Commit graph

2328 commits

Author SHA1 Message Date
Kara Diaby
37e991ccb8 User : delete the folder if the instructeur has hide it 2021-12-29 17:37:58 +01:00
Kara Diaby
7d7b847437 Instructeur : delete the folder if the user has hide it 2021-12-29 17:37:58 +01:00
Kara Diaby
f239d46a45 add hide_dossier method to instructeurs 2021-12-29 17:37:57 +01:00
Martin
d0ab1711ff fix(profil_controller#update_email): ensure we are not merging same account
fix(profil_controller#update_email): changing email from current_user.email to current_user.email destroy current user. whoops ☠️'

Update config/locales/en.yml

Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>

Update config/locales/fr.yml

Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>

Update spec/controllers/users/profil_controller_spec.rb

Update config/locales/fr.yml

Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>

Update spec/controllers/users/profil_controller_spec.rb

fix(spec): broken due to typo
2021-12-29 13:36:47 +01:00
Christophe Robillard
9a38d5e049 superadmin can only index and show zones 2021-12-23 19:07:42 +01:00
Christophe Robillard
537e6066d8 add Zones dashboard for superadmin 2021-12-23 19:07:42 +01:00
Fabrice Gangler
86a8d33ce7 fix(i18n): correct a typo 2021-12-23 10:56:40 +01:00
Christophe Robillard
eda8aacfe4 fix a11y problem for support page
L'interpolation de `support.index.product.answer_html` produisait des balises p vides, ce qui contrevenait au critère 8.9.1 RGAA (https://www.numerique.gouv.fr/publications/rgaa-accessibilite/methode/criteres/#test-8-9-1)
2021-12-23 10:49:52 +01:00
François Vantomme
14e0c68266 feat(api particulier): add MESRI field 2021-12-16 16:45:18 +01:00
François Vantomme
5097e78b45 feat(api particulier): add MESRI locales 2021-12-16 16:45:17 +01:00
François Vantomme
693a95904e style(api particulier): mentionne le statut étudiant dans les locales 2021-12-16 16:45:16 +01:00
Christophe Robillard
c9c1f206b9 fix zone acronyms 2021-12-15 19:37:32 +01:00
Christophe Robillard
829d644c10 group related options in zone select box 2021-12-15 19:37:32 +01:00
simon lehericey
0e7a6f5acf remove obsolete route 2021-12-15 13:43:32 +01:00
Pierre de La Morinerie
be1ddb59ec views: localize the stats partial
Also rename 'procédure' to 'démarches'.
2021-12-14 15:03:22 +01:00
maatinito
573b3d39e2 Fix date_trunc sql queries for timezoned forks 2021-12-14 08:50:09 +01:00
Martin
cf5794eebf clean(brakeman): remove unwanted warning 2021-12-13 17:09:20 +01:00
Martin
1795084dce fix(brakeman): no code injection here 2021-12-13 16:37:04 +01:00
simon lehericey
3bdf6b63d9 small wording fixes 2021-12-08 11:19:30 +01:00
Christophe Robillard
4ffd25a321 introduce zone concept from now on 2021-12-08 10:56:17 +01:00
François Vantomme
6ab8ac0662 feat (api particulier): add Pole emploi field 2021-12-08 10:36:25 +01:00
François Vantomme
2e05a3fde2 feat(api particulier): add Pole Emploi locales 2021-12-08 10:36:11 +01:00
François Vantomme
62bc2efbaa style(api particulier): mentionne Pôle Emploi dans les locales 2021-12-08 09:49:53 +01:00
François Vantomme
2110ef072c feat(api particulier): add DGFiP field 2021-12-07 11:03:05 +01:00
François Vantomme
abad34ea7c feat(api particulier): add DGFiP locales 2021-12-07 11:03:05 +01:00
François Vantomme
8ca8bdb6c4 fix(api particulier): correction d'une typo dans les locales 2021-12-07 11:03:05 +01:00
François Vantomme
4c8697656b style(api particulier): mentionne DGFIP dans les locales 2021-12-07 11:03:05 +01:00
Martin
45a74ee999 clean(routes): based on review 2021-12-06 13:09:46 +01:00
Martin
a9413f9b12 feat(manager): add procedure_expires_when_termine_enabled to administrate 2021-12-06 07:49:59 +01:00
Martin
081d5094a9 feat(instructeurs/procedure/dossiers#extend_conservation): add extends duree conservation in action button list, also rewire this action for user [extend by procedure.duree_conservation_dans_ds by default] but force 1.month for instructeur. add new icon for standby based on https://en.wikipedia.org/wiki/Power_symbol 2021-12-06 07:20:01 +01:00
Martin
d8a8d1fdab feat(instructeur/dossier/header/_expiration_banner): split trads and add dedicated expiration banner for instructeur. also enhance wording to include duree conservation + extension_conservation
feat(expiration_banner): enhance wording of expiration

feat(dossiers/expiration_banner): enhance wording regarding expiration to include duree_conservation_dossiers_dans_ds + extension_conservation, also add spec on expiration_banner for instructeur
2021-12-06 07:05:17 +01:00
Martin
22531560d8 feat(tabs.expirants): re-order so it comes before deleted dossiers 2021-12-06 07:05:17 +01:00
Christophe Robillard
3265ac2d84 localize zone 2021-12-02 19:24:26 +01:00
Christophe Robillard
5b8d872b6e populate zones 2021-12-02 19:16:11 +01:00
Pierre de La Morinerie
b7d17b0989 models: validate that no drop-downs are empty on publishing
Disallow publishing a procedure containing drop-downs with no selectable
values.
2021-12-02 09:00:37 +01:00
Pierre de La Morinerie
d524beee4e app: remove :instructeur_bypass_email_login_token from Flipper 2021-12-02 08:51:52 +01:00
Kara Diaby
ffcae81249 change locales 2021-11-30 14:27:58 +01:00
Pierre de La Morinerie
28dfc6a1ba manager: save bypass_email_login_token to both column and feature 2021-11-30 13:41:25 +01:00
Pierre de La Morinerie
99c77046d2 models: improve error message for invalid champs
Avoid prepending the message with 'Draft revision '
2021-11-30 13:34:41 +01:00
Pierre de La Morinerie
52b0fbf9b7 models: validate repetitions on publishing 2021-11-30 13:34:41 +01:00
simon lehericey
c4cde500ce fix acsv 2021-11-30 09:42:45 +01:00
Pierre de La Morinerie
184a401182 app: rename new_administrateur to administrateurs 2021-11-30 08:49:38 +01:00
Martin
970e43efb8 feat(stats#index): update Stat model to also query DossierDeleted in stats computation
tech(question): discard_and_keep_track! ; are we really keeping track with default_scope { kept } ?

feat(stats): add DeletedDossier in Stat computations

Revert "tech(question): discard_and_keep_track! ; are we really keeping track with default_scope { kept } ?"

This reverts commit d1155b7eeaaf1a9f80189e59667e109541fcb089.

feat(stats): support deleted_dossiers for last_four_months_hash and cumulative_hash. extract sanitize query & merge hashes in methdos

clean(rubocop): lint with rubocop

Update db/migrate/20211126080118_add_index_to_deleted_at_to_deleted_dossiers.rb

Co-authored-by: LeSim <mail@simon.lehericey.net>

fix(rubocop): avoid uneeded allocation

fix(migration): add concurrent index with expected synthax

fix(brakeman): add ignore message since group date_trunc evaluation is used by only ourself
2021-11-26 13:29:40 +01:00
Kara Diaby
67d331e788 modify locales fr and en 2021-11-26 09:45:13 +01:00
Kara Diaby
fef7f79237 add route 2021-11-26 09:45:13 +01:00
kara Diaby
eaac293da3 add a new tab traités on user dossiers 2021-11-26 09:45:13 +01:00
Martin
fdf0f18fda fix(i18n): wrap text under i18n.t
i18n(france_connect/*): replace wording with i18n

fix(lint): i18n key issue

secu(views/france_connect/particulier/merge.html.haml): sanitize france_connect_email just in case

fix(brakeman): sanitize FCI.email_france_connect when used with html_safe via an I18n.t, also add exception to brakeman
2021-11-25 17:34:37 +01:00
Martin
ff073f8884 Add confirmation by email when merging DC/FC accounts
feat(fci.confirmation_code): add confirmation code to france_connect_informations

feat(user_mailer.france_connect_confirmation_code): add confirmation by email mail method/preview/spec, pointing to merge_mail_with_existing_account (reuse existing method)

feat(mail_merge): mail merge

feat(merge.cannot_use_france_connect): same behaviour as callback

clean(fci.confirmation_code): use same token for mail validation as merge

feat(resend_france_connect/particulier/merge_confirmation): resend email with link. also enhance some trads, cleanup halfy finished refacto

clean(tech): finalize story by plugging merge_with_new_account to email validation

fix(deadspec): was removed

fix(spec): broken after last refactoring

lint(rubocop): space before parenthesis

lint(haml-lint): yoohoooo space before =

fix(lint): scss now :D

Update app/assets/stylesheets/buttons.scss

cleanup

feat(france_connect): re-add confirm by email, with an option for confirmation by email instead of only confirmation by email

fixup! Add confirmation by email when merging DC/FC accounts

fix(lint): haml_spec failure
2021-11-25 17:34:34 +01:00
mfo
e7d9d047fe
Merge branch 'main' into 6649-etq-usager-instructeur-rendre-la-suppression-plus-visible 2021-11-24 14:07:32 +01:00
simon lehericey
6e7d2e057a typo 2021-11-24 12:50:52 +01:00
simon lehericey
f60055637a add missing redirect_uri env 2021-11-24 12:47:01 +01:00
Pierre de La Morinerie
60c2718f29 models: remove custom code for file size validation message
With active_storage_validations 0.9.6, we can use the %{max_size}
variable directly in the error message.
2021-11-24 10:06:45 +01:00
Martin
0fd9e15cc1 i18n(expiration_banner): extract test in i18n files 2021-11-23 15:23:22 +01:00
simon lehericey
5234a1854c manage AgentConnect callback 2021-11-23 14:17:59 +01:00
simon lehericey
3316dfc866 reopen openid_connect gem to support AC encrypted jwt response 2021-11-23 14:17:59 +01:00
simon lehericey
898df449d4 redirect to AgentConnect 2021-11-23 14:17:59 +01:00
simon lehericey
45ce274721 add agent connect secrets 2021-11-23 14:17:59 +01:00
simon lehericey
d2432e34eb AgentConnect UI 2021-11-23 14:17:59 +01:00
Martin
b6adf5fc72 feat(dossiers/show): enhance header with expirations message/banner. also ensure consistent design between dossier states
fix(spec): broken due to last refactoring

spec(dossier.extend_conservation): add system spec

lint(ruby): still not yet ready for auto lint in IDE...
2021-11-23 05:50:25 +01:00
Martin
3d1533dee9 feat(users/dossiers?statut=dossiers-expirant): add dossiers-expirant tab 2021-11-19 15:14:39 +01:00
mfo
82b23b92c0
Merge branch 'main' into 6624/etq-instructeur-je-souhaite-supprimer-des-messages-envoyes-par-erreur 2021-11-17 05:41:56 +01:00
Paul Chavard
406c5a61cc fix(dossier): fix dossier traitements display 2021-11-16 19:00:20 +03:00
mfo
1d174df2ec
Merge branch 'main' into 6624/etq-instructeur-je-souhaite-supprimer-des-messages-envoyes-par-erreur 2021-11-16 16:37:15 +01:00
Martin
c24bc45137 clean(trads): remove unused i18n 2021-11-16 16:25:32 +01:00
Martin
f0950b592b clean(CommentaireService): extract soft delete within controller. returning an instance with an error[:base] is not persisted with validation : avoid poluting stuff 2021-11-16 16:13:11 +01:00
Paul Chavard
7914775809 feat(routage): administrateur can disable routage
fix #6627
2021-11-16 11:49:51 +03:00
Martin
d4c74b5621 feat(rc.1): refine with better translations, better design 2021-11-15 14:15:05 +01:00
Martin
3b78a9d81a feat(rc): first stable 2021-11-15 13:53:32 +01:00
Paul Chavard
1adafd22d0 fix(graphql): add graphql_operation to lograge 2021-11-04 16:18:10 +01:00
simon lehericey
652b8367be accept or refuse merge 2021-11-04 16:10:09 +01:00
simon lehericey
894e8fdd47 move update_email check to before_action 2021-11-04 16:10:09 +01:00
Paul Chavard
ba0211ba52 feat(champ): ask for departement before asking for commune 2021-11-04 11:55:25 +01:00
Pierre de La Morinerie
5f2233d07d specs: reduce BCrypt complexity during tests
BCrypt is used to compute Instructeur tokens, and takes a surprisingly
ong time during specs.

