-05-12 16:30:35 +02:00
simon lehericey
b87a691176
use env for localization to avoid db round trip
2021-04-06 18:23:14 +02:00
simon lehericey
6f2b2c3c1f
use env for maintenance mode to avoid DB roundtrip
2021-04-06 18:23:14 +02:00
kara Diaby
d2ab2debb6
add expert logic
2021-03-18 11:27:51 +01:00
Paul Chavard
1c811083c0
Cleanup feature flags usage
2021-03-04 11:06:04 +01:00
Pierre de La Morinerie
334e50d4f8
views: remove old design's navbars
2021-02-02 15:33:09 +01:00
Paul Chavard
41c3a98d7d
Update Raven references to use Sentry
2021-01-28 19:46:36 +01:00
Christophe Robillard
5562e65bf3
refacto: rename administration to super_admin
2020-11-05 16:03:55 +01:00
Christophe Robillard
2a0ebd062a
enable 2FA for manager
...
when trying to access manager, if superadmin did'nt enable otp, he/she is redirected to a page to enable 2FA. When superadmin is enabling 2FA, he has to to scan a qrcode with the 2FA application client. And afterwards, the superadmin has to log in with email, password and OTP code.
2020-11-05 16:03:55 +01:00
simon lehericey
d82d1132c2
Remove rack_mini_profiler from prod as it could show env var and force us to allow unsafe_eval and script in csp
2020-10-30 17:08:31 +01:00
kara Diaby
9207cc5aa5
Ajoute un flag pour qu'un expert ne puisse pas inviter une autre personne à donner son avis sur un dossier
2020-10-02 18:57:29 +02:00
Judith
af25fdd77c
gem http_accept_language installed and (de)activable with feature flag
2020-08-27 16:15:01 +02:00
Pierre de La Morinerie
812aef978d
controllers: rename pundit_user
to current_account
...
It makes epxlicity what is the name of the structure returned by
`pundit_user`: not an actual User, but an `account` structure.
2020-06-24 15:42:30 +02:00
Christophe Robillard
d46bcecc51
improve code readbility
2020-03-20 10:41:36 +01:00
Christophe Robillard
775cc11d30
include store_location_extension for all controllers
2020-03-20 10:41:36 +01:00
Christophe Robillard
884de51b94
Revert "Revert "go to procedure after cliking link""
...
This reverts commit 952bae32fe
.
2020-03-20 10:41:36 +01:00
Christophe Robillard
952bae32fe
Revert "go to procedure after cliking link"
...
This reverts commit 795eabb1ea
.
2020-03-18 14:45:39 +01:00
Christophe Robillard
795eabb1ea
go to procedure after cliking link
...
even for an instructeur which is not signed in and unstrusted
2020-03-18 11:16:19 +01:00
Paul Chavard
ae2cfdd44e
Update browser gem
...
`modern?` method was removed in version 4
2020-03-17 11:25:20 +01:00
Paul Chavard
14295db9ad
Revert "Revert "Merge pull request #4552 from tchak/champ-communes""
...
This reverts commit 4373cb22cb
.
2020-01-14 18:46:07 +01:00
clemkeirua
4373cb22cb
Revert "Merge pull request #4552 from tchak/champ-communes"
...
This reverts commit 4cec26f73a
, reversing
changes made to 0ef25ef36c
.
2020-01-13 16:26:27 +01:00
Paul Chavard
22aa2d4ee0
Make all location champs autocomplete
2020-01-07 11:52:51 +01:00
Paul Chavard
7b947feae4
Rename demarche archivée to demarche close
2019-11-28 15:07:16 +01:00
Pierre de La Morinerie
68f5aae99d
autosave: add feature test
2019-11-21 14:00:06 +01:00
simon lehericey
dae7a3bfd0
[ fix #4529 ] Log user email in manager space
2019-11-19 12:15:03 +01:00
simon lehericey
5643e671a0
Code use user.active?
