Christophe Robillard
15a395fbc7
superadmin: check complexity password server side
2020-12-15 16:26:09 +01:00
Christophe Robillard
94b3ec942b
super_admin: check password complexity client side
2020-12-15 16:26:09 +01:00
Fabrice Gangler
3a9f82bd6f
Fix(form /contact-admin): use APPLICATION_NAME
...
Refs: #5799
2020-12-15 16:14:51 +01:00
Fabrice Gangler
064ea776c7
allow default logo of a procedure to be configured in .env file
...
Refs: #5795
2020-12-14 13:41:10 +01:00
simon lehericey
b19dc34cc1
fix deploy i_am_a_worker_test
2020-12-11 09:50:17 +01:00
Paul Chavard
3c6e30a326
Show titre identite link only once watermark is added
2020-12-10 16:50:03 +01:00
clemkeirua
704cafc385
restart delayed_job only for workers
2020-12-10 15:12:05 +01:00
Paul Chavard
5c07882679
Merge pull request #5768 from adullact/5764_allow_images_to_be_configured
...
#5764 - Allow logos (mail, webapp) and favicons to be configured in .env file
2020-12-10 12:54:55 +01:00
Paul Chavard
5e29bb02b2
Merge pull request #5753 from adullact/5752_doc_add_DEMANDE_INSCRIPTION_ADMIN_PAGE_URL_to_env.example.optional
...
#5752 - Doc: add DEMANDE_INSCRIPTION_ADMIN_PAGE_URL to env.example.optional file
2020-12-10 12:54:26 +01:00
Christophe Robillard
23ae528c6b
affiche Madame ou Monsieur
...
mais continue à enregistrer en base Mme ou M.
2020-12-08 21:30:54 +01:00
Fabrice Gangler
0d80d2ddd1
allow logos (mail, webapp) and favicons to be configured in .env file
...
Refs: #5764
2020-11-27 01:41:47 +01:00
Fabrice Gangler
fe630b02b0
doc: add DEMANDE_INSCRIPTION_ADMIN_PAGE_URL to env.example.optional file
...
Refs: #5752
2020-11-25 19:51:48 +01:00
Paul Chavard
18dfacb933
Make watermark configurable
2020-11-25 16:19:06 +01:00
Paul Chavard
b48e7813d2
Put watermark code behind a feature flag
2020-11-25 16:19:06 +01:00
Paul Chavard
371179dc5b
Watermark titres identite
2020-11-25 16:19:06 +01:00
Fabrice Gangler
d3caf30bf3
allow CGU URL and Legal Notice URL to be configured in .env file
...
Refs: #5754
2020-11-20 22:11:42 +01:00
Christophe Robillard
d91e9b372f
add sendinblue login link to manager
2020-11-16 12:19:54 +01:00
Christophe Robillard
9347951cea
act as an saml identity provider
2020-11-16 12:19:54 +01:00
clemkeirua
fc690df554
add access to super admins to delayed_job and flipper
2020-11-09 07:48:15 +00:00
Christophe Robillard
5562e65bf3
refacto: rename administration to super_admin
2020-11-05 16:03:55 +01:00
Christophe Robillard
a88172eb01
configure otp_secret_key secret
2020-11-05 16:03:55 +01:00
Christophe Robillard
efd8ec85e8
recover superadmin password or reset otp
2020-11-05 16:03:55 +01:00
Christophe Robillard
8d23f6ae99
remove useless redirection for manager sign_in and out
...
The manager alias for signin causes layout problems
2020-11-05 16:03:55 +01:00
Christophe Robillard
2a0ebd062a
enable 2FA for manager
...
when trying to access manager, if superadmin did'nt enable otp, he/she is redirected to a page to enable 2FA. When superadmin is enabling 2FA, he has to to scan a qrcode with the 2FA application client. And afterwards, the superadmin has to log in with email, password and OTP code.
2020-11-05 16:03:55 +01:00
Christophe Robillard
305ccdc0cd
add recoverable and two_factor stragegy for administration
2020-11-05 16:03:55 +01:00
Christophe Robillard
6c2eb22960
remove github authentication for manager
2020-11-05 16:03:55 +01:00
simon lehericey
d82d1132c2
Remove rack_mini_profiler from prod as it could show env var and force us to allow unsafe_eval and script in csp
2020-10-30 17:08:31 +01:00
kara Diaby
3d56b1d8b0
fix bootstrap cdn
2020-10-22 15:00:01 +02:00
clemkeirua
f298d2c2ba
dedicated screen for inspecting user emails
2020-10-13 17:36:43 +02:00
clemkeirua
d7fff61d5d
ajout de la gem sendinblue
2020-10-13 17:36:43 +02:00
clemkeirua
27b8797296
ajout d'une route /manager/users/:id/emails
2020-10-13 17:36:43 +02:00
Kara Diaby
0bd48999bd
Revert "feat/5635 - Supprime la possibilité pour l'expert invité d'envoyer un message"
2020-10-12 09:24:34 +02:00
kara Diaby
6636b7f14c
Supprime la possibilité pour l'expert invité d'envoyer un message à l'usager
2020-10-08 11:14:09 +02:00
Paul Chavard
0aa06d0197
[GraphQL] expose dossier pdf, geojson and attestation
2020-10-06 21:54:43 +02:00
kara Diaby
57adb90c8f
add the possibility for administrator to refuse external review on a specific procedure
2020-10-01 10:55:19 +02:00
kara Diaby
e174079850
fix send a copy link
2020-09-30 10:03:08 +02:00
clemkeirua
0d88674cea
better translations
2020-09-25 09:35:16 +00:00
Paul Chavard
a49c962ab3
Redirect demandes to DEMANDE_INSCRIPTION_ADMIN_PAGE_URL
2020-09-24 09:57:43 +02:00
Paul Chavard
ea4bcf59ad
remove demandes/new page
2020-09-23 16:27:17 +02:00
kara Diaby
cb4e91c405
Add iban type de champ
2020-09-23 15:56:26 +02:00
Christophe Robillard
61ea73580f
use buttons instead of select for contact page
2020-09-22 16:09:15 +02:00
clemkeirua
111f309c7f
changement de l'adresse de création de compte administrateur
2020-09-21 17:02:37 +02:00
clemkeirua
f9c4e967d6
remove :autosave_dossier_draft
2020-09-21 08:46:01 +00:00
kara Diaby
5c68d75107
add titre_identite champ
2020-09-18 14:57:08 +02:00
clemkeirua
1e32a3c11f
add complexity check to admin account creation
2020-09-18 11:16:34 +02:00
clemkeirua
08d0fa80fa
remove old route
2020-09-17 14:03:31 +02:00
clemkeirua
6643b598c3
remove :administrateur_graphql
2020-09-17 09:24:50 +02:00
clemkeirua
1be07c1ef5
remove :administrateur_champ_integer_number
2020-09-17 09:24:50 +02:00
clemkeirua
01ac4d7e19
remove operation_log_serialize_subject
2020-09-17 09:24:50 +02:00
kara Diaby
13e4589905
Publications page to the new UI (admin)
2020-09-16 09:15:44 +02:00
simon lehericey
5459c2fa7f
Fix uninitialized excon constant
2020-09-08 18:36:24 +02:00
simon lehericey
19d73f13f0
variabilize banner message
2020-09-08 14:52:42 +02:00
kara Diaby
ae61c279af
migrate emails text editor to new interface
2020-09-03 14:42:22 +02:00
simon lehericey
bd6705b90a
Remove image and video analyzer which are not used
2020-09-02 17:00:26 +02:00
Judith
7eee9beed7
adapting the specs
2020-09-01 16:48:41 +02:00
Judith
9553dae7bd
gem devise-i18n added to Gemfile to remove the config/locales/devises.*.yml files.
2020-09-01 16:47:40 +02:00
Judith
25a24ba7c8
removal of translation keys already present in the gem rails-i18n
2020-09-01 16:33:58 +02:00
Fabrice Gangler
1a43f888fb
Feat: allow to disable France-Connect
...
Refs: #5440
2020-09-01 15:51:10 +02:00
Judith
7bc5a0a278
internationalization of /contact-admin
2020-09-01 12:58:19 +00:00
Fabrice Gangler
60d6b1909d
Fix for using APPLICATION_NAME in .env file
...
