Commit graph

15007 commits

Author SHA1 Message Date
kara Diaby
b6f931a968 add unique index on bulk messages join table 2021-07-27 20:32:28 +02:00
kara Diaby
69393c2921 modify groupe instructeur controller 2021-07-27 19:38:22 +02:00
kara Diaby
ab0782530c create Bulk Message model and migration 2021-07-27 19:38:22 +02:00
kara Diaby
9c976c6b71 fixup! tests 2021-07-27 19:38:21 +02:00
kara Diaby
77b57edb2f fixup! routes 2021-07-27 19:38:21 +02:00
kara Diaby
3869a848e9 fixup! layout 2021-07-27 19:38:21 +02:00
kara Diaby
9b1a522241 fixup! modify mailers 2021-07-27 19:38:21 +02:00
kara Diaby
c92b249340 fixup! modify models 2021-07-27 19:38:21 +02:00
kara Diaby
ed49d1b110 instructeur_procedures_controller 2021-07-27 19:38:21 +02:00
Paul Chavard
0263eea193
Merge pull request #6366 from betagouv/i18n-corrections
correction des clés
2021-07-27 15:19:09 +02:00
lydiasan
633d7cd8f2 correction des clés 2021-07-27 12:33:19 +02:00
Paul Chavard
d64c6c40d5
Merge pull request #6365 from betagouv/main
2021-07-23-02
2021-07-23 11:25:16 +02:00
Paul Chavard
b19763bd71
Merge pull request #6361 from tchak/fix-sort-dossiers
Fix sort with revisions
2021-07-23 11:06:20 +02:00
Paul Chavard
64cfb4d64e Fix sort with revisions 2021-07-23 10:57:04 +02:00
Pierre de La Morinerie
32ec1b6bfd
Merge pull request #6364 from betagouv/revert-6355-remove-filters-migration-leftover
Revert "Suppression de la clef `"migrated": true` sur les filtres des ProcedurePresentation" (#6355)
2021-07-23 10:15:19 +02:00
Pierre de La Morinerie
6475cdff7a
Revert "Suppression de la clef "migrated": true sur les filtres des ProcedurePresentation" 2021-07-23 09:26:13 +02:00
Pierre de La Morinerie
414e216972
Merge pull request #6363 from betagouv/main 2021-07-23 09:06:18 +02:00
Pierre de La Morinerie
3283009be0
Merge pull request #6362 from betagouv/add-unique-contraints
Ajout de contraintes d'unicités supplémentaires sur Champs, DeletedDossiers et Etablissements (#6362)
2021-07-23 08:57:10 +02:00
Pierre de La Morinerie
888e33ba4d lint: ensure all unique columns have a unique constraint 2021-07-22 18:00:39 +02:00
Pierre de La Morinerie
02120c7c5f db: add uniqueness constraints to Etablissement 2021-07-22 18:00:34 +02:00
Pierre de La Morinerie
dea3395c91 db: add uniqueness constraints to DeletedDossiers 2021-07-22 17:57:11 +02:00
Pierre de La Morinerie
3d25fc995a db: add uniqueness constraints to Champs 2021-07-22 17:56:14 +02:00
Pierre de La Morinerie
0fd23ebd43 db: fix schema.rb leftovers 2021-07-22 17:55:47 +02:00
Pierre de La Morinerie
0202747a9d
Merge pull request #6360 from betagouv/redirect-to-sign-in-on-autosave-401
En cas de déconnexion, l'Usager en train de remplir un formulaire est redirigé vers la page de connexion (#6360)
2021-07-22 12:06:49 +02:00
Pierre de La Morinerie
e1909ed29f brouillon: redirect to sign-in when disconnected
There are two cases where the draft auto-save might fail because the
user is no longer authenticated:

- The user signed-out in another tab,
- The brower quit and re-opened, so the Session cookie expired.

In both cases, the auto-save will never succeed until the user
authenticates again, so displaying a "Retry" button is cruel.

Moreover, in plus of all auto-save requests failing with a small error,
the actual hard failure only occurs after filling all the form and
trying to submit it. Then the user is redirected to the sign-in page –
but all their changes are lost.

