Pierre de La Morinerie
062f52feb9
Fix ProcedureAdministrateursController#destroy
...
- The "no remove oneself" rule wasn't actually enforced
- `flash.error` is not a flash category
2022-01-07 15:39:58 +01:00
Pierre de La Morinerie
fb75a55b89
Add specs for Administrateurs::ProcedureAdministrateursController
2022-01-07 15:39:58 +01:00
Martin
f770ac4907
fix(users/champs/piece_justificative#update): ensure to bump dossier.last_champ_updated_at otherwise instructeurs are not notified when user update their piece_justificative
2022-01-06 13:09:57 +01:00
Paul Chavard
28c1763701
a11y(champs): generalize describedby and update to use new Combo props
2022-01-05 12:33:40 +01:00
simon lehericey
00871cfe13
Fix ping controller in dev
...
For an unknown reason, ActiveRecord::Base.connected? does not work anymore in dev. It returns false negative.
This simple workaround can timeout. The caller has to monitor the response time.
2022-01-05 11:44:32 +01:00
Martin
252eee272b
feat(support#create): block with invisible captcha [avoid painful captcha]
2022-01-04 14:49:00 +01:00
Kara Diaby
1ca553e088
rename hidden_by_instructeur by hidden_by_administration
2022-01-03 11:51:25 +01:00
Kara Diaby
598cb09c6d
tests
2021-12-29 17:37:58 +01:00
Martin
d0ab1711ff
fix(profil_controller#update_email): ensure we are not merging same account
...
fix(profil_controller#update_email): changing email from current_user.email to current_user.email destroy current user. whoops ☠️ '
Update config/locales/en.yml
Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>
Update config/locales/fr.yml
Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>
Update spec/controllers/users/profil_controller_spec.rb
Update config/locales/fr.yml
Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>
Update spec/controllers/users/profil_controller_spec.rb
fix(spec): broken due to typo
2021-12-29 13:36:47 +01:00
François Vantomme
14e0c68266
feat(api particulier): add MESRI field
2021-12-16 16:45:18 +01:00
Martin
b9d13df483
fix(spec): avoid flacky test. 15.days ago is not always on the previous month. eg: this spec failed on 16 of december, stats is still in december
2021-12-16 15:02:17 +01:00
simon lehericey
c7f7855f14
avoid phishing
2021-12-15 13:51:49 +01:00
maatinito
0a31c8bc79
refactor date_trunc queries using groupdate gem
2021-12-14 08:50:11 +01:00
François Vantomme
6ab8ac0662
feat (api particulier): add Pole emploi field
2021-12-08 10:36:25 +01:00
François Vantomme
2110ef072c
feat(api particulier): add DGFiP field
2021-12-07 11:03:05 +01:00
Paul Chavard
2ba05bfb4f
fix(dossier): use depose_at instead of en_construction_at
2021-12-06 15:49:17 +01:00
Martin
081d5094a9
feat(instructeurs/procedure/dossiers#extend_conservation): add extends duree conservation in action button list, also rewire this action for user [extend by procedure.duree_conservation_dans_ds by default] but force 1.month for instructeur. add new icon for standby based on https://en.wikipedia.org/wiki/Power_symbol
2021-12-06 07:20:01 +01:00
Christophe Robillard
9341c787a1
administrateur can add zone to procedure
2021-12-02 19:24:26 +01:00
Pierre de La Morinerie
ac07f05771
app: use Instructeur.bypass_email_login_token
2021-12-02 08:51:52 +01:00
Paul Chavard
46e2e34b89
fix(stats): remove super admin stats
2021-12-01 18:10:05 +01:00
Pierre de La Morinerie
9db62178d2
views: display revision errors on the procedure dashboard
2021-11-30 13:34:41 +01:00
simon lehericey
5a0fb6237f
😭 AASM does not support keyword arguments
...