Refs: #5450
2020-08-28 03:46:19 +02:00
Judith
af25fdd77c
gem http_accept_language installed and (de)activable with feature flag
2020-08-27 16:15:01 +02:00
Judith
bfa4231f5e
date and number formats changed according to rails-I18n locale
2020-08-27 11:03:34 +02:00
Judith
2f0953692c
Internationalization of the Contact page in FR and EN
2020-08-27 11:03:34 +02:00
Pierre de La Morinerie
82c89fb56f
config: remove comment about ActiveStorage integration with VirusScanner
...
As the comment states, it would be nice to load the Virus Scanner on
the Attachment (rather than the blob).
However, in order not to clobber the blob metadata, we want to run the
VirusScanner once the blob analyzer did run.
And the most direct way to detect that the blob analyzer did run is to
add an `on_update_commit` hook on the blob, as this hook will be
trigerred when saving changes to the metadata. This is what the current
solution uses.
So the current solution is almost optimal, and has a low chance of
accidentally clobbering the blob metadata – as the virus scanner is only
started when the analysis phase is finished.
2020-08-26 16:11:01 +02:00
Christophe Robillard
090a247ba9
validates phone champ server side
2020-08-20 15:33:03 +02:00
Pierre de La Morinerie
d77efec7a0
config: enable active_record.belongs_to_required_by_default
2020-08-18 15:57:37 +02:00
Pierre de La Morinerie
ededf5c6c5
config: don't explicitely eager-load lib/
...
Rationale:
- `lib/` is supposed to contain code mostly independant from Rails;
- By default, Rails doesn't eager-load `lib/` anymore (this used to be
the case, but since a few releases).
If this commits triggers some errors, then these errors should be fixed
(rather that `lib/` being added again to the load path).
2020-08-18 11:02:09 +02:00
Pierre de La Morinerie
c514898b84
config: don't explicitely eager-load controllers/concerns
...
Per the documentation, Rails automatically loads `**/concerns` paths.
See https://guides.rubyonrails.org/autoloading_and_reloading_constants_classic_mode.html#autoload-paths-and-eager-load-paths
2020-08-18 11:02:09 +02:00
kara Diaby
9b66c894b2
Adapt configuration email view to the new UI
2020-08-06 16:56:24 +02:00
Pierre de La Morinerie
527a330c7a
config: use Rails 6.0 config defaults
...
We already flipped the new defaults, so this is a no-op.
2020-08-05 17:22:46 +02:00
Pierre de La Morinerie
bc0244456c
config: explicitely use the classic autoloader
...
I'm sure we can use zeitwerk in the future, but let's retain the classic
loader until the config issues are proved to be safe.
2020-08-05 17:22:46 +02:00
Pierre de La Morinerie
fbbcd97463
config: flip config.active_record.collection_cache_versioning
...
This is related to internal cache implementation, and doesn't affect us.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
4a9f081cfc
config: flip config.action_mailer.delivery_job
...
This is safe in all cases – except that it prevents a downgrade to
Rails 5. We don't intend to downgrade now, so this is fine.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
b556e2a99a
config: flip config.active_storage.replace_on_assign_to_many
...
We don't have any `has_many_attached` relations in the code base, so
this is safe.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
54a4db1c47
config: flip config.active_storage.queues
...
ActiveStorage jobs are now moved to their own queue.
For consistency, we also move our own analysis jobs (VirusScannerJob)
on the same `:active_storage_analysis` queue.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
c6cdd08373
config: flip config.active_job.return_false_on_aborted_enqueue
...
We don't have any instance of aborting inside a job in the code base,
so this setting is safe to flip.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
65809f8ea0
config: flip action_dispatch_return_only_media_type_on_content_type
...
This makes `ActionDispatch::Controller#content_type` return not only
the MIME type, but also in some circumstances the charset.
Example:
```ruby
reponse.content_type == 'text/html; charset=utf-8'
```
The MIME type-only fragment can now be accessed using `#media_type`.
Changes to the tests are not stricly necessary (because no charset is
present in the actual value), but represent the intent better.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
8427f0eb75
config: flip config.action_dispatch.use_cookies_with_metadata
...
This makes cookies more secure, by adding an automatic "purpose" field
to each cookie.
Cookies generated by Rails 5 are still forward-compatible. However
from now on the generated cookies will not be backward-compatible with
Rails 6.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
e8fa65f79d
config: flip config.action_view.default_enforce_utf8
...
This prevents charset workaround on IE 8 and lower. We don't support
these browsers anyway, so we can flip the feature off.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
a1be888f7c
config: use Rails 5.2 config defaults
2020-08-05 16:48:29 +02:00
Pierre de La Morinerie
0d55919fab
config: use Rails 5.1 defaults
...
New or changed defaults are:
- config.assets.unknown_asset_fallback: false
- config.action_view.form_with_generates_remote_forms: true
2020-08-05 13:02:56 +02:00
Kara Diaby
4afc07c677
Merge pull request #5403 from tchak/add-carte-ign
...
Add carte ign
2020-08-03 11:04:32 +02:00
jpoulvel
bf94cc021b
Merge pull request #5424 from betagouv/new_design_edit_attestation
...
New design page admin/attestation_templates/edit
2020-07-31 11:18:22 +02:00
Paul Chavard
4c87e547b3
Put IGN map behind a feature flag
2020-07-30 17:22:28 +02:00
Paul Chavard
f1cbc9846e
Add carte ign
2020-07-30 16:58:20 +02:00
Keirua
b3e98048f9
Merge pull request #5418 from betagouv/mise-en-avant-france-connect
...
#5428 - France connect avant les boutons de login/signup
2020-07-30 10:32:12 +02:00
jpoulvel
62e04a6ca9
Merge branch 'dev' into new_design_edit_attestation
2020-07-30 09:53:09 +02:00
kara Diaby
d4c6e501c6
Ajoute la liste des démarches de l'interface administrateur sur la nouvelle UI
2020-07-29 15:35:52 +02:00
Judith
5df3838173
- tranferred controllers from admin to mew_administrateur
...
- removed admin/attestation_templates views
- changed routes accordingly
2020-07-29 12:26:27 +02:00
Keirua
347dbe4c87
Merge pull request #5417 from betagouv/cleanup-incident-janvier
...
Suppression du message d'alerte suite aux problèmes d'upload
2020-07-29 11:00:12 +02:00
clemkeirua
b8eea05163
ajout de traductions
2020-07-29 09:27:16 +02:00
clemkeirua
db0d230531
add cdn.jsdeliver.net to the CSP
2020-07-27 16:54:46 +02:00
clemkeirua
de1df85462
suppression du message d'alerte suite aux problèmes d'upload
2020-07-27 10:32:03 +02:00
Fabrice Gangler
1352cde321
Feat: allow emails senders to be configured in .env file
...
Refs: #5408
2020-07-24 10:50:55 +02:00
clemkeirua
7e085c657d
specific deactivation of rubocop DS/ApplicationName rule
2020-07-23 16:20:16 +02:00
clemkeirua
c658428441
added application name in config/
2020-07-23 16:17:54 +02:00
clemkeirua
c1208add62
remplacement de demarches-simplifiees.fr par un paramètre dans les vues
2020-07-23 16:16:36 +02:00
clemkeirua
31a262efef
extraction d'urls doc/faq/… dans url.rb
2020-07-23 16:16:36 +02:00
clemkeirua
3340a2b091
ajout du nom d'application tot au demarrage
...
The application name is used in the views, but also in the initializers and in the config/ directory
According to rails doc (https://guides.rubyonrails.org/v6.0/configuring.html#locations-for-initialization-code ),
if we want to do some things before the initializers and the environment, the only place to do so is in config/application.rb
2020-07-23 16:16:36 +02:00
Paul Chavard
8b9e73a30a
Merge pull request #5382 from adullact/feat_status-page-customisation
...
#5379 - Allow status page URL to be configured in the .env file
2020-07-22 22:10:58 +02:00
Paul Chavard
35461f0159
Add revisions migrations
2020-07-21 19:35:30 +02:00
Keirua
b2aa90b729
Merge pull request #5392 from betagouv/fix-CI-accessibility-errors
...
Fix CI accessibility errors
2020-07-21 17:15:45 +02:00
krichtof
8c5308b9dc
Merge pull request #5396 from betagouv/5395-relancer-expert
...