Reducing the complexity to speed it up.

Speeds up this spec from 0m 57s to 0m 20s.
2021-11-03 19:38:01 +01:00
kara Diaby
f1f2b76a3d revisions 2021-10-27 12:00:39 +02:00
Paul Chavard
6e8e0c7b6b feat(type_de_champ): reflect changes of secondary labels and descriptions 2021-10-26 12:18:01 +02:00
Pierre de La Morinerie
d0e87a08cf services: cache zxcvbn dictionaries per-thread
Before, every time a password was tested, the dictionaries were parsed
again by zxcvbn.

Parsing dictionaries is slow: it may take up to ~1s. This doesn't matter
that much in production, but it makes tests very slow (because we tend
to create a lot of User records).

With this changes, the initializer tester is shared between calls, class
instances and threads. It is lazily loaded on first use, in order not to
slow down the application boot sequence.

This uses ~20 Mo of memory (only once for all threads), but makes tests
more that twice faster.

For instance, model tests go from **8m 21s** to **3m 26s**.

NB:
An additionnal optimization could be to preload the tester on
boot, before workers are forked, to take advantage of Puma copy-on-write
mechanism. In this way all forked workers would use the same cached
instance.

But:

- We're not actually sure this would work properly. What if Ruby updates
  an interval ivar on the class, and this forces the OS to copy the
  whole data structure in each fork?
- Puma phased restarts are not compatible with copy-on-write anyway.

So we're avoiding this optimisation for now, and take the extra 20 Mo
per worker.
2021-10-25 12:04:56 +02:00
Pierre de La Morinerie
136d0bc341 config: remove pre and post boot code from puma config
This is no longer needed since Rails 5.1.

See https://github.com/rails/rails/pull/31241
2021-10-25 11:28:09 +02:00
simon lehericey
738d08a1d9 change in whitelist 2021-10-19 21:07:24 +02:00
simon lehericey
44c880adc4 allow instructeur and administrateur to change their email to legit domain (#6550) 2021-10-19 15:54:57 +02:00
simon lehericey
ce40e1127d merge with another new account 2021-10-14 14:47:50 +02:00
simon lehericey
19f81b594b merge with an existing account by using the password 2021-10-14 14:47:50 +02:00
simon lehericey
f7299da1e7 launch merge process if an unlinked DS account with the same email exists 2021-10-14 14:47:50 +02:00
simon lehericey
8c81558e56 english locales 2021-10-12 14:27:20 +02:00
simon lehericey
57a7f82a8f add cnaf ui 2021-10-12 14:27:20 +02:00
simon lehericey
40d0cfcdc4 add champ validation 2021-10-12 14:27:20 +02:00
simon lehericey
d68129b34d add cnaf type de champ 2021-10-12 14:26:40 +02:00
simon lehericey
b69dafc3d4 CNAF in lowercase 2021-10-12 14:26:40 +02:00
simon lehericey
05e127af4b corrige une locale 2021-10-12 14:26:40 +02:00
Pierre de La Morinerie
0b02fce5e4 jobs: move ActiveJobLogSubscriber out of initializers
This is a class of its own, it doesn't need to be in the initializers.
2021-10-12 11:40:19 +02:00
kara Diaby
6251c3369b routes 2021-10-05 15:37:29 +02:00
kara Diaby
6c82e40ddb routes 2021-10-05 15:00:21 +02:00
Pierre de La Morinerie
f277731b3d app: upgrade webpacker by running rails webpacker:install 2021-09-30 17:05:26 +02:00
kara Diaby
eb951c75e4 change stats colors 2021-09-28 14:49:24 +02:00
Paul Chavard
357c684688 feat(routage): self managing instructeurs 2021-09-27 15:06:17 +02:00
simon lehericey
75043070da add CNAFAdapter 2021-09-22 12:08:24 +02:00
simon lehericey
07962cc2c7 service: match remote keys 2021-09-22 12:08:24 +02:00
Ismael MOUSSA S
7c7c9c9ea4 Fix file size validation message 2021-09-21 12:11:20 -05:00
simon lehericey
2e1bed8748 an admin can save its sources 2021-09-21 11:21:10 -05:00
Pierre de La Morinerie
6656d1130b i18n: refactor admin support locales
This allow i18n-tasks to better detect dynamic keys.
2021-09-21 10:44:20 -05:00
Pierre de La Morinerie
f9220891a7 i18n: refactor user support locales
This allow i18n-tasks to better detect dynamic keys.
2021-09-21 10:44:20 -05:00
Pierre de La Morinerie
ede23fa542 i18n: remove unused locales about user feedback 2021-09-21 10:44:20 -05:00
Pierre de La Morinerie
274b92c453 i18n: remove simple_form locale files
We don't even use simple_form.
2021-09-21 10:44:20 -05:00
Pierre de La Morinerie
f050a4757a i18n-tasks: consider model names localizations as used 2021-09-21 10:44:20 -05:00
Pierre de La Morinerie
580ae1c063 i18n: add automated check for inconsistent interpolations 2021-09-21 10:44:20 -05:00
Pierre de La Morinerie
b4e850b88b config: remove old retro-compatibility Job constants
These constants were defined so that existing enqueued jobs wouldn't
fail during the app upgrade.

These jobs are long gone. Let's remove the compatibility code.
2021-09-21 10:43:33 -05:00
simon lehericey
75481a644c Add confirm alert 2021-09-20 13:58:11 +02:00
simon lehericey
7239657a75 [Fix #6481] a user see its waiting transfers 2021-09-20 13:58:11 +02:00
simon lehericey
c34476a766 a user can transfer all its dossier 2021-09-20 13:58:11 +02:00
Paul Chavard
c9accbf5a5 refactor(i18n): localize routage description 2021-09-18 11:51:27 +02:00
Paul Chavard
64298503b1 fix(i18n): fix missing translations in partials 2021-09-18 11:44:41 +02:00
Paul Chavard
0c5c8faf16 feat(routage): enable routage for everyone 2021-09-18 11:22:35 +02:00
Paul Chavard
eea6b961d7 refactor(routage): remove administrateur_routage feature flag 2021-09-18 11:21:26 +02:00
simon lehericey
5dbd81ebeb show api particulier sources 2021-09-17 13:50:23 +02:00
Pierre de La Morinerie
64e10c6d8c i18n: fix english file with fr key 2021-09-16 08:16:09 -05:00
Pierre de La Morinerie
c6bc42ad76 i18n: fix english keys scope for passwords views 2021-09-16 07:59:19 -05:00
Pierre de La Morinerie
715b5ea6d8 i18n: move controller keys to the proper scope 2021-09-16 07:59:19 -05:00
Pierre de La Morinerie
0104a71e53 i18n: remove unused english key 2021-09-16 07:51:56 -05:00
Pierre de La Morinerie
973945fb58 i18n-tasks: add gems locales to the search path 2021-09-16 07:51:56 -05:00
Pierre de La Morinerie
446738fbbf i18n: make dynamic scopes explicit
This fixes i18n-tasks not being able to recognize the scopes.
2021-09-16 07:51:56 -05:00
Pierre de La Morinerie
95d1cd6992 i18n: cleanup gender locales
The dot in the localized key messes up with i18n-tasks, and causes
false positives for missing strings.
2021-09-16 07:51:56 -05:00
Pierre de La Morinerie
745e19bb8e localize 2021-09-16 09:07:47 +02:00
simon lehericey
69bb174e29 add feature flipped link to add api particulier token
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:56:42 +02:00
simon lehericey
ee6d19e3ee an admin can save it's api particulier token
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:56:42 +02:00
simon lehericey
4c0dd43055 add jetons particulier index page
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:37:04 +02:00
simon lehericey
620a5374e8 Add api particulier url in conf
Co-authored-by: François VANTOMME <akarzim@gmail.com>
2021-09-15 14:37:04 +02:00
Peng-Fei DONG
1979c44f9c set OTP: Enable or Disable 2021-09-09 10:25:15 -05:00
Pierre de La Morinerie
407f46b7de gems: remove smart_listing
It was only used in the old design, which we recently removed
completely.
2021-09-09 09:58:41 -05:00
Pierre de La Morinerie
80f9d4adc0 devise: use password_strength component in SuperAdmin::PasswordsController 2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
ed8b19d2eb app: use password_complexity in Administrateurs::ActivateController 2021-09-09 09:40:39 -05:00
Pierre de La Morinerie
428ca8755f app: add a password_complexity component
This component will replace the previous `password_field` component.
2021-09-09 09:40:39 -05:00
Paul Chavard
3235f42a63 feat(dossier): add dossier transfers UI 2021-09-08 15:10:43 +02:00
Paul Chavard
d6cbdf2a48 feat(dossier): add dossier transfer models 2021-09-08 14:39:46 +02:00
Ismael MOUSSA S. (T0194673)
9d012d51e8 delete features flag option : 'make_experts_notifiable' 2021-09-07 10:49:20 +02:00
Paul Chavard
6a5a8233b5 feat(i18n): send dossier emails with its user locale and improuve translations 2021-09-07 09:51:23 +02:00
Pierre de La Morinerie
d4d0c0b1f3 gems: clean brakeman obsolete false-positives
These were made obsolete by the new brakeman version.
2021-09-02 16:12:52 -05:00
Pierre de La Morinerie
f9529da8bd gems: update brakeman
This prevent a false-positive warning about a vulnerable loofah version.

We also need to ignore a new warning, about an unsafe redirect. This is
unsafe when the object given in redirect can be a hash that includes
a `:host` key. But here we are redirecting to a plain string, which is
definitely safe.
2021-09-02 16:11:23 -05:00
Pierre de La Morinerie
a004ac59df app: move archive to NewAdministrateur::ProceduresController 2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
e7c8a9fff5 app: move clone to NewAdministrateur::ProceduresController 2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
56fa7e7cd6 app: move destroy to NewAdministrateur::ProceduresController
The code was already moved; only the route and tests were not.
2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
3e83ad454f app: move new_from_existing to NewAdministrateur::ProceduresController 2021-09-02 14:51:31 -05:00
Pierre de La Morinerie
7729385d89 controllers: remove dead code on Admin::ProceduresController
This code has been migrated to NewAdministrateur::ProceduresController.
2021-09-02 14:51:26 -05:00
Pierre de La Morinerie
3fc934c8fb app: remove leftovers of publish_validate route
The correponding code and feature have been removed a while ago.
2021-09-02 14:50:41 -05:00
Pierre de La Morinerie
0f9d7d6b8c app: remove old Admin::InstructeursController
It was only hosting the deprecated "Instructeurs globally attached to
this admin", which wasn't used anywhere in the app anymore.
2021-09-02 14:40:36 -05:00
lydiasan
ed7a9aaf39 ajout des traductions pour la page reset-link-sent 2021-09-01 17:49:52 +02:00
Paul Chavard
a3cc072bbd feat(i18n): translate countries selector 2021-08-31 13:15:26 +02:00
Paul Chavard
241f564ecc refactor(i18n): move signature translation keys to shared 2021-08-26 17:53:59 +02:00
Paul Chavard
89d9a4a477 feat(i18n): translate notification emails actions 2021-08-26 17:53:59 +02:00
Paul Chavard
6eb072e69f feat(i18n): translate email greetings 2021-08-26 17:53:59 +02:00
lydiasan
156b9894fe ajout des traductions pour la demande de mdp 2021-08-26 17:43:00 +02:00
Paul Chavard
8c6978c0cb feat(i18n): translate devise related emails 2021-08-26 12:08:40 +02:00
Paul Chavard
8e1bfb469f fix(dossier): send expiration notifications 2 weeks prior to supression instead of a month 2021-08-26 11:28:57 +02:00
Pierre de La Morinerie
47e1555dce i18n: properly translate the locale dropdown title 2021-08-24 12:57:51 -05:00
Pierre de La Morinerie
83b04aca59 i18n: move 'layouts' locales to their proper location 2021-08-24 12:57:51 -05:00
Christophe Robillard
99c16e8dc0 i18n for header 2021-08-20 12:09:01 +02:00
Christophe Robillard
a5750ed4ce i18n for registration page 2021-08-20 12:09:01 +02:00
Paul Chavard
2e707e118c fix(i18n): remove space before question mark in english 2021-08-20 10:40:12 +01:00
Christophe Robillard
bf3580ca2f i18n for page commencer 2021-08-20 09:19:25 +02:00
Paul Chavard
ffa8c0c80a feat(dossiers): enable dossiers termine expiration behind feature flag
feature flag "procedure_process_expired_dossiers_termine" controls if a procedure has expiration
enabled on dossiers termine

re #3796
2021-08-18 16:11:35 +01:00
François Vantomme
17b659539f Feat (API Particulier): new encryption service 2021-07-30 11:18:44 +02:00
Paul Chavard
020ce2dcaa fix shared locales namespace 2021-07-28 13:09:50 +02:00
kara Diaby
77b57edb2f fixup! routes 2021-07-27 19:38:21 +02:00
lydiasan
7de10731a6 i18n: localize dossiers edition 2021-07-20 14:18:20 +02:00
Pierre de La Morinerie
5b4f7f9ae9 app: restore the default cache settings
We initially did that to avoid a browser being restarted to display a
cached form with a stale CSRF token – thus provoking an
InvalidAuthenticityToken exception when the form is submitted.

