Commit graph

490 commits

Author SHA1 Message Date
François Vantomme
d5cd0101c8 feat(footer): customize using custom views & locales 2022-03-10 17:31:20 +01:00
Pierre de La Morinerie
3481d27cba config: block browser external connections during system tests
During system tests, we don't want the headless browser to load
external resources:

- It is faster (we don't wait for external resources to be loaded)
- It avoids leaking our test setup to external service

Fixes #6982
2022-02-22 17:24:25 +01:00
Pierre de La Morinerie
6d5f44d489 config: translate the CSP comments from french to english 2022-02-22 17:17:55 +01:00
Pierre de La Morinerie
c2729ab7e2 config: add Matomo to the frame_src Content Security Policy
Solves the Matomo iframe being blocked on `/suivi`. Fix #5868
2022-02-15 15:56:53 +01:00
Pierre de La Morinerie
3276db016f config: add Matomo to the connect_src Content Security Policy
Solves Matomo connections being blocked. Fix #6949
2022-02-15 15:56:53 +01:00
Pierre de La Morinerie
6fa52e8a5a config: report CSP violations to report-uri 2022-02-15 12:49:52 +01:00
Pierre de La Morinerie
0b2775a1a6 config: add back DS_PROXY_URL to CSP
Otherwise a bunch of "static.demarches-simplifiees.fr" domains would
be missing.
2022-02-15 12:49:52 +01:00
François Vantomme
d5f207d98c refactor(url): use env variables in content security policies 2022-02-15 12:49:52 +01:00
Jon
31996c7d09 chore(smtp): add mailcatcher configuration 2022-02-15 09:34:07 +01:00
François Vantomme
ac915494df feat(landing): hide testimonial & users sections 2022-02-15 08:49:23 +01:00
François Vantomme
e8f62e78fe feat(matomo): configure Matomo iframe URL with an env variable 2022-02-09 12:44:13 +01:00
Pierre de La Morinerie
3e20ea13d8
Revert "Utilisation des variables d'environnement lors de la déclaration des Content Security Policies" 2022-02-08 22:20:08 +01:00
François Vantomme
8eaecd184a refactor(url): use env variables in content security policies 2022-02-08 15:15:55 +01:00
Pierre de La Morinerie
847abca122 config: simplify mailer configuration again
Move everything to initializers, and replace the email settings
interceptor by a BalancerDeliveryMethod.

It has the advantage that it can be configured entirely from the
`config/environment.rb` file, without an extra file to look at.
2022-02-08 12:44:43 +01:00
François Vantomme
51cfd3d7ad
feat(env): add env variables for the provider data 2022-02-04 18:20:06 +01:00
Pierre de La Morinerie
387701e7cb config: add a new SAML_IDP_ENABLED env var
This fixes the app crashing on launch when using the production profile,
because the certificates are not present.
2022-01-26 16:45:50 +01:00
Martin
252eee272b feat(support#create): block with invisible captcha [avoid painful captcha] 2022-01-04 14:49:00 +01:00
Pierre de La Morinerie
d524beee4e app: remove :instructeur_bypass_email_login_token from Flipper 2021-12-02 08:51:52 +01:00
simon lehericey
c4cde500ce fix acsv 2021-11-30 09:42:45 +01:00
simon lehericey
3316dfc866 reopen openid_connect gem to support AC encrypted jwt response 2021-11-23 14:17:59 +01:00
simon lehericey
45ce274721 add agent connect secrets 2021-11-23 14:17:59 +01:00
Paul Chavard
1adafd22d0 fix(graphql): add graphql_operation to lograge 2021-11-04 16:18:10 +01:00
Pierre de La Morinerie
d0e87a08cf services: cache zxcvbn dictionaries per-thread
Before, every time a password was tested, the dictionaries were parsed
again by zxcvbn.

Parsing dictionaries is slow: it may take up to ~1s. This doesn't matter
that much in production, but it makes tests very slow (because we tend
to create a lot of User records).