5395 instructeur : relance un expert pour une demande d'avis
2020-07-21 15:02:53 +02:00
Christophe Robillard
689a51588f
translations for avis list view
2020-07-21 10:46:55 +02:00
Fabrice Gangler
62672c02e0
move STATUS_PAGE_URL into env.example.optional
2020-07-20 16:37:31 +02:00
Fabrice Gangler
f7402afa06
add env.example.optional
2020-07-20 16:31:02 +02:00
Christophe Robillard
d9cb5c067f
relance un expert
2020-07-20 16:26:16 +02:00
Christophe Robillard
bde8fe2c5d
update wording for revoke
2020-07-20 16:08:35 +02:00
Pierre de La Morinerie
b192b48fc7
config: use Rails 5.0 options
...
Stop overriding Rails 5.0 options, and use the framework defaults.
(Except for `active_record.belongs_to_required_by_default`, which is a
lot of work and will be fixed later.)
2020-07-20 15:54:48 +02:00
clemkeirua
c0cf8b1341
fix display of labels for datetime on screenreaders
2020-07-20 11:37:01 +02:00
Gangler Fabrice
39feca251d
allow status page URL to be configured in .env
2020-07-17 15:53:49 +02:00
Christophe Robillard
3ea34834a7
revoke expert avis
2020-07-16 21:05:11 +02:00
kara Diaby
9dc542af09
Revert "Revert "Feat/5287 - New design for admin procedure detail""
...
This reverts commit cf5eb3f251
.
2020-07-15 17:00:03 +02:00
Christophe Robillard
8111babdd6
user: revoque un invité sur un dossier
2020-07-14 18:25:31 +02:00
Kara Diaby
cf5eb3f251
Revert "Feat/5287 - New design for admin procedure detail"
2020-07-13 11:36:42 +02:00
kara Diaby
7f3b38cfee
Merge admin dashboard to new design for procedure details
2020-07-09 12:18:22 +02:00
clemkeirua
60c3047e4f
mise à jour de doc pour se passer d'overmind
2020-07-09 09:32:09 +02:00
Christophe Robillard
2c56511204
validate api_entreprise_token
2020-07-08 18:59:22 +02:00
Christophe Robillard
8f9d6d2871
show which instructeur took decision and when
...
and also replace "sans suite" by "classé sans suite"
2020-07-08 18:15:15 +02:00
Pierre de La Morinerie
58c97efde4
config: enable debug assets in development
...
Historically, debug assets were disabled because they made reloading
pages very slow. This seems fixed by Rails 6.
2020-07-08 17:48:21 +02:00
clemkeirua
68b37cf6aa
config: make default Rails 5 config explicit
2020-07-08 11:00:12 +02:00
Pierre de La Morinerie
e2b8545222
config: fix missing default list of allowed HTML tags
...
See https://github.com/rails/rails/issues/39586
2020-07-07 18:03:56 +02:00
Paul Chavard
6a24c3f812
Rails app:update
2020-07-07 18:03:56 +02:00
Judith
9793128f61
'Services' routes moved under 'new_administrateur' scope and '/admn' added in their url
2020-07-07 14:08:01 +00:00
Judith
782706537d
Changed the routes to pass all new design admin pages under
...
'new_administrateur' scope, except 'services'.
As a result, the url of these pages will all include '/admin'.
2020-07-07 14:08:01 +00:00
Christophe Robillard
1d86f863d3
rename avis#all to avis#index
2020-06-30 09:17:27 +02:00
Christophe Robillard
bbec76d33b
rename avis#index to avis#procedure
2020-06-30 09:17:27 +02:00
Christophe Robillard
90d6d337a9
explain redirection urls for expert
2020-06-30 09:17:27 +02:00
Christophe Robillard
84d619c974
redirect old urls in avis mails with new urls
2020-06-30 09:17:27 +02:00
Christophe Robillard
72d27ffdb2
replace instructeur_avis_index url by instructeur_all_avis url
2020-06-30 09:17:27 +02:00
Christophe Robillard
dcb9afaf25
refactor expert avis url : fix avis_controller_spec
2020-06-30 09:17:27 +02:00
kara Diaby
6b07cc0659
Move admin/assigns to the new UI like groupe_instructeurs
2020-06-29 14:44:28 +02:00
clemkeirua
6452a20491
rename 'Menu déroulant's
2020-06-29 08:59:12 +00:00
simon lehericey
102fb6629e
remove ip constraint on ping
2020-06-22 15:29:51 +02:00
clemkeirua
6a3811a4e2
fix catalog v3
2020-06-19 14:20:32 +02:00
clemkeirua
319655482f
clean config for keystone v3
2020-06-19 14:20:32 +02:00
krichtof
ff6eaf73db
Revert "Suppression de l'utilisation de Keystone v2"
2020-06-04 17:32:25 +02:00
Paul Chavard
901b6e23a8
Remove legacy carto
2020-06-04 16:03:23 +02:00
clemkeirua
def744d627
remove now useless keystone v2
2020-06-04 12:05:27 +00:00
Christophe Robillard
705487dab6
define max_attempts for jobs
2020-06-02 20:21:11 +02:00
clemkeirua
868decd06e
add overide for fog openstack v3
2020-06-02 15:03:37 +02:00
Pierre de La Morinerie
b0db74ea79
config: fix spring randomly crashing in the pg gem
...
See https://github.com/ged/ruby-pg/issues/311
2020-05-25 09:23:41 +00:00
Pierre de La Morinerie
c9820adbc4
urls: fix link to autosave FAQ article
2020-05-18 16:53:19 +02:00
Pierre de La Morinerie
6eca93faab
urls: fix link to admin FAQ category
2020-05-18 16:53:19 +02:00
clemkeirua
22a518c921
ajout d'un bouton d'export des mails des demandeurs
2020-05-18 12:46:42 +00:00
Pierre de La Morinerie
93bb5283ff
app: remove the feature flag for pieces justificatives auto-upload
...
The feature works as intended: we can remove the feature flag.
2020-05-14 17:39:07 +02:00
Keirua
a869a04e1e
Mise à jour de l'URL de doc sur l'archivage
...
Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>
2020-05-13 16:45:27 +02:00
clemkeirua
84888be255
clarification de l'archivage/suppression
2020-05-13 16:45:27 +02:00
Christophe Robillard
aab4bb81ee
return bilan bdf csv for expert
2020-05-11 13:05:50 +02:00
Paul Chavard
4f2e504cc2
Add carto import api
...
takes a FeatureCollection to import and returns an augmented champ FeatureCollection
2020-05-07 12:06:42 +02:00
Paul Chavard
05e408225b
Implement atomic operations on MapEditor
2020-05-06 16:46:14 +02:00
Christophe Robillard
22e2c2e133
render csv bidf bilans
2020-04-30 16:15:16 +02:00
Paul Chavard
843e033c38
Allow instructeurs to download a GeoJSON document for a given dossier
2020-04-30 15:49:43 +02:00
kara Diaby
2fc438ab65
Fix safari and firefox compatibility mapbox gl
2020-04-30 14:14:03 +02:00
Christophe Robillard
14ff18ca80
store specific api-entreprise token for a procedure
2020-04-28 15:17:11 +02:00
clemkeirua
1ac7ec2dca
precision dans mail suppression dossier en construction
2020-04-28 12:42:00 +00:00
kara Diaby
9aea1fffee
Migrate the map editor to mapbox-gl with react component
2020-04-27 11:30:32 +02:00
Paul Chavard
f1b531911b
Handle processed dossiers in deletion mailers
2020-04-22 15:39:10 +02:00
Pierre de La Morinerie
37645d3df2
config: fix (again) the CSP when running a LiveReload server locally
...
When running the app using `bin/webpack-dev-server` (the external
(and fast) assets server), LiveReload is used. We need to explicitely
allow the LiveReload connections in the CSP policy.
Turns out we now need to specify the protocol explicitely.
2020-04-20 17:24:16 +02:00
Pierre de La Morinerie
968e470684
config: never cache rails-generated pages
...
This instruct browsers to never cache content directly generated by the
controllers. This includes HTML pages, JSON responses, PDF files, etc.