But now that we use a long-lived CSRF token, we can submit forms with
a stale CSRF token successfully (because the long-lived CSRF cookie)
is still valid – so we no longer need to change the HTML cache behavior.

This fixes issues where the browser Back button wants to display a
previous POST document, but can't because of the 'no-store' setting. In
this case the browser either displays an error, or re-attempts the POST
request (without any cookies), which results in an 
InvalidAuthenticityToken exception.

See `docs/adr-csrf-forgery.md` for more explanations.
2021-07-20 11:11:52 +02:00
Pierre de La Morinerie
9eb2e13d43 config: report job exceptions after max retry count reached
Previously Sentry reported job exceptions even if a retry
strategy was specified. So we had to ignore retried job exceptions
entirely.

Since sentry-delayed-job 0.4.4, we can instead let Sentry report
job exceptions when the retry count is exhausted. Which is
exactly the behavior we want.
2021-07-01 15:06:14 +02:00
Paul Chavard
15ff046428 Improuve revision changes messages 2021-06-24 11:39:49 +02:00
Paul Chavard
8b2c2c6466 Handle carte layers changes 2021-06-24 11:39:49 +02:00
Paul Chavard
35eccb5630 Show separate blocks for types de champ and annotation changes 2021-06-23 09:40:07 +02:00
Paul Chavard
7cb2f91fea Add revisions feature flag 2021-06-23 09:40:07 +02:00
Paul Chavard
f238710044 Add last_month export 2021-06-23 09:23:10 +02:00
Pierre de La Morinerie
b5bde6608c routes: replace the email param in the Avis URLs by a query param 2021-06-17 11:15:51 +02:00
Pierre de La Morinerie
ab442cd8d1 routes: remove unused redirections 2021-06-17 11:15:51 +02:00
Pierre de La Morinerie
51159117c9 routes: replace the email param in the URL to a query param
This basically moves from:

    /lien-envoye/foo@bar.com

to:

    /lien-envoye?email=foo@bar.com

This allow to properly censor the data in Matomo (so that email
addresses don't end up stored in Matomo).
2021-06-17 11:15:51 +02:00
kara Diaby
99d00c00ce change routes 2021-06-15 11:20:20 +02:00
kara Diaby
da1d83b967 add route 2021-06-04 15:29:08 +02:00
Pierre de La Morinerie
fcd5df3c2b i18n: add missing i18n keys for User model
The key for naming the User model was missing – so the default
localization from devise-i18n was used. Unfortunately devise-i18n lacks
the plural form.

This fixes the manager dashboard displaying "User" instead of "Users".
2021-05-27 16:08:55 +02:00
François Vantomme
bc6d5aca0e Fix (Sentry): prefer Rails secrets over ENV variables 2021-05-27 11:12:27 +02:00
Jon
2a0a65a90f fix(sentry): specify current environment for sentry config 2021-05-27 11:12:27 +02:00
Paul Chavard
9b0dae4cc2 Fix apostrophes ‘ -> ’ 2021-05-26 18:05:14 +02:00
lydiasan
2d6ad4f2c1
Merge branch 'main' into localize-dropdown-button 2021-05-25 14:45:52 +02:00
Pierre de La Morinerie
d93342e1d7 config: cleanup allowed tags after Rails 6.1 migration 2021-05-25 11:06:53 +02:00
Paul Chavard
e74dcb0056 Remove ign feature flag 2021-05-24 11:50:16 +02:00
Paul Chavard
01c558953b Remove API GEO legacy adapter 2021-05-24 11:50:16 +02:00
kara Diaby
b3caa2e5f4 add route 2021-05-18 11:42:10 +02:00
lydiasan
42153d1d37 ajout du selecteur de langue 2021-05-12 16:30:35 +02:00
Paul Chavard
8a74438dc1 Use conservation_extension instead of en_construction_conservation_extension 2021-05-11 17:33:53 +02:00
Paul Chavard
e8cdded515 Use explicit name to avoid unknown constant errors 2021-05-06 16:10:48 +02:00
Pierre de La Morinerie
b8f71bd52c i18n: fix enum values for Dossier.state
According to Rails i18n guide, enum values should be localized
as `<model>/<enum>`, not as sub-values to the attribute.

This fixes an exception in administrate when displaying a Dossier
in the Manager.

Note: we need to change the way GraphQL attributes are generated, because
`AASM::Core::State#display_name` doesn’t honor the `model/attribute.value`
convention (and instead tries to localize as `model.attribute/value`).
So instead we lookup the localized name using ActiveRecord.
2021-05-06 14:38:25 +02:00
Paul Chavard
327bec0637 Use HELO 2021-05-06 08:59:18 +02:00
Christophe Robillard
2516abc277 activate rack_mini_profiler in dev and display query count 2021-05-05 17:16:10 +02:00
Paul Chavard
bcbfcdc537 Revert "Merge pull request #6142 from tchak/enable_brouillon_extend_conservation"
This reverts commit 48eb4d9778, reversing
changes made to 5539d5cb8c.

# Conflicts:
#	app/models/dossier.rb
#	db/schema.rb
2021-05-04 16:03:29 +02:00
Paul Chavard
b2a867266a Allow users to extend conservation on drafts 2021-04-29 19:50:30 +02:00
Christophe Robillard
f40d96fbd2 Revert "Revert "Export de tous les dossier d'une démarche""
This reverts commit d9a588b52e.
2021-04-29 17:29:47 +02:00
krichtof
d9a588b52e
Revert "Export de tous les dossier d'une démarche" 2021-04-29 16:07:18 +02:00
Pierre de La Morinerie
fbfe5c3817 jobs: also retry native ActiveStorage's jobs on transient errors 2021-04-29 14:08:12 +02:00
Christophe Robillard
59a08ad307 affiche quand l'archive a été générée 2021-04-28 11:40:58 +02:00
Christophe Robillard
8b2849408c instructeurs can create and download archives 2021-04-28 11:40:58 +02:00
Pierre de La Morinerie
4a12e973bf i18n: add unbreakable spaces to reset_link_sent locales 2021-04-27 13:56:57 +02:00
Pierre de La Morinerie
d530b272a1 password: add specific page for reset instructions 2021-04-22 14:24:15 +02:00
Pierre de La Morinerie
9ad57fde2a initializers: lazy-load Mailjet gem
This fixes an error message on app startup about autoloaded
constants:

> DEPRECATION WARNING: Initialization autoloaded the constants ActionText::ContentHelper and ActionText::TagHelper.

The reason for this error is that the Mailjet gem forces the
immediate loading of `action_mailer`. Which leads to the
following sequence of events:

On app init, when bundler requires all the gems in the Gemfile:
- The Mailjet gem is required,
- It loads `ActionMailer::Base`.

Later, when Rails initializes itself:
- `ActionText` creates an `action_text.helpers` initializer,
- This initializer register hooks to add `ActionText` helpers
when either `action_controller_base` or `action_mailer` are loaded,
- But as `action_mailer` has already been loaded, the hook is trigerred
immediately,
- ActiveSupport::Dependencies notices `ActionText` constants do not
exist yet, auto-load them, and add the constants to
`ActiveSupport::Dependencies.autoloaded_constants`.

And even later, at the end of the Rails initialization process:
- The `:warn_if_autoloaded` initializer is run,
- It notices that `autoloaded_constants` is not empty, and prints the
warning message.

See https://github.com/mailjet/mailjet-gem/issues/213
2021-04-20 15:11:43 +02:00
Pierre de La Morinerie
8cb7a49dd9 password: add password reset instructions 2021-04-20 09:34:53 +02:00
Pierre de La Morinerie
85691b9f2e sign_in: no need to specify password length 2021-04-20 09:34:52 +02:00
Pierre de La Morinerie
6b14420ffa sign_in: improve "Forgot password?" appearance on mobile 2021-04-20 09:34:52 +02:00
kara Diaby
881491c697 add route 2021-04-19 10:23:45 +02:00
Paul Chavard
f08d704d5f Fix api docs URL 2021-04-15 17:06:23 +02:00
Pierre de La Morinerie
c96a2550d8 ci: check for zeitwerk errors
If a zeitwerk-incompatible class is introduced, it won't break
any test before reaching production.
2021-04-15 13:17:46 +02:00
Christophe Robillard
54f2b9dc7e [manager] remove super admin 2021-04-15 10:12:11 +02:00
Christophe Robillard
db48ea02aa [manager] list superadmins 2021-04-15 10:12:11 +02:00
Paul Chavard
651a928b7c Improuve export UI 2021-04-08 14:40:26 +01:00
simon lehericey
44f9ae3c65 only preload what is needed on most requests 2021-04-06 18:23:14 +02:00
simon lehericey
b87a691176 use env for localization to avoid db round trip 2021-04-06 18:23:14 +02:00
simon lehericey
cd4ad6878c remove insee_api_v3 feature 2021-04-06 18:23:14 +02:00
simon lehericey
06d2eb2d21 remove feature xray 2021-04-06 18:23:14 +02:00
simon lehericey
c2847d1481 remove unused mini_profiler var 2021-04-06 18:23:14 +02:00
simon lehericey
6f2b2c3c1f use env for maintenance mode to avoid DB roundtrip 2021-04-06 18:23:14 +02:00
simon lehericey
1715a4899f remove coronavirus banner 2021-04-06 18:23:14 +02:00
Pierre de La Morinerie
62051c926a app: move update_allow_decision_access to ExpertsController 2021-04-06 14:54:18 +02:00
Pierre de La Morinerie
c82c72402d app: move the experts list to ExpertsProceduresController 2021-04-06 14:29:02 +02:00
Pierre de La Morinerie
7acb4cee83 controllers: use standard action names in ExpertsProceduresController 2021-04-06 13:45:51 +02:00
Pierre de La Morinerie
3f25624a5a routes: nest ExpertsProcedures routes in a resource 2021-04-06 13:18:51 +02:00
Pierre de La Morinerie
42b3ba1e1b config: migrate all config to Rails 6.1 defaults 2021-04-06 12:12:57 +02:00
Pierre de La Morinerie
ce427784e7 config: enable has_many_inversing 2021-04-06 12:12:57 +02:00
Pierre de La Morinerie
6bc608a821 config: enable most Rails 6.1 defaults 2021-04-06 12:12:57 +02:00
Pierre de La Morinerie
c2ce20d40c config: form_with now generates local forms by default
We can remove the `local: true` parameter, as it is now implied by
default.
2021-04-06 12:12:57 +02:00
Pierre de La Morinerie
b65de3e583 config: make the queue names explicit
With Rails 6.1, the default queue is now the global application queue.