With this changes, the initializer tester is shared between calls, class
instances and threads. It is lazily loaded on first use, in order not to
slow down the application boot sequence.

This uses ~20 Mo of memory (only once for all threads), but makes tests
more that twice faster.

For instance, model tests go from **8m 21s** to **3m 26s**.

NB:
An additionnal optimization could be to preload the tester on
boot, before workers are forked, to take advantage of Puma copy-on-write
mechanism. In this way all forked workers would use the same cached
instance.

But:

- We're not actually sure this would work properly. What if Ruby updates
  an interval ivar on the class, and this forces the OS to copy the
  whole data structure in each fork?
- Puma phased restarts are not compatible with copy-on-write anyway.

So we're avoiding this optimisation for now, and take the extra 20 Mo
per worker.
2021-10-25 12:04:56 +02:00
simon lehericey
738d08a1d9 change in whitelist 2021-10-19 21:07:24 +02:00
simon lehericey
44c880adc4 allow instructeur and administrateur to change their email to legit domain (#6550) 2021-10-19 15:54:57 +02:00
simon lehericey
b69dafc3d4 CNAF in lowercase 2021-10-12 14:26:40 +02:00
Pierre de La Morinerie
0b02fce5e4 jobs: move ActiveJobLogSubscriber out of initializers
This is a class of its own, it doesn't need to be in the initializers.
2021-10-12 11:40:19 +02:00
kara Diaby
eb951c75e4 change stats colors 2021-09-28 14:49:24 +02:00
simon lehericey
75043070da add CNAFAdapter 2021-09-22 12:08:24 +02:00
Pierre de La Morinerie
b4e850b88b config: remove old retro-compatibility Job constants
These constants were defined so that existing enqueued jobs wouldn't
fail during the app upgrade.

These jobs are long gone. Let's remove the compatibility code.
2021-09-21 10:43:33 -05:00
Paul Chavard
eea6b961d7 refactor(routage): remove administrateur_routage feature flag 2021-09-18 11:21:26 +02:00
simon lehericey
69bb174e29 add feature flipped link to add api particulier token
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:56:42 +02:00
simon lehericey
620a5374e8 Add api particulier url in conf
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:37:04 +02:00
Peng-Fei DONG
1979c44f9c set OTP: Enable or Disable 2021-09-09 10:25:15 -05:00
Pierre de La Morinerie
407f46b7de gems: remove smart_listing
It was only used in the old design, which we recently removed
completely.
2021-09-09 09:58:41 -05:00
Ismael MOUSSA S. (T0194673)
9d012d51e8 delete features flag option : 'make_experts_notifiable' 2021-09-07 10:49:20 +02:00
Paul Chavard
ffa8c0c80a feat(dossiers): enable dossiers termine expiration behind feature flag
feature flag "procedure_process_expired_dossiers_termine" controls if a procedure has expiration
enabled on dossiers termine

re #3796
2021-08-18 16:11:35 +01:00
Pierre de La Morinerie
9eb2e13d43 config: report job exceptions after max retry count reached
Previously Sentry reported job exceptions even if a retry
strategy was specified. So we had to ignore retried job exceptions
entirely.

Since sentry-delayed-job 0.4.4, we can instead let Sentry report
job exceptions when the retry count is exhausted. Which is
exactly the behavior we want.
2021-07-01 15:06:14 +02:00
Paul Chavard
7cb2f91fea Add revisions feature flag 2021-06-23 09:40:07 +02:00
François Vantomme
bc6d5aca0e Fix (Sentry): prefer Rails secrets over ENV variables 2021-05-27 11:12:27 +02:00
Jon
2a0a65a90f fix(sentry): specify current environment for sentry config 2021-05-27 11:12:27 +02:00
Paul Chavard
e74dcb0056 Remove ign feature flag 2021-05-24 11:50:16 +02:00
Paul Chavard
01c558953b Remove API GEO legacy adapter 2021-05-24 11:50:16 +02:00
Christophe Robillard
2516abc277 activate rack_mini_profiler in dev and display query count 2021-05-05 17:16:10 +02:00
Pierre de La Morinerie
fbfe5c3817 jobs: also retry native ActiveStorage's jobs on transient errors 2021-04-29 14:08:12 +02:00
Pierre de La Morinerie
9ad57fde2a initializers: lazy-load Mailjet gem
This fixes an error message on app startup about autoloaded
constants:

> DEPRECATION WARNING: Initialization autoloaded the constants ActionText::ContentHelper and ActionText::TagHelper.

The reason for this error is that the Mailjet gem forces the
immediate loading of `action_mailer`. Which leads to the
following sequence of events:

On app init, when bundler requires all the gems in the Gemfile:
- The Mailjet gem is required,
- It loads `ActionMailer::Base`.

Later, when Rails initializes itself:
- `ActionText` creates an `action_text.helpers` initializer,
- This initializer register hooks to add `ActionText` helpers
when either `action_controller_base` or `action_mailer` are loaded,
- But as `action_mailer` has already been loaded, the hook is trigerred
immediately,
- ActiveSupport::Dependencies notices `ActionText` constants do not
exist yet, auto-load them, and add the constants to
`ActiveSupport::Dependencies.autoloaded_constants`.

And even later, at the end of the Rails initialization process:
- The `:warn_if_autoloaded` initializer is run,
- It notices that `autoloaded_constants` is not empty, and prints the
warning message.

See https://github.com/mailjet/mailjet-gem/issues/213
2021-04-20 15:11:43 +02:00
Paul Chavard
f08d704d5f Fix api docs URL 2021-04-15 17:06:23 +02:00
simon lehericey
b87a691176 use env for localization to avoid db round trip 2021-04-06 18:23:14 +02:00
simon lehericey
cd4ad6878c remove insee_api_v3 feature 2021-04-06 18:23:14 +02:00
simon lehericey
06d2eb2d21 remove feature xray 2021-04-06 18:23:14 +02:00
simon lehericey
c2847d1481 remove unused mini_profiler var 2021-04-06 18:23:14 +02:00
simon lehericey
6f2b2c3c1f use env for maintenance mode to avoid DB roundtrip 2021-04-06 18:23:14 +02:00
simon lehericey
1715a4899f remove coronavirus banner 2021-04-06 18:23:14 +02:00
Pierre de La Morinerie
42b3ba1e1b config: migrate all config to Rails 6.1 defaults 2021-04-06 12:12:57 +02:00
Pierre de La Morinerie
ce427784e7 config: enable has_many_inversing 2021-04-06 12:12:57 +02:00
Pierre de La Morinerie
6bc608a821 config: enable most Rails 6.1 defaults 2021-04-06 12:12:57 +02:00
Pierre de La Morinerie
c2ce20d40c config: form_with now generates local forms by default
We can remove the `local: true` parameter, as it is now implied by
default.
2021-04-06 12:12:57 +02:00
Pierre de La Morinerie
b65de3e583 config: make the queue names explicit
With Rails 6.1, the default queue is now the global application queue.

We want to retain our custom queues in some cases, so configure them
epxlicitely.
2021-04-06 12:12:57 +02:00
Christophe Robillard
d89dc785f0 met à jour le lien de bas de page Accessibilité
Ce lien pointe désormais vers notre site de documentation
2021-03-30 15:08:20 +02:00
Pierre de La Morinerie
5990439ab7 app: update code to Rails 6.1 2021-03-25 13:24:53 +01:00
Pierre de La Morinerie
ac5303d56d config: make Sentry ignore rescued ActiveJob exceptions
For now the Sentry delayed_job integration reports errors that are
rescued with `retry_on`.

Ignore these errors manually for now.