https://github.com/aasm/aasm/issues/672
2021-11-30 09:42:45 +01:00
Pierre de La Morinerie
184a401182
app: rename new_administrateur
to administrateurs
2021-11-30 08:49:38 +01:00
simon lehericey
a0c0520502
avoid redirection to a deleted user
2021-11-29 15:27:17 +01:00
Kara Diaby
c75a9b6271
tests
2021-11-29 14:30:17 +01:00
kara Diaby
06540c1b93
tests
2021-11-26 09:45:13 +01:00
Martin
fdf0f18fda
fix(i18n): wrap text under i18n.t
...
i18n(france_connect/*): replace wording with i18n
fix(lint): i18n key issue
secu(views/france_connect/particulier/merge.html.haml): sanitize france_connect_email just in case
fix(brakeman): sanitize FCI.email_france_connect when used with html_safe via an I18n.t, also add exception to brakeman
2021-11-25 17:34:37 +01:00
Martin
21894d0a0a
feat(france_connect/particulier#callback): in case the FC email exists as an DC account which is an instructor or and administrator, returns early to new_session_path so he can connect with this existing account
2021-11-25 17:34:36 +01:00
Martin
ff073f8884
Add confirmation by email when merging DC/FC accounts
...
feat(fci.confirmation_code): add confirmation code to france_connect_informations
feat(user_mailer.france_connect_confirmation_code): add confirmation by email mail method/preview/spec, pointing to merge_mail_with_existing_account (reuse existing method)
feat(mail_merge): mail merge
feat(merge.cannot_use_france_connect): same behaviour as callback
clean(fci.confirmation_code): use same token for mail validation as merge
feat(resend_france_connect/particulier/merge_confirmation): resend email with link. also enhance some trads, cleanup halfy finished refacto
clean(tech): finalize story by plugging merge_with_new_account to email validation
fix(deadspec): was removed
fix(spec): broken after last refactoring
lint(rubocop): space before parenthesis
lint(haml-lint): yoohoooo space before =
fix(lint): scss now :D
Update app/assets/stylesheets/buttons.scss
cleanup
feat(france_connect): re-add confirm by email, with an option for confirmation by email instead of only confirmation by email
fixup! Add confirmation by email when merging DC/FC accounts
fix(lint): haml_spec failure
2021-11-25 17:34:34 +01:00
mfo
e7d9d047fe
Merge branch 'main' into 6649-etq-usager-instructeur-rendre-la-suppression-plus-visible
2021-11-24 14:07:32 +01:00
Paul Chavard
758e7d68e6
fix(graphql): fix and improuve query parsing for logs
2021-11-24 13:23:05 +03:00
simon lehericey
4efd15377c
spec
2021-11-23 14:17:59 +01:00
Pierre de La Morinerie
997c197980
specs: simplify the syntax of some factories
2021-11-23 08:07:07 +01:00
Pierre de La Morinerie
09ca70eef0
specs: improve search controller specs
2021-11-23 08:07:07 +01:00
Martin
3d1533dee9
feat(users/dossiers?statut=dossiers-expirant): add dossiers-expirant tab
2021-11-19 15:14:39 +01:00
mfo
82b23b92c0
Merge branch 'main' into 6624/etq-instructeur-je-souhaite-supprimer-des-messages-envoyes-par-erreur
2021-11-17 05:41:56 +01:00
Paul Chavard
e74d599042
feat(procedure): remove duree_conservation_dossiers_hors_ds
2021-11-16 19:55:56 +03:00
Martin
f0950b592b
clean(CommentaireService): extract soft delete within controller. returning an instance with an error[:base] is not persisted with validation : avoid poluting stuff
2021-11-16 16:13:11 +01:00
Martin
4042d51d1a
tech(lint): rubocopify
2021-11-15 14:17:57 +01:00
Martin
d4c74b5621
feat(rc.1): refine with better translations, better design
2021-11-15 14:15:05 +01:00
Martin
3b78a9d81a
feat(rc): first stable
2021-11-15 13:53:32 +01:00
Martin
8b931a57d4
feat(CommentairesController#destroy): implement destroy endpoint using CommentaireService
2021-11-15 13:18:10 +01:00
Martin
b03dc6ad5d
wip(dossiers/messages/_message): poc destroy button with expected ACL support
2021-11-15 11:30:41 +01:00
Paul Chavard
da47f491b3
fix(dossier): nullify close to expiration notice timestamps when changing state
2021-11-11 12:52:58 +01:00
simon lehericey
9041e201e8
one merge at a time
2021-11-04 16:10:09 +01:00
simon lehericey
b160086cc5
update update_email to allow merge
2021-11-04 16:10:09 +01:00
simon lehericey
652b8367be
accept or refuse merge
2021-11-04 16:10:09 +01:00
Pierre de La Morinerie
0a541d678d
graphql_controller_spec: create several dossiers only when required
...