We want to retain our custom queues in some cases, so configure them
epxlicitely.
2021-04-06 12:12:57 +02:00
Fabrice Gangler
6f0b594fc5 doc: add ACCESSIBILITE_URL to env.example.optional file
Refs: #6050
2021-04-06 11:33:42 +02:00
kara Diaby
39d0dd2af1 yml traduction 2021-04-06 10:38:46 +02:00
kara Diaby
5b7b2d4966 change routes 2021-04-06 10:38:46 +02:00
Christophe Robillard
dbfc878bf5 supprime la page accessibilité 2021-03-30 15:12:18 +02:00
Christophe Robillard
d89dc785f0 met à jour le lien de bas de page Accessibilité
Ce lien pointe désormais vers notre site de documentation
2021-03-30 15:08:20 +02:00
simon lehericey
5624e87867 add webserver file logic 2021-03-29 18:45:40 +02:00
Pierre de La Morinerie
5990439ab7 app: update code to Rails 6.1 2021-03-25 13:24:53 +01:00
lydiasan
8dce3e5d2a i18n: localize users/sign_in page 2021-03-25 11:59:05 +01:00
kara Diaby
fe7fb882c8 remove useless routes 2021-03-24 16:20:44 +01:00
Christophe Robillard
83cf0fa903 detect staging env 2021-03-24 15:30:12 +01:00
Pierre de La Morinerie
56b3601063 app: enable Bootsnap
Bootsnap speeds up the initial loading of the Rails app by:
- Optimizing the LOAD_PATH dynamically
- Caching the result of Ruby bytecode compilation

Cached data are written to `tmp/cache/bootsnap*`.

This is enabled in the default Rails app template.
2021-03-19 08:05:14 +01:00
kara Diaby
c7392d8140 changes routes 2021-03-18 11:38:52 +01:00
kara Diaby
d2ab2debb6 add expert logic 2021-03-18 11:27:51 +01:00
Pierre de La Morinerie
ac5303d56d config: make Sentry ignore rescued ActiveJob exceptions
For now the Sentry delayed_job integration reports errors that are
rescued with `retry_on`.

Ignore these errors manually for now.

See https://github.com/getsentry/sentry-ruby/issues/1347
2021-03-18 10:52:10 +01:00
Pierre de La Morinerie
75a1046315 active_storage: refactor concerns
Follow-up of #5953.

Refactor the concerns with two goals:

- Getting closer from the way ActiveStorage adds its own hooks.
  Usually ActiveStorage does this using an `Attachment#after_create`
  hook, which then delegates to the blob to enqueue the job.
- Enqueuing each job only once. By hooking on `Attachment#after_create`,
  we guarantee each job will be added only once.

We then let the jobs themselves check if they are relevant or not, and
retry or discard themselves if necessary.

We also need to update the tests a bit, because Rails'
`perform_enqueued_jobs(&block)` test helper doesn't honor the `retry_on`
clause of jobs. Instead it forwards the exception to the caller – which
makes the test fail.

Instead we use the inline version of `perform_enqueued_jobs()`, without
a block, which properly ignores errors catched by retry_on.
2021-03-16 11:49:14 +01:00
Pierre de La Morinerie
70104d7059 config: avoid blocking legitimate requests from mobile ISPs 2021-03-11 18:28:10 +01:00
Paul Chavard
1644c9d44b Another attempt at fixing IE 2021-03-09 11:29:20 +01:00
Pierre de La Morinerie
b0735aafe0 config: fix DynamicSmtpSettingsInterceptor warning again
This warning re-appeared when running mailer tests:

```
DISABLE_SPRING=1 bin/rspec spec/mailers/administration_mailer_spec.rb
```

It is now fixed properly, in a way recommanded by the documentation.
2021-03-04 22:52:19 +01:00
Paul Chavard
d4a34edab5 fix mapbox-gl transpilation 2021-03-04 19:04:39 +01:00
Paul Chavard
600f49a0ff Hide groupe instructeur selector when routage is done via API 2021-03-04 11:06:04 +01:00
Paul Chavard
1c811083c0 Cleanup feature flags usage 2021-03-04 11:06:04 +01:00
Pierre de La Morinerie
d36a684315 config: fix zeitwekr warning when reloading the app
Turns out we need not only to load the Job constants later, but also
not to do the same work twice – otherwise we'll get a 

> ApiEntreprise::Job constant is already defined

when attempting to re-define the constant.
2021-02-24 19:01:27 +01:00
Pierre de La Morinerie
9f676c76e1 config: fix zeitwerk warning about DynamicSmtpSettingsInterceptor
Fix a warning when running tests:

> DEPRECATION WARNING: Initialization autoloaded the constant DynamicSmtpSettingsInterceptor.
>
> Being able to do this is deprecated. Autoloading during initialization is going
to be an error condition in future versions of Rails.
> 
> Reloading does not reboot the application, and therefore code executed during
> initialization does not run again. So, if you reload DynamicSmtpSettingsInterceptor, for example,
> the expected changes won't be reflected in that stale Class object.
> 
> This autoloaded constant has been unloaded.
> 
> Please, check the "Autoloading and Reloading Constants" guide for solutions.

However if we fix as recommanded, the interceptor will get added
each time the classes are reloaded. And as the actual class instance
changed after the reloading, they won't be de-duplicated – *and*
there's no way to remove the old interceptor without having a reference
to the (now-deleted) class.

Instead we load the interceptor once, and add a message about the class
not being auto-reloaded.
2021-02-24 19:00:29 +01:00
Pierre de La Morinerie
68425929c6 config: disable Sentry sampling when not enabled
This removes spam in the debug console when running locally.

Removed messages look like a swarm of:

> [Tracing] Discarding <rails.request> transaction </assets/marianne.png> because it's not included in the random sample (sampling rate = 0.001)
2021-02-24 17:45:18 +01:00
Pierre de La Morinerie
e51948ab5c stylesheets: merge print rules with the application stylesheet
- Having a separate stylesheet for print rules is not a best practice
  (it makes an extra network request)
- It makes migrating to Sprockets 4 easier
2021-02-24 17:09:51 +01:00
Pierre de La Morinerie
fb305e31c4 config: move application_name to an initializer
It seems cleaner not to require a file before the Rails configuration
runs.
2021-02-24 15:06:55 +01:00
Pierre de La Morinerie
a2175ed6e3 config: reload compatibility aliases on classes reload
Fixes zeitwerk complaining that the compatibility aliases loaded in an
initializer will never be reloaded.

In our case it doesn't matter that much, but it will reduce the console
spam.
2021-02-23 09:24:13 +00:00
Paul Chavard
228a83f8a5 Add api address external data fetch 2021-02-17 19:10:16 +01:00
Paul Chavard
7223d77058 Remove unused paths from assets pipeline 2021-02-17 10:16:54 +01:00
Paul Chavard
1c164c4376 Use jsx extension 2021-02-16 18:14:10 +01:00
Pierre de La Morinerie
2ce3149d92 test: don't cache classes during tests
When running several individual tests in succession using Spring,
we get an error message:

> zeitwerk error: reloading is disabled because config.cache_classes is true

Caching classes during tests used to be recommended – but Rails 6
now recommands to reload them:

- Spring takes care of the caching for us,
- It makes zeitwerk happy.