This is because Some mobile browsers have a behaviour where, although
they will delete the session cookie when the browser shutdowns, they
will still serve a cached version of the page on relaunch.
The CSRF token in the HTML is then mismatched with the CSRF token in the
session cookie (because the session cookie has been cleared). This
causes form submissions to fail with an
"ActionController::InvalidAuthenticityToken" exception.
To prevent this, tell browsers to never cache the HTML of a page.
(This doesn’t affect assets files, which are still sent with the proper
cache headers).
See https://github.com/rails/rails/issues/21948
2020-04-14 18:29:17 +02:00
Paul Chavard
7a8fd3c679
Use graphql playground instead of graphiql
2020-04-09 19:38:19 +02:00
Christophe Robillard
ae18ff6627
Notifie tous les instructeurs lors dépôt dossier
...
- envoie un mail à tous les instructeurs d'une procédure après le dépôt
d'un nouveau dossier
2020-04-09 14:33:56 +02:00
Christophe Robillard
415d5c765e
envoie une notification à chaque follower_instructeur après un commentaire déposé
2020-04-09 14:17:07 +02:00
kara Diaby
d18bc1c421
Improve the mapbox-gl support detection for older browsers
2020-04-09 11:01:20 +02:00
kara Diaby
56e9834389
Revert "Revert "Revert "Revert "feat/4893 - migrate the mapReader to mapbox-gl with react""""
...
This reverts commit 473ed00b6c
.
2020-04-09 11:01:20 +02:00
Pierre de La Morinerie
7e19dd2cda
Revert "Revert "Fix middle-click on "Delete attachment" button""
...
This reverts commit 6e8bd6957f
.
2020-04-09 10:40:08 +02:00
clemkeirua
34188c432c
refactor _new_header so that user and instructeur search share similar signature
2020-04-09 09:42:31 +02:00
Pierre de La Morinerie
6e8bd6957f
Revert "Fix middle-click on "Delete attachment" button"
2020-04-08 17:40:58 +02:00
Pierre de La Morinerie
8ceb555941
routes: cleanup attachment routes
2020-04-08 11:57:06 +02:00
kara Diaby
473ed00b6c
Revert "Revert "Revert "feat/4893 - migrate the mapReader to mapbox-gl with react"""
...
This reverts commit fe0b3c2215
.
2020-04-07 18:14:07 +02:00
kara Diaby
fe0b3c2215
Revert "Revert "feat/4893 - migrate the mapReader to mapbox-gl with react""
...
This reverts commit 3e21b78142
.
2020-04-07 18:11:11 +02:00
Pierre de La Morinerie
3e21b78142
Revert "feat/4893 - migrate the mapReader to mapbox-gl with react"
2020-04-07 15:32:14 +02:00
Pierre de La Morinerie
91260e2867
dossier: fix upload route of piece_justificative in repetitions
...
In repetitions, `form.index` doesn't make much sense. Turns out we
don't really need the index of the champ: we can just use the champ id.
2020-04-06 11:50:31 +02:00
kara Diaby
aa56cfd7a0
migrate map to mapbox-gl with a react component
2020-04-02 15:39:47 +02:00
Paul Chavard
7ba4c513e6
Refactor notify near deletion mailers
2020-04-01 17:40:52 +02:00
Paul Chavard
da52ec30bd
Undo discard dossiers and demarches from manager
2020-03-31 17:08:28 +02:00
Paul Chavard
876e05aed3
Discard demarches from manager
2020-03-31 17:08:28 +02:00
Pierre de La Morinerie
6417c0d2c0
dossiers: allow auto upload of attachments
2020-03-31 13:09:44 +02:00
Paul Chavard
5005c54891
Add base cron job
2020-03-31 12:25:46 +02:00
Pierre de La Morinerie
fe13043efd
dossier: prepare validations to piece_justificative champs
...
We can't yet enable the validations, because of an issue that will
(hopefully) be solved with Rails 6.
See https://github.com/betagouv/demarches-simplifiees.fr/issues/4926
2020-03-30 11:12:25 +02:00
Paul Chavard
a60b6b6776
Use ’ consistently instead of '
2020-03-26 17:27:48 +01:00
Paul Chavard
c707a21f97
Rename delete_and_keep_track -> discard_and_keep_track
2020-03-26 14:23:23 +01:00
Paul Chavard
ec1cd989ab
Show the reason on deleted dossiers
2020-03-25 16:57:03 +01:00
clemkeirua
5ef6f92fdc
update CGU URL
2020-03-25 09:50:41 +00:00
Christophe Robillard
b4b92accf1
instructeur: show deleted dossiers for a procedure
2020-03-25 10:19:07 +01:00
clemkeirua
5896aedeeb
added extension bouton to en_construction dossiers bound to expire
2020-03-24 18:10:51 +01:00
clemkeirua
057d7bc2f1
add interval data type to ActiveRecord
2020-03-24 18:10:13 +01:00
clemkeirua
c077762a04
added labels for datetime
...
cf https://stackoverflow.com/a/47836699
2020-03-24 16:54:35 +00:00
Pierre de La Morinerie
a716713ed6
locales: fix translation of champ value
...
Due to the extra 's', the names of Champs attributes were never
translated.
2020-03-24 15:42:02 +01:00
Paul Chavard
cd0acb1344
Cleanup dossier mailers
2020-03-19 16:52:18 +01:00
Pierre de La Morinerie
ea94ea05a0
config: configure CSP to allow live-reload requests
...
This avoids CSP errors when using the `bin/webpack-dev-server` external
assets compilation server.
2020-03-18 13:26:54 +01:00
Christophe Robillard
c21dd3b830
affiche infos d'un usager entreprise uniquement si diffusable
...
pour un usager de type entreprise qui a choisi de ne pas diffuser publiquement ses infos,
elles sont affichées uniquement aux instructeurs
2020-03-17 15:57:02 +00:00
clemkeirua
90a0879d71
ajout du bouton pour telecharger un pdf vide
2020-03-17 15:00:03 +01:00
clemkeirua
269881db12
generation d'un pdf vide à partir d'une procedure
2020-03-17 15:00:01 +01:00
Paul Chavard
444d19e191
Remove unused gems
2020-03-17 11:25:21 +01:00
Paul Chavard
ae2cfdd44e
Update browser gem
...
`modern?` method was removed in version 4
2020-03-17 11:25:20 +01:00
Paul Chavard
0b06864f7a
Upgrade core-js
2020-02-24 19:43:07 +01:00
Paul Chavard
318baf316e
Add notify_en_construction_near_deletion mailer
2020-02-18 17:18:14 +01:00
Paul Chavard
8c77d91e9f
Add notify_automatic_deletion_to_administration mailer
2020-02-18 17:18:06 +01:00
Paul Chavard
4e116f06a6
Add notify_automatic_deletion_to_user mailer
2020-02-18 17:15:32 +01:00
Pierre de La Morinerie
7ba76c6658
dossier: add a notice when some attachments of the dossier were lost
...
On the 22/01/2020, a technical error on the demarches-simplifees.fr
instance made us delete some files attached to some dossiers.
This PR adds a warning when browsing a dossier containing attachments
that were deleted.
2020-02-12 11:49:33 +01:00
simon lehericey
3d652ffaf8
Remove unused key
2020-02-10 13:59:15 +01:00
simon lehericey
6de55f44b4
Remove Fog conf for carrierewave
...
The conf now is config/storage.yaml
2020-02-10 13:56:45 +01:00
Christophe Robillard
cee4c5b8fb
Revert "Revert "4127 fix superadmin supprime compte usager""
...
This reverts commit 751f24f7bb
.
2020-02-04 16:07:01 +01:00
Paul Chavard
a86129c3a1
Revert "Revert "Update javascript dependencies and add webpack-bundle-analyzer""
...
This reverts commit eddd59e554
.
2020-02-03 14:54:25 +01:00
Keirua
eddd59e554
Revert "Update javascript dependencies and add webpack-bundle-analyzer"
2020-01-29 14:51:55 +01:00
Paul Chavard
a223eb05da
Update javascript dependencies and add webpack-bundle-analyzer
2020-01-28 16:37:44 +01:00
clemkeirua
5f65665b07
added a method for modifying a user email
2020-01-28 16:15:46 +01:00
Paul Chavard
7478a51846
[GraphQL] use official skylight support
2020-01-28 15:39:37 +01:00
Pierre de La Morinerie
745b00366f
Revert "app: hide IE11 deprecation banner during the strike"
...