Creating dossiers is faster than creating a procedure, but still slow.
We can create a single dossier in the default case, and only create
several others when the example requires it.
Speeds up this spec from 0m 57s to 0m 49s.
2021-11-03 19:38:01 +01:00
Pierre de La Morinerie
f0e045ad25
graphql_controller_spec: create all types de champs only when required
...
Creating a procedure with all available types de champ is slow. We can
create a simpler procedure in the default case, and only create all
types de champs when the example requires it.
Speeds up this spec from 1m 55s to 0m 57s.
2021-11-03 19:38:01 +01:00
Pierre de La Morinerie
e02251c0e5
graphql_controller_spec: populate all champs only when required
...
Creating a dossier with available champs populated is slow. We can
create simpler dossiers in the default case, and only populate all
champs when the example requires it.
Speeds up this spec from 2mn 20s to 1m 55s.
2021-11-03 19:38:01 +01:00
Pierre de La Morinerie
bb1bc9140d
graphql_controller_spec: remove unused line
2021-11-03 19:38:01 +01:00
Pierre de La Morinerie
04159056af
specs: clarify spec by replacing some context
by describe
2021-11-03 19:38:01 +01:00
Pierre de La Morinerie
b06183d7bf
specs: rename Dossier's with_all_champs
to with_populated_champs
...
This better reflects what the trait is used for, and disambiguate it
from the similarly named trait in the Procedure factory.
2021-11-03 19:38:01 +01:00
Paul Chavard
c4b93f8d4a
fix(groupe_instructeur): unfollow dossiers when removed from groupe instructeur
2021-10-28 14:45:52 +02:00
simon lehericey
c725999582
move merge method to user
2021-10-28 14:39:13 +02:00
Pierre de La Morinerie
a2b91c8ec6
factories: cleanup Administrateur, Instructeur and Expert factories
...
This changes:
- avoids relying on application code to create mock objects,
- allows to build Administrateur or Instructeurs without saving them.
2021-10-26 12:03:30 +02:00
simon lehericey
d19ad2840c
rename preexisting to targeted, remove duplicated test
2021-10-19 16:12:42 +02:00
simon lehericey
52b7e85954
merge administrateur in user_controller
2021-10-19 16:12:42 +02:00
simon lehericey
44c880adc4
allow instructeur and administrateur to change their email to legit domain ( #6550 )
2021-10-19 15:54:57 +02:00
simon lehericey
f54dfe6ead
Do not raise error if user is nil
...
I do not get when it happens
2021-10-19 11:21:24 +02:00
simon lehericey
933d7b8c8d
merge with another preexisting account
2021-10-14 14:47:50 +02:00
simon lehericey
ce40e1127d
merge with another new account
2021-10-14 14:47:50 +02:00
simon lehericey
19f81b594b
merge with an existing account by using the password
2021-10-14 14:47:50 +02:00
simon lehericey
218e4633a9
securely retrieve fci
2021-10-14 14:47:50 +02:00
simon lehericey
f7299da1e7
launch merge process if an unlinked DS account with the same email exists
2021-10-14 14:47:50 +02:00
simon lehericey
6826bf03b0
Sign in with a user linked by france connect sub (openid)
...
instead of looking linked user by email because :
- follows FC recommendation to fetch ds account by openid
- the email is not a valid key as many user can share the same FCI email.