See discussion in 65344f254c

A potential downside used to be that when running system tests using
Capybara, each web request would reload the classes, which invalidated
the model objects of the test case. But it seems to be fixed now.
2021-02-16 15:59:35 +01:00
kara Diaby
9492b09f85 make and expert notifiable (controller and routes) 2021-02-16 09:46:18 +00:00
Paul Chavard
cfa80578a7 Adjust sentry sample rate 2021-02-12 11:35:58 +01:00
Pierre de La Morinerie
211ddeda45 config: enable zeitwerk
Check that everything works using
bin/rails zeitwerk:check
2021-02-11 12:30:43 +01:00
Pierre de La Morinerie
819325c761 zeitwerk: move our Array extension to initializers/core_ext 2021-02-11 12:30:43 +01:00
Christophe Robillard
a288a13805 disable france connect authentication for admin and instructeurs 2021-02-10 18:13:47 +01:00
Paul Chavard
0697e50b7c lower sentry sampling to 1% 2021-02-10 17:52:18 +01:00
Paul Chavard
eac967f84e Add sentry traces (20% for now) 2021-02-10 15:35:21 +01:00
Pierre de La Morinerie
0af7188d8c zeitwerk: add inflections 2021-02-09 13:09:10 +01:00
Pierre de La Morinerie
7d1c79bf4b zeitwerk: Url -> URL 2021-02-09 13:07:30 +01:00
Pierre de La Morinerie
150ddab660 zeitwerk: Api -> API 2021-02-09 13:07:30 +01:00
Fabrice Gangler
229f495753 allow email footer logo to be configured in .env file
Refs: #5873
2021-02-09 09:39:02 +01:00
Fabrice Gangler
3034716963 allow mailers/_bizdev_signature to be configured in .env file
Refs: #5871
2021-02-04 13:09:40 +01:00
Fabrice Gangler
d039798ac8 allow logo in PDF export to be configured in .env file
Refs: #5869
2021-02-04 12:24:31 +01:00
Pierre de La Morinerie
3b5617b123 mailers: remove dead AdministrationMailer code 2021-02-04 12:15:13 +01:00
Judith
6d89a83d14 unused locales clean-up 2021-02-04 12:15:13 +01:00
Judith
ed10a9dd62 gem i18n-tasks added to Gemfile 2021-02-04 12:15:13 +01:00
Paul Chavard
c46ab38055 Add sentry-rails 2021-01-28 15:31:27 +01:00
simon lehericey
d72f0c6dd2 Add authorized content type for pj 2021-01-18 17:23:08 +01:00
Paul Chavard
91be115c70 Add annuaire_education champ ui 2021-01-14 17:57:48 +01:00
Paul Chavard
54f2084aef Add annuaire_education champ 2021-01-14 17:57:48 +01:00
Paul Chavard
5c9f2e8783 Add api education adapter and job 2021-01-14 17:57:48 +01:00
kara Diaby
8f6440f615 Admins can see the list of invited experts 2020-12-21 14:55:51 +01:00
simon lehericey
9848dc2295 update brakeman 2020-12-17 10:51:09 +01:00
simon lehericey
d760402393 fix typo 2020-12-16 15:00:26 +01:00
simon lehericey
57bff8ca70 improve deletion mail 2020-12-16 15:00:26 +01:00
kara Diaby
c7643154d1 final optims after sim review 2020-12-16 15:00:26 +01:00
kara Diaby
00b5ad7a10 EQT instructeur, je peux supprimer un dossier terminé 2020-12-16 15:00:26 +01:00
Fabrice Gangler
a8081d4b83 allow configuration of the URLs of FAQ and documentation websites in an .env file
Refs: #5801
2020-12-15 16:40:10 +01:00
Christophe Robillard
15a395fbc7 superadmin: check complexity password server side 2020-12-15 16:26:09 +01:00
Christophe Robillard
94b3ec942b super_admin: check password complexity client side 2020-12-15 16:26:09 +01:00
Fabrice Gangler
3a9f82bd6f Fix(form /contact-admin): use APPLICATION_NAME
Refs: #5799
2020-12-15 16:14:51 +01:00
Fabrice Gangler
064ea776c7 allow default logo of a procedure to be configured in .env file
Refs: #5795
2020-12-14 13:41:10 +01:00
simon lehericey
b19dc34cc1 fix deploy i_am_a_worker_test 2020-12-11 09:50:17 +01:00
Paul Chavard
3c6e30a326 Show titre identite link only once watermark is added 2020-12-10 16:50:03 +01:00
clemkeirua
704cafc385 restart delayed_job only for workers 2020-12-10 15:12:05 +01:00
Paul Chavard
5c07882679
Merge pull request #5768 from adullact/5764_allow_images_to_be_configured
#5764 - Allow logos (mail, webapp) and favicons to be configured in .env file
2020-12-10 12:54:55 +01:00
Paul Chavard
5e29bb02b2
Merge pull request #5753 from adullact/5752_doc_add_DEMANDE_INSCRIPTION_ADMIN_PAGE_URL_to_env.example.optional
#5752 - Doc: add DEMANDE_INSCRIPTION_ADMIN_PAGE_URL to env.example.optional file
2020-12-10 12:54:26 +01:00
Christophe Robillard
23ae528c6b affiche Madame ou Monsieur
mais continue à enregistrer en base Mme ou M.
2020-12-08 21:30:54 +01:00
Fabrice Gangler
0d80d2ddd1 allow logos (mail, webapp) and favicons to be configured in .env file
Refs: #5764
2020-11-27 01:41:47 +01:00
Fabrice Gangler
fe630b02b0 doc: add DEMANDE_INSCRIPTION_ADMIN_PAGE_URL to env.example.optional file
Refs: #5752
2020-11-25 19:51:48 +01:00
Paul Chavard
18dfacb933 Make watermark configurable 2020-11-25 16:19:06 +01:00
Paul Chavard
b48e7813d2 Put watermark code behind a feature flag 2020-11-25 16:19:06 +01:00
Paul Chavard
371179dc5b Watermark titres identite 2020-11-25 16:19:06 +01:00
Fabrice Gangler
d3caf30bf3 allow CGU URL and Legal Notice URL to be configured in .env file
Refs: #5754
2020-11-20 22:11:42 +01:00
Christophe Robillard
d91e9b372f add sendinblue login link to manager 2020-11-16 12:19:54 +01:00
Christophe Robillard
9347951cea act as an saml identity provider 2020-11-16 12:19:54 +01:00
clemkeirua
fc690df554 add access to super admins to delayed_job and flipper 2020-11-09 07:48:15 +00:00
Christophe Robillard
5562e65bf3 refacto: rename administration to super_admin 2020-11-05 16:03:55 +01:00
Christophe Robillard
a88172eb01 configure otp_secret_key secret 2020-11-05 16:03:55 +01:00
Christophe Robillard
efd8ec85e8 recover superadmin password or reset otp 2020-11-05 16:03:55 +01:00
Christophe Robillard
8d23f6ae99 remove useless redirection for manager sign_in and out
The manager alias for signin causes layout problems
2020-11-05 16:03:55 +01:00
Christophe Robillard
2a0ebd062a enable 2FA for manager
when trying to access manager, if superadmin did'nt enable otp, he/she is redirected to a page to enable 2FA. When superadmin is enabling 2FA, he has to to scan a qrcode with the 2FA application client. And afterwards, the superadmin has to log in with email, password and OTP code.
2020-11-05 16:03:55 +01:00
Christophe Robillard
305ccdc0cd add recoverable and two_factor stragegy for administration 2020-11-05 16:03:55 +01:00
Christophe Robillard
6c2eb22960 remove github authentication for manager 2020-11-05 16:03:55 +01:00
simon lehericey
d82d1132c2 Remove rack_mini_profiler from prod as it could show env var and force us to allow unsafe_eval and script in csp 2020-10-30 17:08:31 +01:00
kara Diaby
3d56b1d8b0 fix bootstrap cdn 2020-10-22 15:00:01 +02:00
clemkeirua
f298d2c2ba dedicated screen for inspecting user emails 2020-10-13 17:36:43 +02:00
clemkeirua
d7fff61d5d ajout de la gem sendinblue 2020-10-13 17:36:43 +02:00
clemkeirua
27b8797296 ajout d'une route /manager/users/:id/emails 2020-10-13 17:36:43 +02:00
Kara Diaby
0bd48999bd
Revert "feat/5635 - Supprime la possibilité pour l'expert invité d'envoyer un message" 2020-10-12 09:24:34 +02:00
kara Diaby
6636b7f14c Supprime la possibilité pour l'expert invité d'envoyer un message à l'usager 2020-10-08 11:14:09 +02:00
Paul Chavard
0aa06d0197 [GraphQL] expose dossier pdf, geojson and attestation 2020-10-06 21:54:43 +02:00
kara Diaby
57adb90c8f add the possibility for administrator to refuse external review on a specific procedure 2020-10-01 10:55:19 +02:00
kara Diaby
e174079850 fix send a copy link 2020-09-30 10:03:08 +02:00
clemkeirua
0d88674cea better translations 2020-09-25 09:35:16 +00:00
Paul Chavard
a49c962ab3 Redirect demandes to DEMANDE_INSCRIPTION_ADMIN_PAGE_URL 2020-09-24 09:57:43 +02:00
Paul Chavard
ea4bcf59ad remove demandes/new page 2020-09-23 16:27:17 +02:00
kara Diaby
cb4e91c405 Add iban type de champ 2020-09-23 15:56:26 +02:00
Christophe Robillard
61ea73580f use buttons instead of select for contact page 2020-09-22 16:09:15 +02:00
clemkeirua
111f309c7f changement de l'adresse de création de compte administrateur 2020-09-21 17:02:37 +02:00
clemkeirua
f9c4e967d6 remove :autosave_dossier_draft 2020-09-21 08:46:01 +00:00
kara Diaby
5c68d75107 add titre_identite champ 2020-09-18 14:57:08 +02:00
clemkeirua
1e32a3c11f add complexity check to admin account creation 2020-09-18 11:16:34 +02:00
clemkeirua
08d0fa80fa remove old route 2020-09-17 14:03:31 +02:00
clemkeirua
6643b598c3 remove :administrateur_graphql 2020-09-17 09:24:50 +02:00
clemkeirua
1be07c1ef5 remove :administrateur_champ_integer_number 2020-09-17 09:24:50 +02:00
clemkeirua
01ac4d7e19 remove operation_log_serialize_subject 2020-09-17 09:24:50 +02:00
kara Diaby
13e4589905 Publications page to the new UI (admin) 2020-09-16 09:15:44 +02:00
simon lehericey
5459c2fa7f Fix uninitialized excon constant 2020-09-08 18:36:24 +02:00
simon lehericey
19d73f13f0 variabilize banner message 2020-09-08 14:52:42 +02:00
kara Diaby
ae61c279af migrate emails text editor to new interface 2020-09-03 14:42:22 +02:00
simon lehericey
bd6705b90a Remove image and video analyzer which are not used 2020-09-02 17:00:26 +02:00
Judith
7eee9beed7 adapting the specs 2020-09-01 16:48:41 +02:00
Judith
9553dae7bd gem devise-i18n added to Gemfile to remove the config/locales/devises.*.yml files. 2020-09-01 16:47:40 +02:00
Judith
25a24ba7c8 removal of translation keys already present in the gem rails-i18n 2020-09-01 16:33:58 +02:00
Fabrice Gangler
1a43f888fb Feat: allow to disable France-Connect
Refs: #5440
2020-09-01 15:51:10 +02:00
Judith
7bc5a0a278 internationalization of /contact-admin 2020-09-01 12:58:19 +00:00
Fabrice Gangler
60d6b1909d Fix for using APPLICATION_NAME in .env file
Refs: #5450
2020-08-28 03:46:19 +02:00
Judith
af25fdd77c gem http_accept_language installed and (de)activable with feature flag 2020-08-27 16:15:01 +02:00
Judith
bfa4231f5e date and number formats changed according to rails-I18n locale 2020-08-27 11:03:34 +02:00
Judith
2f0953692c Internationalization of the Contact page in FR and EN 2020-08-27 11:03:34 +02:00
Pierre de La Morinerie
82c89fb56f config: remove comment about ActiveStorage integration with VirusScanner
As the comment states, it would be nice to load the Virus Scanner on
the Attachment (rather than the blob).

However, in order not to clobber the blob metadata, we want to run the
VirusScanner once the blob analyzer did run.

And the most direct way to detect that the blob analyzer did run is to
add an `on_update_commit` hook on the blob, as this hook will be
trigerred when saving changes to the metadata. This is what the current
solution uses. 

So the current solution is almost optimal, and has a low chance of
accidentally clobbering the blob metadata – as the virus scanner is only
started when the analysis phase is finished.
2020-08-26 16:11:01 +02:00
Christophe Robillard
090a247ba9 validates phone champ server side 2020-08-20 15:33:03 +02:00
Pierre de La Morinerie
d77efec7a0 config: enable active_record.belongs_to_required_by_default 2020-08-18 15:57:37 +02:00
Pierre de La Morinerie
ededf5c6c5 config: don't explicitely eager-load lib/
Rationale:

- `lib/` is supposed to contain code mostly independant from Rails;
- By default, Rails doesn't eager-load `lib/` anymore (this used to be
the case, but since a few releases).

If this commits triggers some errors, then these errors should be fixed
(rather that `lib/` being added again to the load path).
2020-08-18 11:02:09 +02:00
Pierre de La Morinerie
c514898b84 config: don't explicitely eager-load controllers/concerns
Per the documentation, Rails automatically loads `**/concerns` paths.

See https://guides.rubyonrails.org/autoloading_and_reloading_constants_classic_mode.html#autoload-paths-and-eager-load-paths
2020-08-18 11:02:09 +02:00
kara Diaby
9b66c894b2 Adapt configuration email view to the new UI 2020-08-06 16:56:24 +02:00
Pierre de La Morinerie
527a330c7a config: use Rails 6.0 config defaults
We already flipped the new defaults, so this is a no-op.
2020-08-05 17:22:46 +02:00
Pierre de La Morinerie
bc0244456c config: explicitely use the classic autoloader
I'm sure we can use zeitwerk in the future, but let's retain the classic
loader until the config issues are proved to be safe.
2020-08-05 17:22:46 +02:00
Pierre de La Morinerie
fbbcd97463 config: flip config.active_record.collection_cache_versioning
This is related to internal cache implementation, and doesn't affect us.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
4a9f081cfc config: flip config.action_mailer.delivery_job
This is safe in all cases – except that it prevents a downgrade to
Rails 5. We don't intend to downgrade now, so this is fine.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
b556e2a99a config: flip config.active_storage.replace_on_assign_to_many
We don't have any `has_many_attached` relations in the code base, so
this is safe.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
54a4db1c47 config: flip config.active_storage.queues
ActiveStorage jobs are now moved to their own queue.

For consistency, we also move our own analysis jobs (VirusScannerJob)
on the same `:active_storage_analysis` queue.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
c6cdd08373 config: flip config.active_job.return_false_on_aborted_enqueue
We don't have any instance of aborting inside a job in the code base,
so this setting is safe to flip.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
65809f8ea0 config: flip action_dispatch_return_only_media_type_on_content_type
This makes `ActionDispatch::Controller#content_type` return not only
the MIME type, but also in some circumstances the charset.

Example:

```ruby
reponse.content_type == 'text/html; charset=utf-8'
```

The MIME type-only fragment can now be accessed using `#media_type`.

Changes to the tests are not stricly necessary (because no charset is
present in the actual value), but represent the intent better.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
8427f0eb75 config: flip config.action_dispatch.use_cookies_with_metadata
This makes cookies more secure, by adding an automatic "purpose" field
to each cookie.