This reverts commit c2882b6cc3
.
2020-01-28 15:18:18 +01:00
Pierre de La Morinerie
751f24f7bb
Revert "4127 fix superadmin supprime compte usager"
2020-01-21 18:57:54 +01:00
Christophe Robillard
a6d007dbd3
supprime un instructeur
2020-01-21 15:05:33 +01:00
clemkeirua
12430a8068
ajout d'un écran intermediaire pour gérer la reaffectation des dossiers
2020-01-20 16:15:02 +01:00
clemkeirua
45c8c8ca21
an admin can delete a groupe-instructeur with 0 dossier
2020-01-20 16:15:02 +01:00
Paul Chavard
4edc7b00cf
Use geocoder
2020-01-15 15:04:04 +01:00
Paul Chavard
14295db9ad
Revert "Revert "Merge pull request #4552 from tchak/champ-communes""
...
This reverts commit 4373cb22cb
.
2020-01-14 18:46:07 +01:00
clemkeirua
4373cb22cb
Revert "Merge pull request #4552 from tchak/champ-communes"
...
This reverts commit 4cec26f73a
, reversing
changes made to 0ef25ef36c
.
2020-01-13 16:26:27 +01:00
Christophe Robillard
9a62d3fe0c
delete a user
2020-01-13 10:06:43 +01:00
Pierre de La Morinerie
f04fb3830c
config: fix France Connect callback URL when testing locally
...
When testing France Connect on a local development environment, the
callback URL should be something like `http://localhost:3000/…/ …`
But currently, the callback URL uses `https`, even in development. This
causes the callback URL to be rejected by France Connect.
This commit overrides the callback URL when in development, to use
an `http` URL instead. In doesn't affect the production settings.
2020-01-08 15:44:49 +01:00
Paul Chavard
cccb04d725
ActiveStorage url should expire after an hour
2020-01-08 14:43:05 +01:00
Paul Chavard
e61e39d345
Remove unused code and tests
2020-01-07 11:52:51 +01:00
Paul Chavard
ff46ee366e
Fix user brouillon spec
2020-01-07 11:52:51 +01:00
Paul Chavard
4bbd16576b
Add champ communes
2020-01-07 11:52:51 +01:00
Paul Chavard
22aa2d4ee0
Make all location champs autocomplete
2020-01-07 11:52:51 +01:00
simon lehericey
c95b7a33fa
Add brakeman exception for a export.file.service_url
2019-12-18 13:13:15 +01:00
simon lehericey
d0f0533a32
Remove unused code
2019-12-18 13:13:15 +01:00
Paul Chavard
422b7f37ec
[GraphQL] expose file information
2019-12-11 12:34:49 +01:00
Pierre de La Morinerie
c2882b6cc3
app: hide IE11 deprecation banner during the strike
...
Having two banners appearing in a few days may be overwhelming for
users.
2019-12-04 17:32:04 +01:00
Paul Chavard
2f060fc30a
Add depubliee state to procedures
2019-12-04 16:52:41 +01:00
Paul Chavard
e429c79eb1
Allow administrators to set themselves démarches as déclaratives
2019-12-04 12:30:26 +01:00
Christophe Robillard
4e7c779116
refuse les numéros de tel invalides
...
rend facultatif les numéros de téléphone
2019-12-04 05:34:43 +01:00
simon lehericey
006e426a11
Work on deletion mail
2019-12-03 17:18:53 +01:00
simon lehericey
6391f7ff9c
Work on notify_near_deletion mailer
2019-12-03 17:18:53 +01:00
Pierre de La Morinerie
97af50c700
app: fix detection of Chrome iOS and Firefox iOS as outdated browsers
...
For instance, Firefox iOS is reported as `firefox? true, version 20`.
As on iOS only the system-provided Webkit is allowed, we can instead
safely assume that all browsers on a recent iOS device are modern.
2019-12-03 16:09:41 +01:00
Pierre de La Morinerie
3212dfddca
app: allow hiding the browser banner for one week
2019-12-03 16:09:18 +01:00
Pierre de La Morinerie
2ee8cab067
app: display a deprecation banner for IE 11
2019-12-03 16:02:08 +01:00
Paul Chavard
7b947feae4
Rename demarche archivée to demarche close
2019-11-28 15:07:16 +01:00
Pierre de La Morinerie
68f5aae99d
autosave: add feature test
2019-11-21 14:00:06 +01:00
Pierre de La Morinerie
bff7892ba8
dossiers: autosave drafts
2019-11-21 14:00:06 +01:00
Matthieu FAURE
87813c42d9
Update config/env.example
...
Co-Authored-By: Keirua <Keirua@users.noreply.github.com>
2019-11-20 15:40:02 +01:00
Matthieu FAURE
1f2f904f8f
Update config/env.example
...
Co-Authored-By: Keirua <Keirua@users.noreply.github.com>
2019-11-20 15:39:50 +01:00
Matthieu FAURE
85bbafc256
Update config/env.example based on @keirua review
...
Co-Authored-By: Keirua <Keirua@users.noreply.github.com>
2019-11-20 11:03:19 +01:00
Matthieu FAURE
0089a9d520
Update config/env.example based on @keirua review
...
Co-Authored-By: Keirua <Keirua@users.noreply.github.com>
2019-11-20 11:01:54 +01:00
Matthieu FAURE
98d545b1d9
Update config/env.example based on @keirua review
...
Co-Authored-By: Keirua <Keirua@users.noreply.github.com>
2019-11-20 11:01:27 +01:00
Matthieu FAURE
1a63d7e4e2
DOC ajout commentaires + explications pour env.example
2019-11-19 15:24:57 +01:00
simon lehericey
874439580b
Pluralize some texts
2019-11-18 17:08:51 +01:00
simon lehericey
9ca026a630
Use a select2 box for looking to instructeurs
2019-11-18 17:08:51 +01:00
Alexandre Friquet
8f5203cc2e
Merge branch 'dev' into 4482-echec-initilaisation-env-dev
2019-11-14 17:07:28 +01:00
Alexandre Friquet
d9680252b0
Fixes missing database on initialization: closes #4482 .
2019-11-14 09:17:39 +01:00
Paul Chavard
ba03dbf8dd
[GraphQL] Add dossierEnvoyerMessage mutation
2019-11-13 19:54:27 +01:00
Paul Chavard
f7cbbe815c
[GraphQL]: Add default query to playground
2019-11-13 15:53:56 +01:00
Paul Chavard
9ce81f665b
[GraphQL]: fix geo_areas docs
2019-11-13 15:53:56 +01:00
Paul Chavard
fe84e8e0f7
Remove carrierwave
2019-11-12 15:26:18 +01:00
clemkeirua
6351eabfdd
remove notification to report-uri in production
2019-11-07 17:32:40 +01:00
clemkeirua
04c13190c3
introduce smtp_key in order to use 2 different sendinblue keys
...
client_key is exposed to the client via gon, so if we use it for sending email too we are exposing a key so anybody could send an email.
The current client_key has a different level of right and can't send emails so it's ok to expose it.
2019-11-06 13:34:36 +01:00
clemkeirua
959aacdea5
Sendinblue email balancing using proper credentials
...
This reverts commit c61981e795
.
2019-11-06 13:34:36 +01:00
clemkeirua
c61981e795
Revert "Sendinblue email balancing using interceptor"
...
This reverts commit b2135b6576
.
2019-11-04 15:55:08 +01:00
Chaïb Martinez
b2135b6576
Sendinblue email balancing using interceptor
...
Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
2019-11-04 15:30:44 +01:00
Pierre de La Morinerie
8e6930d257
instructeurs: fix ProcedurePresentation to use instructeur.user.email
...
The `joins` are declared explicitely in order to associate a predictable
name to the joined table.
Otherwise, when the query is joined with `:users`, ActiveRecord will
alias the join automatically to solve the conflict. Unfortunately, the
automatic resolution means that the table name becomes unpredictable,
and thus unsuitable to perform queries on.