See https://github.com/getsentry/sentry-ruby/issues/1347
2021-03-18 10:52:10 +01:00
Pierre de La Morinerie
75a1046315 active_storage: refactor concerns
Follow-up of #5953.

Refactor the concerns with two goals:

- Getting closer from the way ActiveStorage adds its own hooks.
  Usually ActiveStorage does this using an `Attachment#after_create`
  hook, which then delegates to the blob to enqueue the job.
- Enqueuing each job only once. By hooking on `Attachment#after_create`,
  we guarantee each job will be added only once.

We then let the jobs themselves check if they are relevant or not, and
retry or discard themselves if necessary.

We also need to update the tests a bit, because Rails'
`perform_enqueued_jobs(&block)` test helper doesn't honor the `retry_on`
clause of jobs. Instead it forwards the exception to the caller – which
makes the test fail.

Instead we use the inline version of `perform_enqueued_jobs()`, without
a block, which properly ignores errors catched by retry_on.
2021-03-16 11:49:14 +01:00
Pierre de La Morinerie
b0735aafe0 config: fix DynamicSmtpSettingsInterceptor warning again
This warning re-appeared when running mailer tests:

```
DISABLE_SPRING=1 bin/rspec spec/mailers/administration_mailer_spec.rb
```

It is now fixed properly, in a way recommanded by the documentation.
2021-03-04 22:52:19 +01:00
Paul Chavard
600f49a0ff Hide groupe instructeur selector when routage is done via API 2021-03-04 11:06:04 +01:00
Paul Chavard
1c811083c0 Cleanup feature flags usage 2021-03-04 11:06:04 +01:00
Pierre de La Morinerie
d36a684315 config: fix zeitwekr warning when reloading the app
Turns out we need not only to load the Job constants later, but also
not to do the same work twice – otherwise we'll get a 

> ApiEntreprise::Job constant is already defined

when attempting to re-define the constant.
2021-02-24 19:01:27 +01:00
Pierre de La Morinerie
9f676c76e1 config: fix zeitwerk warning about DynamicSmtpSettingsInterceptor
Fix a warning when running tests:

> DEPRECATION WARNING: Initialization autoloaded the constant DynamicSmtpSettingsInterceptor.
>
> Being able to do this is deprecated. Autoloading during initialization is going
to be an error condition in future versions of Rails.
> 
> Reloading does not reboot the application, and therefore code executed during
> initialization does not run again. So, if you reload DynamicSmtpSettingsInterceptor, for example,
> the expected changes won't be reflected in that stale Class object.
> 
> This autoloaded constant has been unloaded.
> 
> Please, check the "Autoloading and Reloading Constants" guide for solutions.

However if we fix as recommanded, the interceptor will get added
each time the classes are reloaded. And as the actual class instance
changed after the reloading, they won't be de-duplicated – *and*
there's no way to remove the old interceptor without having a reference
to the (now-deleted) class.

Instead we load the interceptor once, and add a message about the class
not being auto-reloaded.
2021-02-24 19:00:29 +01:00
Pierre de La Morinerie
68425929c6 config: disable Sentry sampling when not enabled
This removes spam in the debug console when running locally.

Removed messages look like a swarm of:

> [Tracing] Discarding <rails.request> transaction </assets/marianne.png> because it's not included in the random sample (sampling rate = 0.001)
2021-02-24 17:45:18 +01:00
Pierre de La Morinerie
e51948ab5c stylesheets: merge print rules with the application stylesheet
- Having a separate stylesheet for print rules is not a best practice
  (it makes an extra network request)
- It makes migrating to Sprockets 4 easier
2021-02-24 17:09:51 +01:00
Pierre de La Morinerie
fb305e31c4 config: move application_name to an initializer
It seems cleaner not to require a file before the Rails configuration
runs.
2021-02-24 15:06:55 +01:00
Pierre de La Morinerie
a2175ed6e3 config: reload compatibility aliases on classes reload
Fixes zeitwerk complaining that the compatibility aliases loaded in an
initializer will never be reloaded.