Cookies generated by Rails 5 are still forward-compatible. However
from now on the generated cookies will not be backward-compatible with
Rails 6.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
e8fa65f79d config: flip config.action_view.default_enforce_utf8
This prevents charset workaround on IE 8 and lower. We don't support
these browsers anyway, so we can flip the feature off.
2020-08-05 16:48:36 +02:00
Pierre de La Morinerie
a1be888f7c config: use Rails 5.2 config defaults 2020-08-05 16:48:29 +02:00
Pierre de La Morinerie
0d55919fab config: use Rails 5.1 defaults
New or changed defaults are:

- config.assets.unknown_asset_fallback: false
- config.action_view.form_with_generates_remote_forms: true
2020-08-05 13:02:56 +02:00
Kara Diaby
4afc07c677
Merge pull request #5403 from tchak/add-carte-ign
Add carte ign
2020-08-03 11:04:32 +02:00
jpoulvel
bf94cc021b
Merge pull request #5424 from betagouv/new_design_edit_attestation
New design page admin/attestation_templates/edit
2020-07-31 11:18:22 +02:00
Paul Chavard
4c87e547b3 Put IGN map behind a feature flag 2020-07-30 17:22:28 +02:00
Paul Chavard
f1cbc9846e Add carte ign 2020-07-30 16:58:20 +02:00
Keirua
b3e98048f9
Merge pull request #5418 from betagouv/mise-en-avant-france-connect
#5428 - France connect avant les boutons de login/signup
2020-07-30 10:32:12 +02:00
jpoulvel
62e04a6ca9
Merge branch 'dev' into new_design_edit_attestation 2020-07-30 09:53:09 +02:00
kara Diaby
d4c6e501c6 Ajoute la liste des démarches de l'interface administrateur sur la nouvelle UI 2020-07-29 15:35:52 +02:00
Judith
5df3838173 - tranferred controllers from admin to mew_administrateur
- removed admin/attestation_templates views
- changed routes accordingly
2020-07-29 12:26:27 +02:00
Keirua
347dbe4c87
Merge pull request #5417 from betagouv/cleanup-incident-janvier
Suppression du message d'alerte suite aux problèmes d'upload
2020-07-29 11:00:12 +02:00
clemkeirua
b8eea05163 ajout de traductions 2020-07-29 09:27:16 +02:00
clemkeirua
db0d230531 add cdn.jsdeliver.net to the CSP 2020-07-27 16:54:46 +02:00
clemkeirua
de1df85462 suppression du message d'alerte suite aux problèmes d'upload 2020-07-27 10:32:03 +02:00
Fabrice Gangler
1352cde321 Feat: allow emails senders to be configured in .env file
Refs: #5408
2020-07-24 10:50:55 +02:00
clemkeirua
7e085c657d specific deactivation of rubocop DS/ApplicationName rule 2020-07-23 16:20:16 +02:00
clemkeirua
c658428441 added application name in config/ 2020-07-23 16:17:54 +02:00
clemkeirua
c1208add62 remplacement de demarches-simplifiees.fr par un paramètre dans les vues 2020-07-23 16:16:36 +02:00
clemkeirua
31a262efef extraction d'urls doc/faq/… dans url.rb 2020-07-23 16:16:36 +02:00
clemkeirua
3340a2b091 ajout du nom d'application tot au demarrage
The application name is used in the views, but also in the initializers and in the config/ directory

According to rails doc (https://guides.rubyonrails.org/v6.0/configuring.html#locations-for-initialization-code),
if we want to do some things before the initializers and the environment, the only place to do so is in config/application.rb
2020-07-23 16:16:36 +02:00
Paul Chavard
8b9e73a30a
Merge pull request #5382 from adullact/feat_status-page-customisation
#5379 - Allow status page URL to be configured in the .env file
2020-07-22 22:10:58 +02:00
Paul Chavard
35461f0159 Add revisions migrations 2020-07-21 19:35:30 +02:00
Keirua
b2aa90b729
Merge pull request #5392 from betagouv/fix-CI-accessibility-errors
Fix CI accessibility errors
2020-07-21 17:15:45 +02:00
krichtof
8c5308b9dc
Merge pull request #5396 from betagouv/5395-relancer-expert
5395 instructeur : relance un expert pour une demande d'avis
2020-07-21 15:02:53 +02:00
Christophe Robillard
689a51588f translations for avis list view 2020-07-21 10:46:55 +02:00
Fabrice Gangler
62672c02e0 move STATUS_PAGE_URL into env.example.optional 2020-07-20 16:37:31 +02:00
Fabrice Gangler
f7402afa06 add env.example.optional 2020-07-20 16:31:02 +02:00
Christophe Robillard
d9cb5c067f relance un expert 2020-07-20 16:26:16 +02:00
Christophe Robillard
bde8fe2c5d update wording for revoke 2020-07-20 16:08:35 +02:00
Pierre de La Morinerie
b192b48fc7 config: use Rails 5.0 options
Stop overriding Rails 5.0 options, and use the framework defaults.

(Except for `active_record.belongs_to_required_by_default`, which is a
lot of work and will be fixed later.)
2020-07-20 15:54:48 +02:00
clemkeirua
c0cf8b1341 fix display of labels for datetime on screenreaders 2020-07-20 11:37:01 +02:00
Gangler Fabrice
39feca251d allow status page URL to be configured in .env 2020-07-17 15:53:49 +02:00
Christophe Robillard
3ea34834a7 revoke expert avis 2020-07-16 21:05:11 +02:00
kara Diaby
9dc542af09 Revert "Revert "Feat/5287 - New design for admin procedure detail""
This reverts commit cf5eb3f251.
2020-07-15 17:00:03 +02:00
Christophe Robillard
8111babdd6 user: revoque un invité sur un dossier 2020-07-14 18:25:31 +02:00
Kara Diaby
cf5eb3f251
Revert "Feat/5287 - New design for admin procedure detail" 2020-07-13 11:36:42 +02:00
kara Diaby
7f3b38cfee Merge admin dashboard to new design for procedure details 2020-07-09 12:18:22 +02:00
clemkeirua
60c3047e4f mise à jour de doc pour se passer d'overmind 2020-07-09 09:32:09 +02:00
Christophe Robillard
2c56511204 validate api_entreprise_token 2020-07-08 18:59:22 +02:00
Christophe Robillard
8f9d6d2871 show which instructeur took decision and when
and also replace "sans suite" by "classé sans suite"
2020-07-08 18:15:15 +02:00
Pierre de La Morinerie
58c97efde4 config: enable debug assets in development
Historically, debug assets were disabled because they made reloading
pages very slow. This seems fixed by Rails 6.
2020-07-08 17:48:21 +02:00
clemkeirua
68b37cf6aa config: make default Rails 5 config explicit 2020-07-08 11:00:12 +02:00
Pierre de La Morinerie
e2b8545222 config: fix missing default list of allowed HTML tags
See https://github.com/rails/rails/issues/39586
2020-07-07 18:03:56 +02:00
Paul Chavard
6a24c3f812 Rails app:update 2020-07-07 18:03:56 +02:00
Judith
9793128f61 'Services' routes moved under 'new_administrateur' scope and '/admn' added in their url 2020-07-07 14:08:01 +00:00
Judith
782706537d Changed the routes to pass all new design admin pages under
'new_administrateur' scope, except 'services'.
As a result, the url of these pages will all include '/admin'.
2020-07-07 14:08:01 +00:00
Christophe Robillard
1d86f863d3 rename avis#all to avis#index 2020-06-30 09:17:27 +02:00
Christophe Robillard
bbec76d33b rename avis#index to avis#procedure 2020-06-30 09:17:27 +02:00
Christophe Robillard
90d6d337a9 explain redirection urls for expert 2020-06-30 09:17:27 +02:00
Christophe Robillard
84d619c974 redirect old urls in avis mails with new urls 2020-06-30 09:17:27 +02:00
Christophe Robillard
72d27ffdb2 replace instructeur_avis_index url by instructeur_all_avis url 2020-06-30 09:17:27 +02:00
Christophe Robillard
dcb9afaf25 refactor expert avis url : fix avis_controller_spec 2020-06-30 09:17:27 +02:00
kara Diaby
6b07cc0659 Move admin/assigns to the new UI like groupe_instructeurs 2020-06-29 14:44:28 +02:00
clemkeirua
6452a20491 rename 'Menu déroulant's 2020-06-29 08:59:12 +00:00
simon lehericey
102fb6629e remove ip constraint on ping 2020-06-22 15:29:51 +02:00
clemkeirua
6a3811a4e2 fix catalog v3 2020-06-19 14:20:32 +02:00
clemkeirua
319655482f clean config for keystone v3 2020-06-19 14:20:32 +02:00
krichtof
ff6eaf73db
Revert "Suppression de l'utilisation de Keystone v2" 2020-06-04 17:32:25 +02:00
Paul Chavard
901b6e23a8 Remove legacy carto 2020-06-04 16:03:23 +02:00
clemkeirua
def744d627 remove now useless keystone v2 2020-06-04 12:05:27 +00:00
Christophe Robillard
705487dab6 define max_attempts for jobs 2020-06-02 20:21:11 +02:00
clemkeirua
868decd06e add overide for fog openstack v3 2020-06-02 15:03:37 +02:00
Pierre de La Morinerie
b0db74ea79 config: fix spring randomly crashing in the pg gem
See https://github.com/ged/ruby-pg/issues/311
2020-05-25 09:23:41 +00:00
Pierre de La Morinerie
c9820adbc4 urls: fix link to autosave FAQ article 2020-05-18 16:53:19 +02:00
Pierre de La Morinerie
6eca93faab urls: fix link to admin FAQ category 2020-05-18 16:53:19 +02:00
clemkeirua
22a518c921 ajout d'un bouton d'export des mails des demandeurs 2020-05-18 12:46:42 +00:00
Pierre de La Morinerie
93bb5283ff app: remove the feature flag for pieces justificatives auto-upload
The feature works as intended: we can remove the feature flag.
2020-05-14 17:39:07 +02:00
Keirua
a869a04e1e Mise à jour de l'URL de doc sur l'archivage
Co-authored-by: Pierre de La Morinerie <pierre.de_la_morinerie@beta.gouv.fr>
2020-05-13 16:45:27 +02:00
clemkeirua
84888be255 clarification de l'archivage/suppression 2020-05-13 16:45:27 +02:00
Christophe Robillard
aab4bb81ee return bilan bdf csv for expert 2020-05-11 13:05:50 +02:00
Paul Chavard
4f2e504cc2 Add carto import api
takes a FeatureCollection to import and returns an augmented champ FeatureCollection
2020-05-07 12:06:42 +02:00
Paul Chavard
05e408225b Implement atomic operations on MapEditor 2020-05-06 16:46:14 +02:00
Christophe Robillard
22e2c2e133 render csv bidf bilans 2020-04-30 16:15:16 +02:00
Paul Chavard
843e033c38 Allow instructeurs to download a GeoJSON document for a given dossier 2020-04-30 15:49:43 +02:00
kara Diaby
2fc438ab65 Fix safari and firefox compatibility mapbox gl 2020-04-30 14:14:03 +02:00
Christophe Robillard
14ff18ca80 store specific api-entreprise token for a procedure 2020-04-28 15:17:11 +02:00
clemkeirua
1ac7ec2dca precision dans mail suppression dossier en construction 2020-04-28 12:42:00 +00:00
kara Diaby
9aea1fffee Migrate the map editor to mapbox-gl with react component 2020-04-27 11:30:32 +02:00
Paul Chavard
f1b531911b Handle processed dossiers in deletion mailers 2020-04-22 15:39:10 +02:00
Pierre de La Morinerie
37645d3df2 config: fix (again) the CSP when running a LiveReload server locally
When running the app using `bin/webpack-dev-server` (the external
(and fast) assets server), LiveReload is used. We need to explicitely
allow the LiveReload connections in the CSP policy.

Turns out we now need to specify the protocol explicitely.
2020-04-20 17:24:16 +02:00
Pierre de La Morinerie
968e470684 config: never cache rails-generated pages
This instruct browsers to never cache content directly generated by the
controllers. This includes HTML pages, JSON responses, PDF files, etc.

This is because Some mobile browsers have a behaviour where, although
they will delete the session cookie when the browser shutdowns, they
will still serve a cached version of the page on relaunch.

The CSRF token in the HTML is then mismatched with the CSRF token in the
session cookie (because the session cookie has been cleared). This
causes form submissions to fail with an
"ActionController::InvalidAuthenticityToken" exception.

To prevent this, tell browsers to never cache the HTML of a page.
(This doesn’t affect assets files, which are still sent with the proper
cache headers).