2019-11-04 10:44:24 +01:00
Paul Chavard
18e91e7ca3
Extend old export format till mid-November
2019-10-31 17:11:46 +01:00
Nicolas Bouilleaud
72b7ff221c
move procedure to new design
2019-10-31 10:27:19 +01:00
Paul Chavard
73d4ecf35d
Add a DS_PROXY_URL env variable
2019-10-30 16:15:38 +01:00
simon lehericey
477f7c9837
Remove instructeur
2019-10-30 14:27:51 +01:00
simon lehericey
79b808470c
Add instructeur
2019-10-30 14:27:51 +01:00
simon lehericey
94081a3997
Show Groupe Instructeur
2019-10-30 14:27:51 +01:00
simon lehericey
4491dca19a
Index Groupe Instructeur
2019-10-30 14:27:51 +01:00
Paul Chavard
6a3d725134
Revert "Revert "Decommission ActiveStorage proxy service and use openstack service""
...
This reverts commit 71227be37f
.
2019-10-30 12:11:45 +01:00
simon lehericey
71227be37f
Revert "Decommission ActiveStorage proxy service and use openstack service"
...
This reverts commit 0ff6c793ae
.
2019-10-29 10:30:40 +01:00
Jérôme Desboeufs
86819cd532
Fix typos
2019-10-25 09:41:22 +02:00
simon lehericey
54d6d21c27
Add Pg statement timeout variable to allow long migration
2019-10-24 15:54:25 +02:00
simon lehericey
fbe93e0fce
Fix pluralization in search page
2019-10-23 21:47:20 +02:00
simon lehericey
35bba62297
Update routing critéria name
2019-10-23 21:47:20 +02:00
simon lehericey
a5ffe9f54b
Remove instructeur from the group
2019-10-23 21:47:20 +02:00
simon lehericey
a6deafd885
Add instructeurs to groupe
2019-10-23 21:47:20 +02:00
simon lehericey
3dd3af8482
Groupe instructeur update
2019-10-23 21:47:20 +02:00
simon lehericey
9a6336f508
Groupe instructeur create
2019-10-23 21:47:20 +02:00
simon lehericey
733e83cc54
Groupe instructeur show
2019-10-23 21:47:20 +02:00
simon lehericey
2749c00ce3
Groupe instructeur index
2019-10-23 21:47:20 +02:00
Paul Chavard
0ff6c793ae
Decommission ActiveStorage proxy service and use openstack service
...
We are making these changes in order to always use DS_Proxy. Before this change DS_Proxy was not used to write files when ActiveStorage was used directly and not through “direct upload”.
2019-10-23 17:58:00 +02:00
Paul Chavard
86b271997b
Invite experts to linked dossiers
...
closes #3669
2019-10-23 13:10:09 +02:00
Pierre de La Morinerie
d542bca8de
admin: relabel the number
champ
...
Avoid two type de champs having the same label.
Soon this champ will even be deprecated and disappear.
Ref #4414
2019-10-22 15:59:43 +02:00
clemkeirua
4a6893d88b
migrate sendinblue API to v3
2019-10-22 10:06:53 +02:00
clemkeirua
43424e4f4e
merge with the work of paul, using 3 links
2019-10-22 09:51:14 +02:00
clemkeirua
70ea5e167e
procedure download is performed through a controller in order not to leak the URL
2019-10-22 09:50:58 +02:00
clemkeirua
1af2b63ed1
initial implementation of async export
2019-10-22 09:50:58 +02:00
simon lehericey
1e8e45232a
Setup a timeout on long query
2019-10-17 16:45:18 +02:00
simon lehericey
f31c184b56
[ fix #1537 ] Remove simple_form gem
2019-10-08 11:08:35 +02:00
clemkeirua
d3063c0b63
remove download_as_zip feature flag
2019-10-03 10:48:24 +02:00
Paul Chavard
5a7e415474
Put graphql behind a feature flag
2019-09-24 10:47:21 +02:00
Paul Chavard
a51fc75628
Expose graphiql
2019-09-24 10:47:21 +02:00
Paul Chavard
91ad9bd7d3
Configure GraphQL::RailsLogger
2019-09-24 10:47:21 +02:00
Paul Chavard
bf6fbbf2b6
Add graphql end point
2019-09-24 10:47:21 +02:00
Paul Chavard
52e84f2ffe
Add graphql object types
2019-09-24 10:47:21 +02:00
Nicolas Bouilleaud
3e2985b305
First attempt at procedure stats
...
fixes #3945 , #3946 , #3948
2019-09-17 16:43:48 +02:00
Nicolas Bouilleaud
c26a701a17
Refactor and redesign publish modal
...
* remove the autocomplete menu
* use ujs to pre-validate the procedure
* tweak the UI
2019-09-17 16:30:48 +02:00
Nicolas Bouilleaud
92e6032115
Remove path availability dead code when creating/editing a procedure
...
There’s no “path” field anymore in the Procedure form, it can only be set when publishing.
2019-09-17 16:30:48 +02:00
Paul Chavard
d24e0e72a7
Correctly create new flipper flags
2019-09-12 10:46:13 +02:00
Paul Chavard
65e227c44b
Migrate to flipper
2019-09-10 16:10:14 +02:00
Chaïb Martinez
dd6c6bfe7a
mailers: add a NO_REPLY address to transactional emails
2019-09-10 13:37:28 +02:00
Paul Chavard
7ffb98e616
Remove carrierwave uploaders
2019-09-10 10:49:12 +02:00
Chaïb Martinez
f2386a5800
Add crips help domaine to defaut policy src
...
[fix #4234 ]
Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
2019-08-27 10:30:10 +02:00
simon lehericey
86d968bb8e
Use rack_attack_enabled?
...
We cannot enable rack attack during the tests as it interferes with features spec.
So we add a flag to enable it during the runtime.
2019-08-20 13:29:29 +02:00
simon lehericey
0f0fecdb25
RackAttack: use remote ip and test it !
2019-08-20 13:29:29 +02:00
pedong
fc8cebd78d
add Gem rack_attack for prevent attack brute-force
2019-08-20 13:29:29 +02:00
simon lehericey
840be2408e
Remove administrateur devise methods
2019-08-14 15:06:15 +02:00
Paul Chavard
e68d2cf5e2
Enable champ repetition for all
2019-08-14 12:53:51 +01:00
Paul Chavard
9eaf14968f
Enable export v2 for all
2019-08-14 12:53:51 +01:00
Paul Chavard
0969b1f85f
Enable email_login_token for all gestionnaires
2019-08-14 12:53:51 +01:00
simon lehericey
5fdac38cb2
Fix instructeur invitation
2019-08-13 15:15:16 +02:00
simon lehericey
a84e07a376
Remove instructeur devise methods
2019-08-13 15:15:16 +02:00
simon lehericey
1d6b80cb53
Remove strange admin sign_in route
2019-08-13 14:13:48 +02:00
simon lehericey
5bda753735
Remove all devise route and controller for instructeur and administrateur
2019-08-13 14:13:48 +02:00
simon lehericey
1fb26451d3
Remove demo route
2019-08-13 14:13:48 +02:00
simon lehericey
a4b9eecded
Remove unused devise session controller
2019-08-13 14:13:48 +02:00
Nicolas Bouilleaud
17579ab8a5
Rename Gestionnaire to Instructeur in seeds.rb
2019-08-13 14:04:23 +02:00
Nicolas Bouilleaud
7c7947adeb
Rename gestionnaire to instructeur in a comment
...
About an (unused for now) env var.