The following scenario is now working
A user A (email: 1@mail.com ) uses FC to connect to DS
=> It is connected as 1@mail.com
Another user B (email: generic@mail.com ) uses FC to connect
=> It is connected as generic@mail.com
The first user A change its FC email to generic@mail.com and connect to DS
=> It is still connected as 1@mail.com
2021-10-14 14:47:50 +02:00
simon lehericey
2f470b25aa
spec cleaning
2021-10-14 14:47:50 +02:00
simon lehericey
77d14d4a60
forbid admin merge yet
2021-10-07 15:51:31 +02:00
simon lehericey
5009c583ea
Add notice when merging account
2021-10-07 15:51:31 +02:00
simon lehericey
a480b31eb5
merge expert
2021-10-07 15:51:31 +02:00
simon lehericey
136f29524e
merge instructeur
2021-10-07 15:51:31 +02:00
simon lehericey
9a6a53349f
simple cases when the preexisting targeted account does not have instructeur or profile profile
2021-10-07 15:51:31 +02:00
simon lehericey
c56199e8f7
spec cleaning
2021-10-07 15:51:31 +02:00
simon lehericey
195583c0bd
Enable manager specs
2021-10-07 15:51:31 +02:00
kara Diaby
919d708ec4
tests
2021-10-05 15:37:30 +02:00
simon lehericey
f662b28baf
update identity_updated_at column when user identity change
2021-10-05 12:05:43 +02:00
Peng-Fei DONG
dee536fca1
app: localize CSV import for groupe instructeurs
2021-10-05 10:58:15 +02:00
simon lehericey
64351d0287
[ Fix #6504 ] Fix exception raised when deleting a transfer
2021-10-01 12:11:03 +02:00
simon lehericey
0cd9bcb1ab
fix #6495
2021-09-28 15:53:18 +02:00
Paul Chavard
5933194149
feat(log): stop logging user emails
...
fix #6485
2021-09-27 14:56:00 +02:00
simon lehericey
07962cc2c7
service: match remote keys
2021-09-22 12:08:24 +02:00
simon lehericey
1446660ca3
an api_particulier_token change erases previous api_particulier_sources
2021-09-21 11:21:10 -05:00
simon lehericey
c87f3f7fb6
faster jeton_particulier_controller_spec
2021-09-21 11:21:10 -05:00
simon lehericey
2e1bed8748
an admin can save its sources
2021-09-21 11:21:10 -05:00
Pierre de La Morinerie
eef90efd49
app: fix exception during password reset when the token has expired
2021-09-21 10:30:09 -05:00
simon lehericey
a7ec77f0a8
do not display the action for instructeur
2021-09-20 13:58:11 +02:00
simon lehericey
7239657a75
[ Fix #6481 ] a user see its waiting transfers
2021-09-20 13:58:11 +02:00
simon lehericey
c34476a766
a user can transfer all its dossier
2021-09-20 13:58:11 +02:00
Paul Chavard
ad5279f4ab
test(groupe_instructeur): fix groupe_instructeur controller spec
2021-09-18 11:22:35 +02:00
simon lehericey
5dbd81ebeb
show api particulier sources
2021-09-17 13:50:23 +02:00
simon lehericey
1d06c15ac0
save api particulier scopes
2021-09-16 09:49:16 +02:00
simon lehericey
7ee360df30
add logic to detect empty scopes
2021-09-16 09:09:34 +02:00
simon lehericey
ee6d19e3ee
an admin can save it's api particulier token
...
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:56:42 +02:00
simon lehericey
4c0dd43055
add jetons particulier index page
...
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:37:04 +02:00
Pierre de La Morinerie
5cbf939911
spec: fix syntax of get requests in archives_controller_spec
...
Those were generating Ruby warnings:
> warning: Using the last argument as keyword parameters is deprecated
2021-09-09 09:58:41 -05:00
Pierre de La Morinerie
80f9d4adc0
devise: use password_strength component in SuperAdmin::PasswordsController
2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
428ca8755f
app: add a password_complexity component
...
