Pierre de La Morinerie
97af50c700
app: fix detection of Chrome iOS and Firefox iOS as outdated browsers
...
For instance, Firefox iOS is reported as `firefox? true, version 20`.
As on iOS only the system-provided Webkit is allowed, we can instead
safely assume that all browsers on a recent iOS device are modern.
2019-12-03 16:09:41 +01:00
Pierre de La Morinerie
3212dfddca
app: allow hiding the browser banner for one week
2019-12-03 16:09:18 +01:00
Pierre de La Morinerie
2ee8cab067
app: display a deprecation banner for IE 11
2019-12-03 16:02:08 +01:00
Paul Chavard
7b947feae4
Rename demarche archivée to demarche close
2019-11-28 15:07:16 +01:00
Pierre de La Morinerie
68f5aae99d
autosave: add feature test
2019-11-21 14:00:06 +01:00
Pierre de La Morinerie
bff7892ba8
dossiers: autosave drafts
2019-11-21 14:00:06 +01:00
Matthieu FAURE
87813c42d9
Update config/env.example
...
Co-Authored-By: Keirua <Keirua@users.noreply.github.com>
2019-11-20 15:40:02 +01:00
Matthieu FAURE
1f2f904f8f
Update config/env.example
...
Co-Authored-By: Keirua <Keirua@users.noreply.github.com>
2019-11-20 15:39:50 +01:00
Matthieu FAURE
85bbafc256
Update config/env.example based on @keirua review
...
Co-Authored-By: Keirua <Keirua@users.noreply.github.com>
2019-11-20 11:03:19 +01:00
Matthieu FAURE
0089a9d520
Update config/env.example based on @keirua review
...
Co-Authored-By: Keirua <Keirua@users.noreply.github.com>
2019-11-20 11:01:54 +01:00
Matthieu FAURE
98d545b1d9
Update config/env.example based on @keirua review
...
Co-Authored-By: Keirua <Keirua@users.noreply.github.com>
2019-11-20 11:01:27 +01:00
Matthieu FAURE
1a63d7e4e2
DOC ajout commentaires + explications pour env.example
2019-11-19 15:24:57 +01:00
simon lehericey
874439580b
Pluralize some texts
2019-11-18 17:08:51 +01:00
simon lehericey
9ca026a630
Use a select2 box for looking to instructeurs
2019-11-18 17:08:51 +01:00
Alexandre Friquet
8f5203cc2e
Merge branch 'dev' into 4482-echec-initilaisation-env-dev
2019-11-14 17:07:28 +01:00
Alexandre Friquet
d9680252b0
Fixes missing database on initialization: closes #4482 .
2019-11-14 09:17:39 +01:00
Paul Chavard
ba03dbf8dd
[GraphQL] Add dossierEnvoyerMessage mutation
2019-11-13 19:54:27 +01:00
Paul Chavard
f7cbbe815c
[GraphQL]: Add default query to playground
2019-11-13 15:53:56 +01:00
Paul Chavard
9ce81f665b
[GraphQL]: fix geo_areas docs
2019-11-13 15:53:56 +01:00
Paul Chavard
fe84e8e0f7
Remove carrierwave
2019-11-12 15:26:18 +01:00
clemkeirua
6351eabfdd
remove notification to report-uri in production
2019-11-07 17:32:40 +01:00
clemkeirua
04c13190c3
introduce smtp_key in order to use 2 different sendinblue keys
...
client_key is exposed to the client via gon, so if we use it for sending email too we are exposing a key so anybody could send an email.
The current client_key has a different level of right and can't send emails so it's ok to expose it.
2019-11-06 13:34:36 +01:00
clemkeirua
959aacdea5
Sendinblue email balancing using proper credentials
...
This reverts commit c61981e795
.
2019-11-06 13:34:36 +01:00
clemkeirua
c61981e795
Revert "Sendinblue email balancing using interceptor"
...
This reverts commit b2135b6576
.
2019-11-04 15:55:08 +01:00
Chaïb Martinez
b2135b6576
Sendinblue email balancing using interceptor
...
Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
2019-11-04 15:30:44 +01:00
Pierre de La Morinerie
8e6930d257
instructeurs: fix ProcedurePresentation to use instructeur.user.email
...