2019-08-13 10:27:49 +02:00
simon lehericey
3fde2a6f70
Rename gestionnaire in code to instructeur
2019-08-12 13:47:01 +02:00
simon lehericey
6902f84b85
Brutally rename gestionnaire filename to instructeur
2019-08-12 13:47:01 +02:00
simon lehericey
bb8d65c6b4
Subtly rename admin/instructeurs to admin/assigns
2019-08-12 13:47:01 +02:00
maatinito
8d3e3baabc
#3928 administrator new & edit pwd pages
2019-08-01 17:12:14 +02:00
maatinito
0b0ef8a318
#3928 Zxcvbn service to compute password complexity
2019-08-01 17:12:14 +02:00
maatinito
3703a71ea3
#3928 Added constants to define password min length & complexity
2019-08-01 17:12:14 +02:00
clemkeirua
38b48f4217
transition from accepte to instruction as superadmin
2019-08-01 10:29:51 +02:00
Paul Chavard
6cfad01d12
Stop using Flipflop as switch for weekly_overview
2019-07-31 15:15:09 +02:00
Paul Chavard
25db21467d
Stop using Flipflop as switch for Fog
2019-07-31 15:15:09 +02:00
Pierre de La Morinerie
95e24392f9
models: remove old pieces justificatives
2019-07-30 16:11:17 +02:00
Pierre de La Morinerie
212d1f8cea
locales: remove references to old pj
2019-07-30 16:11:17 +02:00
Pierre de La Morinerie
0c4cb3b498
admin: remove UI for managing old pj
2019-07-30 16:11:16 +02:00
Nicolas Bouilleaud
7205f4da9e
L'enfer du Nord Paris-Roubaix (Tour de France, Tour de France)
2019-07-30 14:47:48 +02:00
pedong
9438f962c5
add alert for account is locked
2019-07-29 17:48:44 +02:00
pedong
8d03a6747c
add lockable to User, Gestionnaire, administration, Administrateur
2019-07-29 17:48:44 +02:00
clemkeirua
99421545ab
replaced api-carto endpoint
2019-07-23 16:21:15 +02:00
clemkeirua
f166077f5e
ajout d'un bouton de suppression des admin dans le manager
2019-07-23 16:11:15 +02:00
clemkeirua
92ec627425
update brakeman configuration
2019-07-17 18:04:32 +02:00
clemkeirua
d8b63cd4c9
added 'monavis' inside the procedure and for users
2019-07-17 18:04:32 +02:00
clemkeirua
25f81f1d3c
download a dossier as zip with all attachments
2019-07-16 09:11:25 +02:00
Pierre de La Morinerie
76335511c8
omniauth: protect against CSRF
...
See https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284
2019-07-15 18:16:00 +02:00
Pierre de La Morinerie
56c846900b
champs: improve validation message of numeric fields
...
Replaces
> Champs value doit être un nombre
by
> La valeur du champ doit être un nombre entier (sans chiffres après
> la virgule)
2019-07-11 15:12:48 +02:00
Paul Chavard
3cb39c2840
Refactor message attachements to use active_storage
2019-07-10 15:35:29 +02:00
Pierre de La Morinerie
055fc63c45
profile: improve email success message wording
2019-07-10 11:31:09 +02:00
simon lehericey
ea79b9a595
typo: use ’
2019-07-09 11:55:17 +02:00
simon lehericey
d36f6ebcd7
[ fix #1709 ] A user can change its email
2019-07-09 11:55:17 +02:00
simon lehericey
0f9fdf3f75
Activate device email change confirmation
2019-07-09 11:55:17 +02:00
simon lehericey
d68d2be798
Profil: accessible to all roles
2019-07-09 11:55:17 +02:00
Mathieu Magnin
b34f8fbe3d
Add ActionText
2019-07-03 13:15:49 +02:00
simon lehericey
4b154983fb
Landing: voir les démarches -> comment trouver ma démarche
2019-07-03 12:59:09 +02:00
simon lehericey
c7e10fc43f
Manager: remove repasser_en_instruction
2019-07-02 18:40:20 +02:00
simon lehericey
b79220e711
UI
2019-07-02 18:35:47 +02:00
Paul Chavard
fb0ef15e3c
Export dossiers v2
2019-07-02 14:20:29 +02:00
clemkeirua
dfefb827d9
missing connect-src
2019-07-02 10:50:10 +02:00
clemkeirua
d6f2de2fbf
enable static + activate csp in production
2019-07-02 09:40:38 +02:00
clemkeirua
0cfd3e3c1f
disable csp
2019-07-01 12:10:08 +02:00
clemkeirua
eaf850c1e9
enable csp
2019-06-27 11:10:29 +02:00
clemkeirua
f19b5f8911
fix csp rule for crisp websocket
2019-06-26 12:37:55 +02:00
clemkeirua
7064f7e973
enable crisp websockets and css
2019-06-25 17:39:08 +02:00
clemkeirua
d3c6021ef4
add duplicate rules as fallback
2019-06-20 11:34:24 +02:00
clemkeirua
dc6c2e6bc0
add missing elements
2019-06-17 17:05:08 +02:00
Nicolas Bouilleaud
eb592f8ddf
Add manager controller for bill signatures
2019-06-17 16:16:28 +02:00
Nicolas Bouilleaud
f355f849a6
Add BillSignature Model
2019-06-17 16:16:28 +02:00
Nicolas Bouilleaud
dace9a53d3
Add Universign timestamp API query
2019-06-17 16:16:28 +02:00
clemkeirua
765b10026e
more generic elements to the security policy
2019-06-17 09:51:27 +02:00
pedong
abcd58c35d
[ fix #3710 ] date with letter
...
Co-Authored-By: simon lehericey <mail@simon.lehericey.net>
2019-06-12 17:48:12 +02:00
Chaïb Martinez
eccd456325
Add crisp
...
Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
2019-06-05 17:41:47 +02:00
Paul Chavard
ff44b7a600
Refactor purge pj to be more generic
2019-05-29 15:54:51 +02:00
Pierre de La Morinerie
d410e31344
active_storage: document the virus scan hooks
2019-05-28 11:39:22 +02:00
Paul Chavard
6a3413018a
Refresh attachments with virus scan result
2019-05-21 14:21:55 +02:00
Paul Chavard
cc4eba2b36
Less mokey patching
2019-05-21 14:21:42 +02:00
clemkeirua
5cbbbb8d3e
more whitelist for the common domains we use
2019-05-20 09:52:44 +02:00
Paul Chavard
42235e81b1
Use active storage load hook to extend blob
2019-05-16 20:43:01 +02:00
Paul Chavard
348b15f595
Put devtools behind feature flags
2019-05-15 18:10:25 +02:00
clemkeirua
6fe4031b2e
use constant for localhost
2019-05-15 16:33:27 +02:00
clemkeirua
b670b60ac6
changement de l'URI de report-uri
2019-05-15 15:32:00 +02:00
Pierre de La Morinerie
abfeb1c2db
locales: remove unused carrierwave localisation
...
- It was broken since the renaming of `extension_white_list` to
`extension_whitelist` (f0ed61cce8
)
- The localisation is already included in the `carrierwave-i18n` gem
- The localisation included in the gem is better than ours (it mentions
which extensions are allowed).
2019-05-15 14:39:40 +02:00
Pierre de La Morinerie
d431eeeb93
carrierwave: fix typo
...
Turns out the `openstack_identity_api_version` has not actually been
filled out for a while, because of a typo.
2019-05-15 14:03:15 +02:00
Paul Chavard
9725f2a418
Enable new champs editor for all
2019-05-14 16:18:29 +02:00
Paul Chavard
3446782cd0
Remove deprecated editor
2019-05-14 16:18:29 +02:00
Paul Chavard
dba8d65137
Track dossier operations with author and subject
2019-05-14 14:31:03 +02:00
Chaïb Martinez
3004f96cf5
Add video and webinar URLs to admin pages
...
Fix #3850
Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
2019-05-13 17:47:02 +02:00
clemkeirua
675cc5150c
update on the security policy headers
2019-05-09 14:55:21 +02:00
Nicolas Bouilleaud
3ff0c83485
Add multi-admin UI
...
refs #1626
2019-05-06 16:19:08 +02:00
clemkeirua
2ae02a132b
Report-Only for tests
2019-05-06 10:07:51 +02:00
clemkeirua
64b858ef19
handle Gon + add report-uri URL
2019-05-06 10:07:51 +02:00
clemkeirua
8582b08a98
add security policy
2019-05-06 10:07:51 +02:00
Paul Chavard
f113d108c9
Save virus scan status to blob metadata
2019-05-02 15:58:09 +02:00
Paul Chavard
d72cead7ff
Remove unnecessary uglify options
...