This component will replace the previous `password_field` component.
2021-09-09 09:40:39 -05:00
Paul Chavard
74e277d0a2
feat(graphql): add an option to dossier state change mutations to disable notifications
2021-09-07 14:21:48 +02:00
Paul Chavard
9e30d5fc22
fix(virus scan): prevent virus scans in specs
2021-09-07 14:21:48 +02:00
Pierre de La Morinerie
8bb283d977
app: delete old Admin::ProceduresController
2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
a004ac59df
app: move archive to NewAdministrateur::ProceduresController
2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
e7c8a9fff5
app: move clone to NewAdministrateur::ProceduresController
2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
56fa7e7cd6
app: move destroy to NewAdministrateur::ProceduresController
...
The code was already moved; only the route and tests were not.
2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
3e83ad454f
app: move new_from_existing to NewAdministrateur::ProceduresController
2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
7729385d89
controllers: remove dead code on Admin::ProceduresController
...
This code has been migrated to NewAdministrateur::ProceduresController.
2021-09-02 14:51:26 -05:00
Pierre de La Morinerie
0f9d7d6b8c
app: remove old Admin::InstructeursController
...
It was only hosting the deprecated "Instructeurs globally attached to
this admin", which wasn't used anywhere in the app anymore.
2021-09-02 14:40:36 -05:00
Pierre de La Morinerie
b80f6a9f1b
spec: fix some manager tests not running
2021-08-26 11:44:47 -05:00
Paul Chavard
1399d9bba9
feat(graphql): expose demarche descriptor on dossier type
...
We don't want to expose full demarche type on dossiers because it would open the door for recursive queries that we want to avoid. DemarcheDescriptorType is a lightweight representation of demarche metadata.
2021-08-25 11:12:24 +02:00
Ismael MOUSSA S. (T0194673)
330333aac4
6407 - Fix flash message typo in new administrateur/groupe instructeurs controller and its related spec
2021-08-20 20:10:44 +02:00
kara Diaby
69393c2921
modify groupe instructeur controller
2021-07-27 19:38:22 +02:00
kara Diaby
9c976c6b71
fixup! tests
2021-07-27 19:38:21 +02:00
Pierre de La Morinerie
831672391e
app: use a long-lived cookie for CSRF token
...
See the ADR document for rationale.
2021-07-20 11:11:52 +02:00
kara Diaby
0b6c7dace7
tests
2021-07-15 16:32:07 +02:00
kara Diaby
d2d046a39d
fix encoding problems with cherlock Holmes gem
2021-07-13 10:58:41 +02:00
Pierre de La Morinerie
37c62ac0a3
app: display standard error page when no cookies are present
...
This occurs mostly when Safari attempts to perform a POST request
again (without sending any of the cookies).
In that case, our custom `422.html` page is more helpful to the user
(because it has a link to the previous page) than a "No cookies" blank
text.
2021-07-06 16:29:22 +02:00
Pierre de La Morinerie
09933454ff
app: improve InvalidAuthenticityToken logging
...
- Log on all controllers
- Improve description of the controller action involved
- Ignore Safari bogus requests
2021-07-06 12:42:01 +02:00
Christophe Robillard
54d91335f2
remove the ability to download an 'everything' archive
...
there are sometimes an error that happen when building an everything
archive. The error explanation is not understood at the moment.
To deliver the archive feature quickly, we remove the 'everything' archive for
the moment
2021-07-05 11:05:07 +02:00
Paul Chavard
280e54b59d
Enable test revisions
2021-07-01 15:59:07 +02:00
Pierre de La Morinerie
1faf91bdbe
experts: protect password update as well as sign-up
2021-06-30 10:46:42 +02:00
Pierre de La Morinerie
6f7a2fde57
experts: fix saving password on sign-in
2021-06-30 10:46:42 +02:00
Pierre de La Morinerie
4f5c5e26ae
spec: cleanup spec for Experts::AvisController
2021-06-30 10:46:42 +02:00
Paul Chavard
a4482233b8
[GraphQL] expose deleted dossiers
2021-06-24 11:51:37 +02:00
kara Diaby
309b3414d6
tests
2021-06-22 16:33:38 +02:00
Pierre de La Morinerie
5908b8019a
specs: properly use xhr: true
in javascript requests
...