The `joins` are declared explicitely in order to associate a predictable
name to the joined table.
Otherwise, when the query is joined with `:users`, ActiveRecord will
alias the join automatically to solve the conflict. Unfortunately, the
automatic resolution means that the table name becomes unpredictable,
and thus unsuitable to perform queries on.
2019-11-04 10:44:24 +01:00
Paul Chavard
18e91e7ca3
Extend old export format till mid-November
2019-10-31 17:11:46 +01:00
Nicolas Bouilleaud
72b7ff221c
move procedure to new design
2019-10-31 10:27:19 +01:00
Paul Chavard
73d4ecf35d
Add a DS_PROXY_URL env variable
2019-10-30 16:15:38 +01:00
simon lehericey
477f7c9837
Remove instructeur
2019-10-30 14:27:51 +01:00
simon lehericey
79b808470c
Add instructeur
2019-10-30 14:27:51 +01:00
simon lehericey
94081a3997
Show Groupe Instructeur
2019-10-30 14:27:51 +01:00
simon lehericey
4491dca19a
Index Groupe Instructeur
2019-10-30 14:27:51 +01:00
Paul Chavard
6a3d725134
Revert "Revert "Decommission ActiveStorage proxy service and use openstack service""
...
This reverts commit 71227be37f
.
2019-10-30 12:11:45 +01:00
simon lehericey
71227be37f
Revert "Decommission ActiveStorage proxy service and use openstack service"
...
This reverts commit 0ff6c793ae
.
2019-10-29 10:30:40 +01:00
Jérôme Desboeufs
86819cd532
Fix typos
2019-10-25 09:41:22 +02:00
simon lehericey
54d6d21c27
Add Pg statement timeout variable to allow long migration
2019-10-24 15:54:25 +02:00
simon lehericey
fbe93e0fce
Fix pluralization in search page
2019-10-23 21:47:20 +02:00
simon lehericey
35bba62297
Update routing critéria name
2019-10-23 21:47:20 +02:00
simon lehericey
a5ffe9f54b
Remove instructeur from the group
2019-10-23 21:47:20 +02:00
simon lehericey
a6deafd885
Add instructeurs to groupe
2019-10-23 21:47:20 +02:00
simon lehericey
3dd3af8482
Groupe instructeur update
2019-10-23 21:47:20 +02:00
simon lehericey
9a6336f508
Groupe instructeur create
2019-10-23 21:47:20 +02:00
simon lehericey
733e83cc54
Groupe instructeur show
2019-10-23 21:47:20 +02:00
simon lehericey
2749c00ce3
Groupe instructeur index
2019-10-23 21:47:20 +02:00
Paul Chavard
0ff6c793ae
Decommission ActiveStorage proxy service and use openstack service
...
We are making these changes in order to always use DS_Proxy. Before this change DS_Proxy was not used to write files when ActiveStorage was used directly and not through “direct upload”.
2019-10-23 17:58:00 +02:00
Paul Chavard
86b271997b
Invite experts to linked dossiers
...
closes #3669
2019-10-23 13:10:09 +02:00
Pierre de La Morinerie
d542bca8de
admin: relabel the number
champ
...
Avoid two type de champs having the same label.
Soon this champ will even be deprecated and disappear.
Ref #4414
2019-10-22 15:59:43 +02:00
clemkeirua
4a6893d88b
migrate sendinblue API to v3
2019-10-22 10:06:53 +02:00
clemkeirua
43424e4f4e
merge with the work of paul, using 3 links
2019-10-22 09:51:14 +02:00
clemkeirua
70ea5e167e
procedure download is performed through a controller in order not to leak the URL
2019-10-22 09:50:58 +02:00
clemkeirua
1af2b63ed1
initial implementation of async export
2019-10-22 09:50:58 +02:00
simon lehericey
1e8e45232a
Setup a timeout on long query
2019-10-17 16:45:18 +02:00
simon lehericey
f31c184b56
[ fix #1537 ] Remove simple_form gem
2019-10-08 11:08:35 +02:00
clemkeirua
d3063c0b63
remove download_as_zip feature flag
2019-10-03 10:48:24 +02:00
Paul Chavard
5a7e415474
Put graphql behind a feature flag
2019-09-24 10:47:21 +02:00
Paul Chavard
a51fc75628
Expose graphiql
2019-09-24 10:47:21 +02:00
Paul Chavard
91ad9bd7d3
Configure GraphQL::RailsLogger
2019-09-24 10:47:21 +02:00
Paul Chavard
bf6fbbf2b6
Add graphql end point
2019-09-24 10:47:21 +02:00
Paul Chavard
52e84f2ffe
Add graphql object types
2019-09-24 10:47:21 +02:00
Nicolas Bouilleaud
3e2985b305
First attempt at procedure stats
...