New options :
terserOptions:
{ output: { ecma: 5, comments: false, ascii_only: true },
parse: { ecma: 8 },
compress: { ecma: 5, warnings: false, comparisons: false },
mangle: { safari10: true } } }
2019-05-02 14:10:48 +02:00
Paul Chavard
2f633b5d23
Load leaflet from a separate chunk
2019-05-02 14:10:48 +02:00
Pierre de La Morinerie
e06e32238c
api_entreprise: display a specific error message on network errors
2019-05-02 11:24:38 +02:00
Pierre de La Morinerie
6c8280fba6
api_entreprise: add a feature flag for toggling API INSEE v3
2019-04-30 17:27:58 +02:00
simon lehericey
1d051dc3ef
Can change a piece_justificative_template on a type_de_champ
2019-04-18 11:13:35 +02:00
Mathieu Magnin
14c3fb7224
[ Fix #3064 ] Add a preview button for state notifications emails
2019-04-11 11:03:13 +02:00
Pierre de La Morinerie
01e113d04f
Revert "locales: tell that API Entreprise is unavailable for now"
...
This reverts commit a598383856
.
2019-04-04 17:15:31 +02:00
Pierre de La Morinerie
41ad89d8ac
commencer: fix redirection with invalid path
2019-04-04 14:03:40 +02:00
Paul Chavard
b9be186d2c
Sentry should send environment information
2019-04-03 18:19:16 +02:00
Pierre de La Morinerie
22f2ca105e
commencer: display a FranceConnect button
...
Fix #3640
2019-04-03 16:08:09 +02:00
simon lehericey
6d42c8f08a
env.example: add TRUSTED_NETWORKS variable
2019-04-03 15:21:19 +02:00
Paul Chavard
639facaf2a
Add new types_de_champ#move api
2019-04-03 14:38:07 +02:00
Paul Chavard
51c79ba6a6
Update webpacker and replace vue with react
2019-04-03 14:38:07 +02:00
Pierre de La Morinerie
a598383856
locales: tell that API Entreprise is unavailable for now
2019-04-03 11:24:51 +02:00
Paul Chavard
e71cdcd12c
Move all the trackers to a separate js pack
2019-04-02 17:33:53 +02:00
Pierre de La Morinerie
97af31d54f
app: rename references to betagouv/tps
...
Github has an automatic redirection, but better be clean.
2019-03-26 11:10:30 +01:00
Pierre de La Morinerie
30d11e0dac
app: rename new_gestionnaire
to gestionnaires
2019-03-26 10:48:59 +01:00
Pierre de La Morinerie
ded5b70444
app: rename new_user
to users
2019-03-25 10:56:39 +01:00
Mathieu Magnin
2c1e1db37d
[ Fix #3617 ] 404 when filter[value] contains a "."
2019-03-19 14:25:57 +01:00
simon lehericey
ed6828c66c
Notification: UI
2019-03-18 16:37:51 +01:00
simon lehericey
eae6986079
Puma: change config to enable cluster mode in production
2019-03-18 11:40:13 +01:00
Paul Chavard
504b26bf5e
Add administrateur to demarche from manager
2019-03-12 11:59:01 +01:00
Mathieu Magnin
44f28ec565
Remove feature flag for publish draft
2019-03-12 11:26:07 +01:00
Frederic Merizen
b3c3541725
[ #3477 ] Update brakeman config
2019-03-11 17:14:17 +01:00
Frederic Merizen
8d8376947d
[ Fix #3477 ] Individually remove values from multi-value filter
2019-03-11 17:14:17 +01:00
Frederic Merizen
98713b6a4d
Proxy for SendinBlue API
2019-03-08 16:33:28 +01:00
Frederic Merizen
fc38880155
Move sendinblue client key to configuration file
...
This is not a secret (it's sent to the client as part of the JS anyway) so it's
not a big deal that it was on the public repository but it's still better to
have it be configurable.
2019-03-08 16:33:28 +01:00
Mathieu Magnin
1eed114d78
Add status page in footer
2019-03-05 17:42:00 +01:00
Frederic Merizen
d54a0a4612
Fix link to procedure brouillon in manager
2019-03-04 15:03:30 +01:00
simon lehericey
2920769a68
ActiveStorage: temp url are valid for 1 hour
2019-02-28 18:36:28 +01:00
simon lehericey
9d92e43d8d
[ fix #3315 ] Migrate service organisme
2019-02-18 16:50:44 +01:00
simon lehericey
a7e068003a
[ fix #3427 ] Administration can soft delete a dossier
2019-02-14 18:09:08 +01:00
Paul Chavard
5da5f75c5f
[Types de Champ Editeur] Save on change and only edited model
2019-02-07 17:05:55 +01:00
simon lehericey
32281092e6
mina: reuse gem between deployment
2019-02-06 14:41:45 +01:00
Paul Chavard
071448e1d9
Champ Repetition dossier editor
2019-02-04 16:19:07 +01:00
Paul Chavard
862ab4ed04
“Bloc répétable” is ready to be tested
2019-02-04 15:46:39 +01:00
Pierre de La Morinerie
283f110e9b
stats: improve numeric separators and suffixes
2019-02-01 11:02:37 +01:00
pedong
6103176a78
[ fix #1238 ] add previsualization attestation for gestionnaire
2019-01-22 14:54:24 +01:00
Pierre de La Morinerie
016e5f2e6f
commencer: add an independant page
2019-01-21 14:45:38 +01:00
Paul Chavard
6036d7906f
Enable champ_siret for all
2019-01-17 15:17:48 +01:00
Paul Chavard
9136c9dfa0
Enable support_form for all
2019-01-17 15:17:48 +01:00
Paul Chavard
41c9b21509
Use new editor
2019-01-17 11:20:31 +01:00
Paul Chavard
e1a1a2b2ad
Add new admin procedure update action
2019-01-17 11:20:31 +01:00
Paul Chavard
d9d0b29cbf
Add Vue.js
2019-01-17 11:20:31 +01:00
Frederic Merizen
0846860748
Proxy for active storage service provider
2019-01-16 11:34:57 +01:00
Pierre de La Morinerie
3b92fe93fc
stats: make groupdate week start on Monday
2019-01-10 16:14:14 +01:00
gregoirenovel
5fa5f2aa37
Bump development gems
...
- rubocop (0.61.1 → 0.62.0)
2019-01-05 11:47:55 +01:00
gregoirenovel
0596d53ac2
Enable the Lint/UnusedBlockArgument cop
2019-01-03 10:53:50 +01:00
gregoirenovel
8ffcc16ec5
Avoid EOL ifs
2019-01-03 10:53:50 +01:00
gregoirenovel
7ffe40868b
Use parentheses
2019-01-03 10:53:50 +01:00
Chaïb Martinez
0fe473b84e
Add 2 new categories in admin contact form
2018-12-20 15:29:49 +01:00
Paul Chavard
5d1c24f3d8
Add type de champ repetition models (with row)
2018-12-19 15:31:11 +01:00
Frederic Merizen
832b4a61bc
Drop CleverCloud Service for ActiveStorage
2018-12-19 10:36:02 +01:00
Frederic Merizen
57a136c861
Make champ PJ generally available
2018-12-18 11:11:23 +01:00
Mathieu Magnin
5ab0853f1c
Harmonize user champ pj purge route to gestionnaire
2018-12-14 11:38:59 +01:00
Mathieu Magnin
edf3eefa87
Fix Sentry 114, Instructeur can delete pj in private champs
2018-12-13 17:27:05 +01:00
Frederic Merizen
0a1bdbb6d3
[ #2180 ] Passer sur le nouveau fournisseur de stockage
2018-12-11 19:54:11 +01:00
pedong
de5de75869
[ fix #2985 ] del champ_linked_dropdown in feature
2018-12-10 16:47:22 +01:00
simon lehericey
db6c86b242
DossierController: user can destroy pjs
2018-12-06 10:45:10 +01:00
Mathieu Magnin
55525af060
Add rake task to run after party with mina
2018-12-04 14:43:55 +01:00
Paul Chavard
2f2aa580f8
Update activestorage.js
2018-12-04 11:37:00 +01:00
Paul Chavard
6043e59937
Disable after party
2018-12-01 10:30:35 +01:00
Frederic Merizen
dd07a8ca1f
[ #2180 ] Use different container for activestorage and for carrierwave
2018-11-29 11:31:58 +01:00
Paul Chavard
b9af07b845
Add admin support contact form
2018-11-28 16:50:37 +01:00
Paul Chavard
3f62d2b0b6
Allow to override active_job adapter
2018-11-27 17:26:21 +01:00
pedong
ef1c17beaa
[ Fix #3056 ] get url api in the environment variable
2018-11-27 14:47:10 +01:00