2019-11-05 14:10:39 +01:00
simon lehericey
8ae592fe25
[ fix #4361 ] administrateur active
2019-10-24 18:32:48 +02:00
simon lehericey
5143d341ec
Admin: 1 query for crips
2019-10-08 09:53:40 +02:00
Paul Chavard
adfa80142a
Cleanup application_controller and current_user
2019-09-17 12:37:37 +02:00
Paul Chavard
65e227c44b
Migrate to flipper
2019-09-10 16:10:14 +02:00
simon lehericey
4142acf8d3
Replace administrateur devise methods in app
2019-08-14 15:06:16 +02:00
Paul Chavard
0969b1f85f
Enable email_login_token for all gestionnaires
2019-08-14 12:53:51 +01:00
Pierre de La Morinerie
4e9895c11b
app: mark the contact forms as not sensitive to trusted tokens
...
Instructeurs waiting for a confirmation token should be able to
access the contact form (especially to ask for help).
Fix #4198
2019-08-13 19:48:11 +02:00
simon lehericey
c8a7bde5e0
Replace instructeur devise methods in app
2019-08-13 15:15:16 +02:00
simon lehericey
e3fd1cc33a
Remove weird switch_devise_profile_service
2019-08-13 15:15:16 +02:00
simon lehericey
3fde2a6f70
Rename gestionnaire in code to instructeur
2019-08-12 13:47:01 +02:00
Paul Chavard
02904f55b1
Fix champ policy
2019-08-01 16:41:53 +02:00
Paul Chavard
fc75580a3c
Start using pundit
2019-07-30 18:09:28 +02:00
Chaïb Martinez
5cb6ba2f3b
Fix tests
...
Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
2019-07-15 12:10:56 +02:00
Chaïb Martinez
d968e7e6bd
Add some admin usage info for contextual help with crisp
...
Fix #4052
Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
2019-07-15 12:10:56 +02:00
Chaïb Martinez
eccd456325
Add crisp
...
Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
2019-06-05 17:41:47 +02:00
Chaïb Martinez
920c8c0c32
Add Gestionnaire ID and ROLES
...
Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
2019-05-27 16:30:03 +02:00
Paul Chavard
348b15f595
Put devtools behind feature flags
2019-05-15 18:10:25 +02:00
Paul Chavard
4fb889f10a
Send browser support information and format user id
2019-04-04 14:21:32 +02:00
Paul Chavard
b9be186d2c
Sentry should send environment information
2019-04-03 18:19:16 +02:00
simon lehericey
65370b20a9
Use IPService to remove secure connexion from trusted networks
2019-04-03 15:21:19 +02:00
Paul Chavard
e71cdcd12c
Move all the trackers to a separate js pack
2019-04-02 17:33:53 +02:00
Paul Chavard
48701e80bd
Enable flipflop for instructeurs
2019-03-12 12:14:34 +01:00
simon lehericey
c16e30442a
save path before redirect to link_sent_path
2019-02-18 17:20:49 +01:00
simon lehericey
bee9a108c5
split login and trusted_device logic
2019-02-18 17:20:00 +01:00
gregoirenovel
e8c24c27e5
[ Fix #110 ] Remove any reference left to facades
2018-11-22 11:25:55 +01:00
Paul Chavard
99e1a20d98
Add champ carte endpoint
2018-10-23 09:35:25 +02:00
gregoirenovel
c91a1cf474
Enable Style/SymbolArray
2018-10-03 12:15:48 +02:00
gregoirenovel
a171186dd8
Enable Style/TrailingCommaInHashLiteral
2018-10-03 12:03:21 +02:00
Paul Chavard
905a715e16
Fix dossier link
2018-09-20 16:05:40 +02:00
Paul Chavard
e2a2748e79
Expose authenticated_logged_user! method
2018-09-07 17:11:19 +01:00
Paul Chavard
7e94f7778a
Disable csrf forgery protection in test environement
2018-09-07 17:11:19 +01:00
Paul Chavard
41815cfb1c
Add logged_in? helper
2018-08-29 10:43:47 +01:00
Paul Chavard
c79827d551
[ENV] Configure default_url_options
2018-08-23 15:55:32 +02:00
Paul Chavard
9de3e6e74b
Make info extraction method more safe
2018-08-13 18:32:00 +02:00
Paul Chavard
a6a4790a35
Replace logstasher with lograge
2018-08-13 12:44:00 +02:00
Paul Chavard
a0979b1d57
Fix logstasher custom fields
2018-08-07 16:26:44 +02:00
simon lehericey
d2dc69cde0
Connection: redirect user to its procedure
2018-05-23 15:55:52 +02:00
Frederic Merizen
d1bbb8023a
Remove smartlisting workaround
...