See https://github.com/rails/rails/issues/21948
2020-04-14 18:29:17 +02:00
Paul Chavard
7a8fd3c679 Use graphql playground instead of graphiql 2020-04-09 19:38:19 +02:00
Christophe Robillard
ae18ff6627 Notifie tous les instructeurs lors dépôt dossier
- envoie un mail à tous les instructeurs d'une procédure après le dépôt
d'un nouveau dossier
2020-04-09 14:33:56 +02:00
Christophe Robillard
415d5c765e envoie une notification à chaque follower_instructeur après un commentaire déposé 2020-04-09 14:17:07 +02:00
kara Diaby
d18bc1c421 Improve the mapbox-gl support detection for older browsers 2020-04-09 11:01:20 +02:00
kara Diaby
56e9834389 Revert "Revert "Revert "Revert "feat/4893 - migrate the mapReader to mapbox-gl with react""""
This reverts commit 473ed00b6c.
2020-04-09 11:01:20 +02:00
Pierre de La Morinerie
7e19dd2cda Revert "Revert "Fix middle-click on "Delete attachment" button""
This reverts commit 6e8bd6957f.
2020-04-09 10:40:08 +02:00
clemkeirua
34188c432c refactor _new_header so that user and instructeur search share similar signature 2020-04-09 09:42:31 +02:00
Pierre de La Morinerie
6e8bd6957f
Revert "Fix middle-click on "Delete attachment" button" 2020-04-08 17:40:58 +02:00
Pierre de La Morinerie
8ceb555941 routes: cleanup attachment routes 2020-04-08 11:57:06 +02:00
kara Diaby
473ed00b6c Revert "Revert "Revert "feat/4893 - migrate the mapReader to mapbox-gl with react"""
This reverts commit fe0b3c2215.
2020-04-07 18:14:07 +02:00
kara Diaby
fe0b3c2215 Revert "Revert "feat/4893 - migrate the mapReader to mapbox-gl with react""
This reverts commit 3e21b78142.
2020-04-07 18:11:11 +02:00
Pierre de La Morinerie
3e21b78142
Revert "feat/4893 - migrate the mapReader to mapbox-gl with react" 2020-04-07 15:32:14 +02:00
Pierre de La Morinerie
91260e2867 dossier: fix upload route of piece_justificative in repetitions
In repetitions, `form.index` doesn't make much sense. Turns out we
don't really need the index of the champ: we can just use the champ id.
2020-04-06 11:50:31 +02:00
kara Diaby
aa56cfd7a0 migrate map to mapbox-gl with a react component 2020-04-02 15:39:47 +02:00
Paul Chavard
7ba4c513e6 Refactor notify near deletion mailers 2020-04-01 17:40:52 +02:00
Paul Chavard
da52ec30bd Undo discard dossiers and demarches from manager 2020-03-31 17:08:28 +02:00
Paul Chavard
876e05aed3 Discard demarches from manager 2020-03-31 17:08:28 +02:00
Pierre de La Morinerie
6417c0d2c0 dossiers: allow auto upload of attachments 2020-03-31 13:09:44 +02:00
Paul Chavard
5005c54891 Add base cron job 2020-03-31 12:25:46 +02:00
Pierre de La Morinerie
fe13043efd dossier: prepare validations to piece_justificative champs
We can't yet enable the validations, because of an issue that will
(hopefully) be solved with Rails 6.

See https://github.com/betagouv/demarches-simplifiees.fr/issues/4926
2020-03-30 11:12:25 +02:00
Paul Chavard
a60b6b6776 Use ’ consistently instead of ' 2020-03-26 17:27:48 +01:00
Paul Chavard
c707a21f97 Rename delete_and_keep_track -> discard_and_keep_track 2020-03-26 14:23:23 +01:00
Paul Chavard
ec1cd989ab Show the reason on deleted dossiers 2020-03-25 16:57:03 +01:00
clemkeirua
5ef6f92fdc update CGU URL 2020-03-25 09:50:41 +00:00
Christophe Robillard
b4b92accf1 instructeur: show deleted dossiers for a procedure 2020-03-25 10:19:07 +01:00
clemkeirua
5896aedeeb added extension bouton to en_construction dossiers bound to expire 2020-03-24 18:10:51 +01:00
clemkeirua
057d7bc2f1 add interval data type to ActiveRecord 2020-03-24 18:10:13 +01:00
clemkeirua
c077762a04 added labels for datetime
cf https://stackoverflow.com/a/47836699
2020-03-24 16:54:35 +00:00
Pierre de La Morinerie
a716713ed6 locales: fix translation of champ value
Due to the extra 's', the names of Champs attributes were never
translated.
2020-03-24 15:42:02 +01:00
Paul Chavard
cd0acb1344 Cleanup dossier mailers 2020-03-19 16:52:18 +01:00
Pierre de La Morinerie
ea94ea05a0 config: configure CSP to allow live-reload requests
This avoids CSP errors when using the `bin/webpack-dev-server` external
assets compilation server.
2020-03-18 13:26:54 +01:00
Christophe Robillard
c21dd3b830 affiche infos d'un usager entreprise uniquement si diffusable
pour un usager de type entreprise qui a choisi de ne pas diffuser publiquement ses infos,
elles sont affichées uniquement aux instructeurs
2020-03-17 15:57:02 +00:00
clemkeirua
90a0879d71 ajout du bouton pour telecharger un pdf vide 2020-03-17 15:00:03 +01:00
clemkeirua
269881db12 generation d'un pdf vide à partir d'une procedure 2020-03-17 15:00:01 +01:00
Paul Chavard
444d19e191 Remove unused gems 2020-03-17 11:25:21 +01:00
Paul Chavard
ae2cfdd44e Update browser gem
`modern?` method was removed in version 4
2020-03-17 11:25:20 +01:00
Paul Chavard
0b06864f7a Upgrade core-js 2020-02-24 19:43:07 +01:00
Paul Chavard
318baf316e Add notify_en_construction_near_deletion mailer 2020-02-18 17:18:14 +01:00
Paul Chavard
8c77d91e9f Add notify_automatic_deletion_to_administration mailer 2020-02-18 17:18:06 +01:00
Paul Chavard
4e116f06a6 Add notify_automatic_deletion_to_user mailer 2020-02-18 17:15:32 +01:00
Pierre de La Morinerie
7ba76c6658 dossier: add a notice when some attachments of the dossier were lost
On the 22/01/2020, a technical error on the demarches-simplifees.fr
instance made us delete some files attached to some dossiers.

This PR adds a warning when browsing a dossier containing attachments
that were deleted.
2020-02-12 11:49:33 +01:00
simon lehericey
3d652ffaf8 Remove unused key 2020-02-10 13:59:15 +01:00
simon lehericey
6de55f44b4 Remove Fog conf for carrierewave
The conf now is config/storage.yaml
2020-02-10 13:56:45 +01:00
Christophe Robillard
cee4c5b8fb Revert "Revert "4127 fix superadmin supprime compte usager""
This reverts commit 751f24f7bb.
2020-02-04 16:07:01 +01:00
Paul Chavard
a86129c3a1 Revert "Revert "Update javascript dependencies and add webpack-bundle-analyzer""
This reverts commit eddd59e554.
2020-02-03 14:54:25 +01:00
Keirua
eddd59e554
Revert "Update javascript dependencies and add webpack-bundle-analyzer" 2020-01-29 14:51:55 +01:00
Paul Chavard
a223eb05da Update javascript dependencies and add webpack-bundle-analyzer 2020-01-28 16:37:44 +01:00
clemkeirua
5f65665b07 added a method for modifying a user email 2020-01-28 16:15:46 +01:00
Paul Chavard
7478a51846 [GraphQL] use official skylight support 2020-01-28 15:39:37 +01:00
Pierre de La Morinerie
745b00366f Revert "app: hide IE11 deprecation banner during the strike"
This reverts commit c2882b6cc3.
2020-01-28 15:18:18 +01:00
Pierre de La Morinerie
751f24f7bb
Revert "4127 fix superadmin supprime compte usager" 2020-01-21 18:57:54 +01:00
Christophe Robillard
a6d007dbd3 supprime un instructeur 2020-01-21 15:05:33 +01:00
clemkeirua
12430a8068 ajout d'un écran intermediaire pour gérer la reaffectation des dossiers 2020-01-20 16:15:02 +01:00
clemkeirua
45c8c8ca21 an admin can delete a groupe-instructeur with 0 dossier 2020-01-20 16:15:02 +01:00
Paul Chavard
4edc7b00cf Use geocoder 2020-01-15 15:04:04 +01:00
Paul Chavard
14295db9ad Revert "Revert "Merge pull request #4552 from tchak/champ-communes""
This reverts commit 4373cb22cb.
2020-01-14 18:46:07 +01:00
clemkeirua
4373cb22cb Revert "Merge pull request #4552 from tchak/champ-communes"
This reverts commit 4cec26f73a, reversing
changes made to 0ef25ef36c.
2020-01-13 16:26:27 +01:00
Christophe Robillard
9a62d3fe0c delete a user 2020-01-13 10:06:43 +01:00
Pierre de La Morinerie
f04fb3830c config: fix France Connect callback URL when testing locally
When testing France Connect on a local development environment, the
callback URL should be something like `http://localhost:3000/…/…`

But currently, the callback URL uses `https`, even in development. This
causes the callback URL to be rejected by France Connect.

This commit overrides the callback URL when in development, to use
an `http` URL instead. In doesn't affect the production settings.
2020-01-08 15:44:49 +01:00
Paul Chavard
cccb04d725 ActiveStorage url should expire after an hour 2020-01-08 14:43:05 +01:00
Paul Chavard
e61e39d345 Remove unused code and tests 2020-01-07 11:52:51 +01:00
Paul Chavard
ff46ee366e Fix user brouillon spec 2020-01-07 11:52:51 +01:00
Paul Chavard
4bbd16576b Add champ communes 2020-01-07 11:52:51 +01:00
Paul Chavard
22aa2d4ee0 Make all location champs autocomplete 2020-01-07 11:52:51 +01:00
simon lehericey
c95b7a33fa Add brakeman exception for a export.file.service_url 2019-12-18 13:13:15 +01:00
simon lehericey
d0f0533a32 Remove unused code 2019-12-18 13:13:15 +01:00
Paul Chavard
422b7f37ec [GraphQL] expose file information 2019-12-11 12:34:49 +01:00
Pierre de La Morinerie
c2882b6cc3 app: hide IE11 deprecation banner during the strike
Having two banners appearing in a few days may be overwhelming for
users.
2019-12-04 17:32:04 +01:00
Paul Chavard
2f060fc30a Add depubliee state to procedures 2019-12-04 16:52:41 +01:00
Paul Chavard
e429c79eb1 Allow administrators to set themselves démarches as déclaratives 2019-12-04 12:30:26 +01:00
Christophe Robillard
4e7c779116 refuse les numéros de tel invalides
rend facultatif les numéros de téléphone
2019-12-04 05:34:43 +01:00
simon lehericey
006e426a11 Work on deletion mail 2019-12-03 17:18:53 +01:00
simon lehericey
6391f7ff9c Work on notify_near_deletion mailer 2019-12-03 17:18:53 +01:00
Pierre de La Morinerie
97af50c700 app: fix detection of Chrome iOS and Firefox iOS as outdated browsers
For instance, Firefox iOS is reported as `firefox? true, version 20`.