fixes #3945 , #3946 , #3948
2019-09-17 16:43:48 +02:00
Nicolas Bouilleaud
c26a701a17
Refactor and redesign publish modal
...
* remove the autocomplete menu
* use ujs to pre-validate the procedure
* tweak the UI
2019-09-17 16:30:48 +02:00
Nicolas Bouilleaud
92e6032115
Remove path availability dead code when creating/editing a procedure
...
There’s no “path” field anymore in the Procedure form, it can only be set when publishing.
2019-09-17 16:30:48 +02:00
Paul Chavard
d24e0e72a7
Correctly create new flipper flags
2019-09-12 10:46:13 +02:00
Paul Chavard
65e227c44b
Migrate to flipper
2019-09-10 16:10:14 +02:00
Chaïb Martinez
dd6c6bfe7a
mailers: add a NO_REPLY address to transactional emails
2019-09-10 13:37:28 +02:00
Paul Chavard
7ffb98e616
Remove carrierwave uploaders
2019-09-10 10:49:12 +02:00
Chaïb Martinez
f2386a5800
Add crips help domaine to defaut policy src
...
[fix #4234 ]
Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
2019-08-27 10:30:10 +02:00
simon lehericey
86d968bb8e
Use rack_attack_enabled?
...
We cannot enable rack attack during the tests as it interferes with features spec.
So we add a flag to enable it during the runtime.
2019-08-20 13:29:29 +02:00
simon lehericey
0f0fecdb25
RackAttack: use remote ip and test it !
2019-08-20 13:29:29 +02:00
pedong
fc8cebd78d
add Gem rack_attack for prevent attack brute-force
2019-08-20 13:29:29 +02:00
simon lehericey
840be2408e
Remove administrateur devise methods
2019-08-14 15:06:15 +02:00
Paul Chavard
e68d2cf5e2
Enable champ repetition for all
2019-08-14 12:53:51 +01:00
Paul Chavard
9eaf14968f
Enable export v2 for all
2019-08-14 12:53:51 +01:00
Paul Chavard
0969b1f85f
Enable email_login_token for all gestionnaires
2019-08-14 12:53:51 +01:00
simon lehericey
5fdac38cb2
Fix instructeur invitation
2019-08-13 15:15:16 +02:00
simon lehericey
a84e07a376
Remove instructeur devise methods
2019-08-13 15:15:16 +02:00
simon lehericey
1d6b80cb53
Remove strange admin sign_in route
2019-08-13 14:13:48 +02:00
simon lehericey
5bda753735
Remove all devise route and controller for instructeur and administrateur
2019-08-13 14:13:48 +02:00
simon lehericey
1fb26451d3
Remove demo route
2019-08-13 14:13:48 +02:00
simon lehericey
a4b9eecded
Remove unused devise session controller
2019-08-13 14:13:48 +02:00
Nicolas Bouilleaud
17579ab8a5
Rename Gestionnaire to Instructeur in seeds.rb
2019-08-13 14:04:23 +02:00
Nicolas Bouilleaud
7c7947adeb
Rename gestionnaire to instructeur in a comment
...
About an (unused for now) env var.