This avoids an unexpected `ActionController::InvalidCrossOriginRequest`
exception to be raised when the forgery protection is disabled.
2021-06-22 13:21:55 +02:00
kara Diaby
6ebd57640c
tests
2021-06-15 19:36:46 +02:00
François Vantomme
c9b1095d1e
Refactor (Rubocop): replace map{ … }.compact by filter_map
...
In Ruby 2.7, Enumerable#filter_map has been added.
This cop identifies places where map { … }.compact can be replaced by filter_map.
See: https://docs.rubocop.org/rubocop-performance/cops_performance.html#performancemapcompact
2021-06-11 15:38:09 +02:00
Christophe Robillard
41569efe9d
extract estimate_weight
...
and rename nb_dossiers by nb_dossiers_termines
2021-06-09 10:52:38 +02:00
Paul Chavard
990ae10399
GraphQL byte_size should be BigInt
2021-06-03 10:53:17 +02:00
Paul Chavard
f076fa803e
Handle GeoJSON validation errors
2021-06-02 12:43:24 +02:00
Paul Chavard
9b0dae4cc2
Fix apostrophes ‘ -> ’
2021-05-26 18:05:14 +02:00
Paul Chavard
3b85ade440
Add compatibility cadsatre layer with old API GEO
2021-05-24 11:57:00 +02:00
Paul Chavard
e043645a88
cleanup tests
2021-05-18 11:42:10 +02:00
kara Diaby
468e9e849a
tests
2021-05-18 11:42:10 +02:00
simon lehericey
5124e08ccd
disable faulty manager spec
2021-05-05 21:34:57 +02:00
simon lehericey
ccce724976
refactor as created fci must have an user_id
2021-05-05 14:36:34 +02:00
Paul Chavard
f6508899de
Refactor NotificationMailer
2021-05-04 12:05:06 +02:00
Christophe Robillard
f40d96fbd2
Revert "Revert "Export de tous les dossier d'une démarche""
...
This reverts commit d9a588b52e
.
2021-04-29 17:29:47 +02:00
krichtof
d9a588b52e
Revert "Export de tous les dossier d'une démarche"
2021-04-29 16:07:18 +02:00
Christophe Robillard
9134114c2e
fix rubocop offenses
2021-04-28 11:40:58 +02:00
Christophe Robillard
8bee53fe77
rend plus robuste la création de l'archive
2021-04-28 11:40:58 +02:00
Christophe Robillard
71a5e41e5b
add archive_zip_globale feature flag
2021-04-28 11:40:58 +02:00
Christophe Robillard
8b2849408c
instructeurs can create and download archives
2021-04-28 11:40:58 +02:00
Christophe Robillard
fba0d78153
generate pdf export inside pieces_justificatives_service
2021-04-28 11:40:58 +02:00
Paul Chavard
2a068fb9b0
Remove user feedback buttons
2021-04-22 15:40:40 +01:00
Pierre de La Morinerie
d530b272a1
password: add specific page for reset instructions
2021-04-22 14:24:15 +02:00
Pierre de La Morinerie
62051c926a
app: move update_allow_decision_access to ExpertsController
2021-04-06 14:54:18 +02:00
Pierre de La Morinerie
c82c72402d
app: move the experts list to ExpertsProceduresController
2021-04-06 14:29:02 +02:00
Pierre de La Morinerie
7acb4cee83
controllers: use standard action names in ExpertsProceduresController
2021-04-06 13:45:51 +02:00
Pierre de La Morinerie
3f25624a5a
routes: nest ExpertsProcedures routes in a resource
2021-04-06 13:18:51 +02:00
kara Diaby
8a1cdf31e3
tests
2021-04-06 10:38:46 +02:00