In our case it doesn't matter that much, but it will reduce the console
spam.
2021-02-23 09:24:13 +00:00
Paul Chavard
228a83f8a5 Add api address external data fetch 2021-02-17 19:10:16 +01:00
Paul Chavard
7223d77058 Remove unused paths from assets pipeline 2021-02-17 10:16:54 +01:00
Paul Chavard
cfa80578a7 Adjust sentry sample rate 2021-02-12 11:35:58 +01:00
Pierre de La Morinerie
819325c761 zeitwerk: move our Array extension to initializers/core_ext 2021-02-11 12:30:43 +01:00
Paul Chavard
0697e50b7c lower sentry sampling to 1% 2021-02-10 17:52:18 +01:00
Paul Chavard
eac967f84e Add sentry traces (20% for now) 2021-02-10 15:35:21 +01:00
Pierre de La Morinerie
0af7188d8c zeitwerk: add inflections 2021-02-09 13:09:10 +01:00
Pierre de La Morinerie
7d1c79bf4b zeitwerk: Url -> URL 2021-02-09 13:07:30 +01:00
Pierre de La Morinerie
150ddab660 zeitwerk: Api -> API 2021-02-09 13:07:30 +01:00
Fabrice Gangler
229f495753 allow email footer logo to be configured in .env file
Refs: #5873
2021-02-09 09:39:02 +01:00
Fabrice Gangler
3034716963 allow mailers/_bizdev_signature to be configured in .env file
Refs: #5871
2021-02-04 13:09:40 +01:00
Fabrice Gangler
d039798ac8 allow logo in PDF export to be configured in .env file
Refs: #5869
2021-02-04 12:24:31 +01:00
Paul Chavard
c46ab38055 Add sentry-rails 2021-01-28 15:31:27 +01:00
simon lehericey
d72f0c6dd2 Add authorized content type for pj 2021-01-18 17:23:08 +01:00
Paul Chavard
91be115c70 Add annuaire_education champ ui 2021-01-14 17:57:48 +01:00
Paul Chavard
5c9f2e8783 Add api education adapter and job 2021-01-14 17:57:48 +01:00
Fabrice Gangler
a8081d4b83 allow configuration of the URLs of FAQ and documentation websites in an .env file
Refs: #5801
2020-12-15 16:40:10 +01:00
Fabrice Gangler
064ea776c7 allow default logo of a procedure to be configured in .env file
Refs: #5795
2020-12-14 13:41:10 +01:00
Paul Chavard
3c6e30a326 Show titre identite link only once watermark is added 2020-12-10 16:50:03 +01:00
Fabrice Gangler
0d80d2ddd1 allow logos (mail, webapp) and favicons to be configured in .env file
Refs: #5764
2020-11-27 01:41:47 +01:00
Paul Chavard
18dfacb933 Make watermark configurable 2020-11-25 16:19:06 +01:00
Paul Chavard
b48e7813d2 Put watermark code behind a feature flag 2020-11-25 16:19:06 +01:00
Paul Chavard
371179dc5b Watermark titres identite 2020-11-25 16:19:06 +01:00
Fabrice Gangler
d3caf30bf3 allow CGU URL and Legal Notice URL to be configured in .env file
Refs: #5754
2020-11-20 22:11:42 +01:00
Christophe Robillard
9347951cea act as an saml identity provider 2020-11-16 12:19:54 +01:00
Christophe Robillard
305ccdc0cd add recoverable and two_factor stragegy for administration 2020-11-05 16:03:55 +01:00
Christophe Robillard
6c2eb22960 remove github authentication for manager 2020-11-05 16:03:55 +01:00
simon lehericey
d82d1132c2 Remove rack_mini_profiler from prod as it could show env var and force us to allow unsafe_eval and script in csp 2020-10-30 17:08:31 +01:00
kara Diaby
3d56b1d8b0 fix bootstrap cdn 2020-10-22 15:00:01 +02:00