2019-08-13 10:27:49 +02:00
simon lehericey
3fde2a6f70
Rename gestionnaire in code to instructeur
2019-08-12 13:47:01 +02:00
simon lehericey
6902f84b85
Brutally rename gestionnaire filename to instructeur
2019-08-12 13:47:01 +02:00
simon lehericey
bb8d65c6b4
Subtly rename admin/instructeurs to admin/assigns
2019-08-12 13:47:01 +02:00
maatinito
8d3e3baabc
#3928 administrator new & edit pwd pages
2019-08-01 17:12:14 +02:00
maatinito
0b0ef8a318
#3928 Zxcvbn service to compute password complexity
2019-08-01 17:12:14 +02:00
maatinito
3703a71ea3
#3928 Added constants to define password min length & complexity
2019-08-01 17:12:14 +02:00
clemkeirua
38b48f4217
transition from accepte to instruction as superadmin
2019-08-01 10:29:51 +02:00
Paul Chavard
6cfad01d12
Stop using Flipflop as switch for weekly_overview
2019-07-31 15:15:09 +02:00
Paul Chavard
25db21467d
Stop using Flipflop as switch for Fog
2019-07-31 15:15:09 +02:00
Pierre de La Morinerie
95e24392f9
models: remove old pieces justificatives
2019-07-30 16:11:17 +02:00
Pierre de La Morinerie
212d1f8cea
locales: remove references to old pj
2019-07-30 16:11:17 +02:00
Pierre de La Morinerie
0c4cb3b498
admin: remove UI for managing old pj
2019-07-30 16:11:16 +02:00
Nicolas Bouilleaud
7205f4da9e
L'enfer du Nord Paris-Roubaix (Tour de France, Tour de France)
2019-07-30 14:47:48 +02:00
pedong
9438f962c5
add alert for account is locked
2019-07-29 17:48:44 +02:00
pedong
8d03a6747c
add lockable to User, Gestionnaire, administration, Administrateur
2019-07-29 17:48:44 +02:00
clemkeirua
99421545ab
replaced api-carto endpoint
2019-07-23 16:21:15 +02:00
clemkeirua
f166077f5e
ajout d'un bouton de suppression des admin dans le manager
2019-07-23 16:11:15 +02:00
clemkeirua
92ec627425
update brakeman configuration
2019-07-17 18:04:32 +02:00
clemkeirua
d8b63cd4c9
added 'monavis' inside the procedure and for users
2019-07-17 18:04:32 +02:00
clemkeirua
25f81f1d3c
download a dossier as zip with all attachments
2019-07-16 09:11:25 +02:00
Pierre de La Morinerie
76335511c8
omniauth: protect against CSRF
...
See https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284
2019-07-15 18:16:00 +02:00
Pierre de La Morinerie
56c846900b
champs: improve validation message of numeric fields
...
Replaces
> Champs value doit être un nombre
by
> La valeur du champ doit être un nombre entier (sans chiffres après
> la virgule)
2019-07-11 15:12:48 +02:00
Paul Chavard
3cb39c2840
Refactor message attachements to use active_storage
2019-07-10 15:35:29 +02:00
Pierre de La Morinerie
055fc63c45
profile: improve email success message wording
2019-07-10 11:31:09 +02:00
simon lehericey
ea79b9a595
typo: use ’
2019-07-09 11:55:17 +02:00
simon lehericey
d36f6ebcd7
[ fix #1709 ] A user can change its email
2019-07-09 11:55:17 +02:00
simon lehericey
0f9fdf3f75
Activate device email change confirmation
2019-07-09 11:55:17 +02:00
simon lehericey
d68d2be798
Profil: accessible to all roles
2019-07-09 11:55:17 +02:00
Mathieu Magnin
b34f8fbe3d
Add ActionText
2019-07-03 13:15:49 +02:00
simon lehericey
4b154983fb
Landing: voir les démarches -> comment trouver ma démarche
2019-07-03 12:59:09 +02:00
simon lehericey
c7e10fc43f
Manager: remove repasser_en_instruction
2019-07-02 18:40:20 +02:00
simon lehericey
b79220e711
UI
2019-07-02 18:35:47 +02:00
Paul Chavard
fb0ef15e3c
Export dossiers v2
2019-07-02 14:20:29 +02:00
clemkeirua
dfefb827d9
missing connect-src
2019-07-02 10:50:10 +02:00
clemkeirua
d6f2de2fbf
enable static + activate csp in production
2019-07-02 09:40:38 +02:00
clemkeirua
0cfd3e3c1f
disable csp
2019-07-01 12:10:08 +02:00
clemkeirua
eaf850c1e9
enable csp
2019-06-27 11:10:29 +02:00
clemkeirua
f19b5f8911
fix csp rule for crisp websocket
2019-06-26 12:37:55 +02:00
clemkeirua
7064f7e973
enable crisp websockets and css
2019-06-25 17:39:08 +02:00
clemkeirua
d3c6021ef4
add duplicate rules as fallback
2019-06-20 11:34:24 +02:00
clemkeirua
dc6c2e6bc0
add missing elements
2019-06-17 17:05:08 +02:00
Nicolas Bouilleaud
eb592f8ddf
Add manager controller for bill signatures
2019-06-17 16:16:28 +02:00
Nicolas Bouilleaud
f355f849a6
Add BillSignature Model
2019-06-17 16:16:28 +02:00
Nicolas Bouilleaud
dace9a53d3
Add Universign timestamp API query
2019-06-17 16:16:28 +02:00
clemkeirua
765b10026e
more generic elements to the security policy
2019-06-17 09:51:27 +02:00
pedong
abcd58c35d
[ fix #3710 ] date with letter
...