As it was fixed upstream in 1.2.2
2018-05-23 15:53:58 +02:00
Paul Chavard
785fe3410e
Clone procedure notice
2018-05-22 17:43:44 +02:00
simon lehericey
3d53366678
[ fix #1877 ] add maintenance mode
2018-04-26 15:06:34 +02:00
Paul Chavard
8a55ac79f1
Remove global BROWSER and use browser helper
2018-02-05 10:35:51 +01:00
Frederic Merizen
c15e1a6942
[ Fix #1374 ] Add missing parameter
...
Dossier pagination was only working for dossiers en construction.
2018-01-30 15:04:21 +01:00
Frederic Merizen
0ce26055d8
[ #1374 ] Revert "Merge pull request #1373 from betagouv/fix_pagination"
...
This reverts commit 5a56fe0182
, reversing
changes made to 31aabcd6b6
.
2018-01-30 15:04:21 +01:00
simon lehericey
691b12688d
Revert "[ #1360 ] Upgrade SmartListing to fork of 1.2.1"
...
This reverts commit 506a505477
.
2018-01-29 17:43:30 +01:00
Frederic Merizen
506a505477
[ #1360 ] Upgrade SmartListing to fork of 1.2.1
2018-01-25 17:47:10 +01:00
Paul Chavard
26b1de5883
[ Closes #1170 ] Put tps-dev (staging) environement behind a BasicAuth
2018-01-18 18:09:46 +01:00
Paul Chavard
e42626c588
Add user info to LogStasher
2018-01-18 17:14:42 +01:00
gregoirenovel
b138dcd876
Enable the Layout/SpaceInsideHashLiteralBraces cop
2018-01-18 10:53:35 +01:00
Mathieu Magnin
39c556f70e
Enable Rack mini profiler, on every environment
2017-09-07 15:12:19 +02:00
Mathieu Magnin
d097860b04
Enable rack mini profiler when super admin is connected
2017-07-25 14:35:54 +02:00
Simon Lehericey
12c12953d6
[ FIX #433 ] Add Raven Metadata on the current user/gestionnaire/admin ...
2017-07-04 14:18:46 +02:00
Xavier J
2750319f77
Fix some tests
2017-01-03 11:32:21 +01:00
Xavier J
0c90c2c122
Add unsupport navigator banner
2016-12-02 16:04:23 +01:00
JC
4f9bcdd225
Awsome struct to share layouts between controllers and there methods
2016-11-22 16:03:32 +01:00
Xavier J
d7fdf22abb
First fixed
2016-11-14 17:33:45 +01:00
Xavier J
1f1b235283
Fix bug Chrome datepicker
2016-09-22 11:31:24 +02:00
Guillaume Lazzara
9fd954d285
Add default protocol for urls
2016-07-07 10:13:46 +02:00
Tanguy PATTE
1238fdae23
remove comment
2015-09-22 14:57:55 +02:00
Tanguy PATTE
44173a17fb
add login for gestionnaire
2015-09-22 10:15:12 +02:00
Xavier J
9c7b0620ad
Correction Redirection après connexion admin
2015-08-31 09:51:46 +02:00
Tanguy PATTE
b0d7e490d6
style check
2015-08-20 16:33:21 +02:00
Xavier J
b5b83e939a
First Commit
2015-08-10 11:05:06 +02:00