Instead, we now redirect to the sign-in page on the first 401 error
during the auto-save, let the user sign-in, and then redirect back to
the form.
2021-07-22 11:58:02 +02:00
Pierre de La Morinerie
7808f6dd4f js: document utils.ajax() 2021-07-22 11:58:02 +02:00
Pierre de La Morinerie
c6fff58f38 js: fix typo in comment 2021-07-22 11:58:01 +02:00
Pierre de La Morinerie
071d9145ca js: don't attempt to log unexistent statusText 2021-07-22 11:58:01 +02:00
Paul Chavard
99b836da2c
Merge pull request #6357 from tchak/fix-false-positive-unspecified-tags-messages
Fix false positive unspecified tags messages
2021-07-22 11:23:35 +02:00
Paul Chavard
388fb39eb5 Fix false positive blank champ warnings 2021-07-22 10:45:25 +02:00
Paul Chavard
ac0f50b488 Improuve champ blank check 2021-07-22 10:45:25 +02:00
Pierre de La Morinerie
38b73f0fee
Merge pull request #6355 from betagouv/remove-filters-migration-leftover
Suppression de la clef "migrated": true sur les filtres des ProcedurePresentation (#6355)
2021-07-20 17:00:59 +02:00
Pierre de La Morinerie
fd74d9a062 lib: remove the 'migrated' key on filters
In a9a4f6e2a8, a task to migrate
ProcedurePresentation's filters was added.

This task added a "migrated: true" key to all migrated filters.

Now that this task has run, we can safely remove the extra key.
2021-07-20 16:51:32 +02:00
Pierre de La Morinerie
38c4da2deb lib: document ProgressReport usage 2021-07-20 16:51:32 +02:00
Pierre de La Morinerie
9f9e1fdab7
Merge pull request #6354 from betagouv/remove-outdated-tasks
Suppression d'anciennes tâches Rake (#6354)
2021-07-20 16:38:08 +02:00
Pierre de La Morinerie
fda59c9231 lib: remove outdated tasks 2021-07-20 15:34:31 +02:00
Paul Chavard
f0c81517f4
Merge pull request #6353 from betagouv/main
2021-07-20-03
2021-07-20 15:13:10 +02:00
Paul Chavard
2ecfa4ce66
Merge pull request #6352 from betagouv/limit-filter-size
Instructeurs : limitation de la valeur d'un filtre à 100 caractères
2021-07-20 15:02:53 +02:00
Pierre de La Morinerie
32ab2f0a80 instructeur: limit the maximum size of a filter value
This prevents the URL from exceeding the max size, and
causing '414: Request-URI too large' errors.
2021-07-20 14:49:48 +02:00
lydiasan
4efd160cad
Merge pull request #6112 from betagouv/edition-dossiers
i18n: traduction dossiers/edition
2021-07-20 14:29:33 +02:00
lydiasan
7de10731a6 i18n: localize dossiers edition 2021-07-20 14:18:20 +02:00
Paul Chavard
b7c0a42fd5
Merge pull request #6349 from tchak/fix-communes-autocomplete
Get more results from communes API and use local matcher
2021-07-20 13:44:41 +02:00
Paul Chavard
c7b0b8495b Get more results from communes API and use local matcher 2021-07-20 13:34:17 +02:00
Pierre de La Morinerie
6b948f1bd6
Merge pull request #6351 from betagouv/main 2021-07-20 13:20:41 +02:00
Pierre de La Morinerie
a08815d95f
Merge pull request #6332 from betagouv/fix-csrf-with-long-lived-cookie
Correctif pour diminuer le nombre d'erreurs InvalidAuthenticityToken ("La requête a été rejetée") (#6332)
2021-07-20 13:11:41 +02:00
Pierre de La Morinerie
5b4f7f9ae9 app: restore the default cache settings
We initially did that to avoid a browser being restarted to display a
cached form with a stale CSRF token – thus provoking an
InvalidAuthenticityToken exception when the form is submitted.

But now that we use a long-lived CSRF token, we can submit forms with
a stale CSRF token successfully (because the long-lived CSRF cookie)
is still valid – so we no longer need to change the HTML cache behavior.

This fixes issues where the browser Back button wants to display a
previous POST document, but can't because of the 'no-store' setting. In
this case the browser either displays an error, or re-attempts the POST
request (without any cookies), which results in an 
InvalidAuthenticityToken exception.

See `docs/adr-csrf-forgery.md` for more explanations.
2021-07-20 11:11:52 +02:00
Pierre de La Morinerie
831672391e app: use a long-lived cookie for CSRF token
See the ADR document for rationale.
2021-07-20 11:11:52 +02:00
Pierre de La Morinerie
446c57ed63 specs: add a feature test for forgery protection 2021-07-20 11:11:52 +02:00
Pierre de La Morinerie
a03d8d0705 controllers: remove useless handle_verified_request override
This is a leftover of 09933454ff
2021-07-20 11:11:52 +02:00
Pierre de La Morinerie
da3af3218b
Merge pull request #6348 from betagouv/main 2021-07-20 09:40:20 +02:00