Co-Authored-By: simon lehericey <mail@simon.lehericey.net>
2019-06-12 17:48:12 +02:00
Chaïb Martinez
eccd456325
Add crisp
...
Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
2019-06-05 17:41:47 +02:00
Paul Chavard
ff44b7a600
Refactor purge pj to be more generic
2019-05-29 15:54:51 +02:00
Pierre de La Morinerie
d410e31344
active_storage: document the virus scan hooks
2019-05-28 11:39:22 +02:00
Paul Chavard
6a3413018a
Refresh attachments with virus scan result
2019-05-21 14:21:55 +02:00
Paul Chavard
cc4eba2b36
Less mokey patching
2019-05-21 14:21:42 +02:00
clemkeirua
5cbbbb8d3e
more whitelist for the common domains we use
2019-05-20 09:52:44 +02:00
Paul Chavard
42235e81b1
Use active storage load hook to extend blob
2019-05-16 20:43:01 +02:00
Paul Chavard
348b15f595
Put devtools behind feature flags
2019-05-15 18:10:25 +02:00
clemkeirua
6fe4031b2e
use constant for localhost
2019-05-15 16:33:27 +02:00
clemkeirua
b670b60ac6
changement de l'URI de report-uri
2019-05-15 15:32:00 +02:00
Pierre de La Morinerie
abfeb1c2db
locales: remove unused carrierwave localisation
...
- It was broken since the renaming of `extension_white_list` to
`extension_whitelist` (f0ed61cce8
)
- The localisation is already included in the `carrierwave-i18n` gem
- The localisation included in the gem is better than ours (it mentions
which extensions are allowed).
2019-05-15 14:39:40 +02:00
Pierre de La Morinerie
d431eeeb93
carrierwave: fix typo
...
Turns out the `openstack_identity_api_version` has not actually been
filled out for a while, because of a typo.
2019-05-15 14:03:15 +02:00
Paul Chavard
9725f2a418
Enable new champs editor for all
2019-05-14 16:18:29 +02:00
Paul Chavard
3446782cd0
Remove deprecated editor
2019-05-14 16:18:29 +02:00
Paul Chavard
dba8d65137
Track dossier operations with author and subject
2019-05-14 14:31:03 +02:00
Chaïb Martinez
3004f96cf5
Add video and webinar URLs to admin pages
...
Fix #3850
Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
2019-05-13 17:47:02 +02:00
clemkeirua
675cc5150c
update on the security policy headers
2019-05-09 14:55:21 +02:00
Nicolas Bouilleaud
3ff0c83485
Add multi-admin UI
...
refs #1626
2019-05-06 16:19:08 +02:00
clemkeirua
2ae02a132b
Report-Only for tests
2019-05-06 10:07:51 +02:00
clemkeirua
64b858ef19
handle Gon + add report-uri URL
2019-05-06 10:07:51 +02:00
clemkeirua
8582b08a98
add security policy
2019-05-06 10:07:51 +02:00