As on iOS only the system-provided Webkit is allowed, we can instead
safely assume that all browsers on a recent iOS device are modern.
2019-12-03 16:09:41 +01:00
Pierre de La Morinerie
3212dfddca app: allow hiding the browser banner for one week 2019-12-03 16:09:18 +01:00
Pierre de La Morinerie
2ee8cab067 app: display a deprecation banner for IE 11 2019-12-03 16:02:08 +01:00
Paul Chavard
7b947feae4 Rename demarche archivée to demarche close 2019-11-28 15:07:16 +01:00
Pierre de La Morinerie
68f5aae99d autosave: add feature test 2019-11-21 14:00:06 +01:00
Pierre de La Morinerie
bff7892ba8 dossiers: autosave drafts 2019-11-21 14:00:06 +01:00
Matthieu FAURE
87813c42d9
Update config/env.example
Co-Authored-By: Keirua <Keirua@users.noreply.github.com>
2019-11-20 15:40:02 +01:00
Matthieu FAURE
1f2f904f8f
Update config/env.example
Co-Authored-By: Keirua <Keirua@users.noreply.github.com>
2019-11-20 15:39:50 +01:00
Matthieu FAURE
85bbafc256
Update config/env.example based on @keirua review
Co-Authored-By: Keirua <Keirua@users.noreply.github.com>
2019-11-20 11:03:19 +01:00
Matthieu FAURE
0089a9d520
Update config/env.example based on @keirua review
Co-Authored-By: Keirua <Keirua@users.noreply.github.com>
2019-11-20 11:01:54 +01:00
Matthieu FAURE
98d545b1d9
Update config/env.example based on @keirua review
Co-Authored-By: Keirua <Keirua@users.noreply.github.com>
2019-11-20 11:01:27 +01:00
Matthieu FAURE
1a63d7e4e2 DOC ajout commentaires + explications pour env.example 2019-11-19 15:24:57 +01:00
simon lehericey
874439580b Pluralize some texts 2019-11-18 17:08:51 +01:00
simon lehericey
9ca026a630 Use a select2 box for looking to instructeurs 2019-11-18 17:08:51 +01:00
Alexandre Friquet
8f5203cc2e
Merge branch 'dev' into 4482-echec-initilaisation-env-dev 2019-11-14 17:07:28 +01:00
Alexandre Friquet
d9680252b0 Fixes missing database on initialization: closes #4482. 2019-11-14 09:17:39 +01:00
Paul Chavard
ba03dbf8dd [GraphQL] Add dossierEnvoyerMessage mutation 2019-11-13 19:54:27 +01:00
Paul Chavard
f7cbbe815c [GraphQL]: Add default query to playground 2019-11-13 15:53:56 +01:00
Paul Chavard
9ce81f665b [GraphQL]: fix geo_areas docs 2019-11-13 15:53:56 +01:00
Paul Chavard
fe84e8e0f7 Remove carrierwave 2019-11-12 15:26:18 +01:00
clemkeirua
6351eabfdd remove notification to report-uri in production 2019-11-07 17:32:40 +01:00
clemkeirua
04c13190c3 introduce smtp_key in order to use 2 different sendinblue keys
client_key is exposed to the client via gon, so if we use it for sending email too we are exposing a key so anybody could send an email.
The current client_key has a different level of right and can't send emails so it's ok to expose it.
2019-11-06 13:34:36 +01:00
clemkeirua
959aacdea5 Sendinblue email balancing using proper credentials
This reverts commit c61981e795.
2019-11-06 13:34:36 +01:00
clemkeirua
c61981e795 Revert "Sendinblue email balancing using interceptor"
This reverts commit b2135b6576.
2019-11-04 15:55:08 +01:00
Chaïb Martinez
b2135b6576 Sendinblue email balancing using interceptor
Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
2019-11-04 15:30:44 +01:00
Pierre de La Morinerie
8e6930d257 instructeurs: fix ProcedurePresentation to use instructeur.user.email
The `joins` are declared explicitely in order to associate a predictable
name to the joined table.

Otherwise, when the query is joined with `:users`, ActiveRecord will
alias the join automatically  to solve the conflict. Unfortunately, the
automatic resolution means that the table name becomes unpredictable,
and thus unsuitable to perform queries on.
2019-11-04 10:44:24 +01:00
Paul Chavard
18e91e7ca3 Extend old export format till mid-November 2019-10-31 17:11:46 +01:00
Nicolas Bouilleaud
72b7ff221c move procedure to new design 2019-10-31 10:27:19 +01:00
Paul Chavard
73d4ecf35d Add a DS_PROXY_URL env variable 2019-10-30 16:15:38 +01:00
simon lehericey
477f7c9837 Remove instructeur 2019-10-30 14:27:51 +01:00
simon lehericey
79b808470c Add instructeur 2019-10-30 14:27:51 +01:00
simon lehericey
94081a3997 Show Groupe Instructeur 2019-10-30 14:27:51 +01:00
simon lehericey
4491dca19a Index Groupe Instructeur 2019-10-30 14:27:51 +01:00
Paul Chavard
6a3d725134 Revert "Revert "Decommission ActiveStorage proxy service and use openstack service""
This reverts commit 71227be37f.
2019-10-30 12:11:45 +01:00
simon lehericey
71227be37f Revert "Decommission ActiveStorage proxy service and use openstack service"
This reverts commit 0ff6c793ae.
2019-10-29 10:30:40 +01:00
Jérôme Desboeufs
86819cd532 Fix typos 2019-10-25 09:41:22 +02:00
simon lehericey
54d6d21c27 Add Pg statement timeout variable to allow long migration 2019-10-24 15:54:25 +02:00
simon lehericey
fbe93e0fce Fix pluralization in search page 2019-10-23 21:47:20 +02:00
simon lehericey
35bba62297 Update routing critéria name 2019-10-23 21:47:20 +02:00
simon lehericey
a5ffe9f54b Remove instructeur from the group 2019-10-23 21:47:20 +02:00
simon lehericey
a6deafd885 Add instructeurs to groupe 2019-10-23 21:47:20 +02:00
simon lehericey
3dd3af8482 Groupe instructeur update 2019-10-23 21:47:20 +02:00
simon lehericey
9a6336f508 Groupe instructeur create 2019-10-23 21:47:20 +02:00
simon lehericey
733e83cc54 Groupe instructeur show 2019-10-23 21:47:20 +02:00
simon lehericey
2749c00ce3 Groupe instructeur index 2019-10-23 21:47:20 +02:00
Paul Chavard
0ff6c793ae Decommission ActiveStorage proxy service and use openstack service
We are making these changes in order to always use DS_Proxy. Before this change DS_Proxy was not used to write files when ActiveStorage was used directly and not through “direct upload”.
2019-10-23 17:58:00 +02:00
Paul Chavard
86b271997b Invite experts to linked dossiers
closes #3669
2019-10-23 13:10:09 +02:00
Pierre de La Morinerie
d542bca8de admin: relabel the number champ
Avoid two type de champs having the same label.

Soon this champ will even be deprecated and disappear.

Ref #4414
2019-10-22 15:59:43 +02:00
clemkeirua
4a6893d88b migrate sendinblue API to v3 2019-10-22 10:06:53 +02:00
clemkeirua
43424e4f4e merge with the work of paul, using 3 links 2019-10-22 09:51:14 +02:00
clemkeirua
70ea5e167e procedure download is performed through a controller in order not to leak the URL 2019-10-22 09:50:58 +02:00
clemkeirua
1af2b63ed1 initial implementation of async export 2019-10-22 09:50:58 +02:00
simon lehericey
1e8e45232a Setup a timeout on long query 2019-10-17 16:45:18 +02:00
simon lehericey
f31c184b56 [fix #1537] Remove simple_form gem 2019-10-08 11:08:35 +02:00
clemkeirua
d3063c0b63 remove download_as_zip feature flag 2019-10-03 10:48:24 +02:00
Paul Chavard
5a7e415474 Put graphql behind a feature flag 2019-09-24 10:47:21 +02:00
Paul Chavard
a51fc75628 Expose graphiql 2019-09-24 10:47:21 +02:00
Paul Chavard
91ad9bd7d3 Configure GraphQL::RailsLogger 2019-09-24 10:47:21 +02:00
Paul Chavard
bf6fbbf2b6 Add graphql end point 2019-09-24 10:47:21 +02:00
Paul Chavard
52e84f2ffe Add graphql object types 2019-09-24 10:47:21 +02:00
Nicolas Bouilleaud
3e2985b305 First attempt at procedure stats
fixes #3945, #3946, #3948
2019-09-17 16:43:48 +02:00
Nicolas Bouilleaud
c26a701a17 Refactor and redesign publish modal
* remove the autocomplete menu
* use ujs to pre-validate the procedure
* tweak the UI
2019-09-17 16:30:48 +02:00
Nicolas Bouilleaud
92e6032115 Remove path availability dead code when creating/editing a procedure
There’s no “path” field anymore in the Procedure form, it can only be set when publishing.
2019-09-17 16:30:48 +02:00
Paul Chavard
d24e0e72a7 Correctly create new flipper flags 2019-09-12 10:46:13 +02:00
Paul Chavard
65e227c44b Migrate to flipper 2019-09-10 16:10:14 +02:00
Chaïb Martinez
dd6c6bfe7a mailers: add a NO_REPLY address to transactional emails 2019-09-10 13:37:28 +02:00
Paul Chavard
7ffb98e616 Remove carrierwave uploaders 2019-09-10 10:49:12 +02:00
Chaïb Martinez
f2386a5800 Add crips help domaine to defaut policy src
[fix #4234]

Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
2019-08-27 10:30:10 +02:00
simon lehericey
86d968bb8e Use rack_attack_enabled?
We cannot enable rack attack during the tests as it interferes with features spec.
So we add a flag to enable it during the runtime.
2019-08-20 13:29:29 +02:00
simon lehericey
0f0fecdb25 RackAttack: use remote ip and test it ! 2019-08-20 13:29:29 +02:00
pedong
fc8cebd78d add Gem rack_attack for prevent attack brute-force 2019-08-20 13:29:29 +02:00
simon lehericey
840be2408e Remove administrateur devise methods 2019-08-14 15:06:15 +02:00
Paul Chavard
e68d2cf5e2 Enable champ repetition for all 2019-08-14 12:53:51 +01:00
Paul Chavard
9eaf14968f Enable export v2 for all 2019-08-14 12:53:51 +01:00
Paul Chavard
0969b1f85f Enable email_login_token for all gestionnaires 2019-08-14 12:53:51 +01:00
simon lehericey
5fdac38cb2 Fix instructeur invitation 2019-08-13 15:15:16 +02:00
simon lehericey
a84e07a376 Remove instructeur devise methods 2019-08-13 15:15:16 +02:00
simon lehericey
1d6b80cb53 Remove strange admin sign_in route 2019-08-13 14:13:48 +02:00
simon lehericey
5bda753735 Remove all devise route and controller for instructeur and administrateur 2019-08-13 14:13:48 +02:00
simon lehericey
1fb26451d3 Remove demo route 2019-08-13 14:13:48 +02:00
simon lehericey
a4b9eecded Remove unused devise session controller 2019-08-13 14:13:48 +02:00
Nicolas Bouilleaud
17579ab8a5 Rename Gestionnaire to Instructeur in seeds.rb 2019-08-13 14:04:23 +02:00
Nicolas Bouilleaud
7c7947adeb Rename gestionnaire to instructeur in a comment
About an (unused for now) env var.
2019-08-13 10:27:49 +02:00
simon lehericey
3fde2a6f70 Rename gestionnaire in code to instructeur 2019-08-12 13:47:01 +02:00
simon lehericey
6902f84b85 Brutally rename gestionnaire filename to instructeur 2019-08-12 13:47:01 +02:00
simon lehericey
bb8d65c6b4 Subtly rename admin/instructeurs to admin/assigns 2019-08-12 13:47:01 +02:00
maatinito
8d3e3baabc #3928 administrator new & edit pwd pages 2019-08-01 17:12:14 +02:00
maatinito
0b0ef8a318 #3928 Zxcvbn service to compute password complexity 2019-08-01 17:12:14 +02:00
maatinito
3703a71ea3 #3928 Added constants to define password min length & complexity 2019-08-01 17:12:14 +02:00
clemkeirua
38b48f4217 transition from accepte to instruction as superadmin 2019-08-01 10:29:51 +02:00
Paul Chavard
6cfad01d12 Stop using Flipflop as switch for weekly_overview 2019-07-31 15:15:09 +02:00
Paul Chavard
25db21467d Stop using Flipflop as switch for Fog 2019-07-31 15:15:09 +02:00
Pierre de La Morinerie
95e24392f9 models: remove old pieces justificatives 2019-07-30 16:11:17 +02:00
Pierre de La Morinerie
212d1f8cea locales: remove references to old pj 2019-07-30 16:11:17 +02:00
Pierre de La Morinerie
0c4cb3b498 admin: remove UI for managing old pj 2019-07-30 16:11:16 +02:00
Nicolas Bouilleaud
7205f4da9e L'enfer du Nord Paris-Roubaix (Tour de France, Tour de France) 2019-07-30 14:47:48 +02:00
pedong
9438f962c5 add alert for account is locked 2019-07-29 17:48:44 +02:00
pedong
8d03a6747c add lockable to User, Gestionnaire, administration, Administrateur 2019-07-29 17:48:44 +02:00
clemkeirua
99421545ab replaced api-carto endpoint 2019-07-23 16:21:15 +02:00
clemkeirua
f166077f5e ajout d'un bouton de suppression des admin dans le manager 2019-07-23 16:11:15 +02:00
clemkeirua
92ec627425 update brakeman configuration 2019-07-17 18:04:32 +02:00
clemkeirua
d8b63cd4c9 added 'monavis' inside the procedure and for users 2019-07-17 18:04:32 +02:00
clemkeirua
25f81f1d3c download a dossier as zip with all attachments 2019-07-16 09:11:25 +02:00
Pierre de La Morinerie
76335511c8 omniauth: protect against CSRF
See https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284
2019-07-15 18:16:00 +02:00
Pierre de La Morinerie
56c846900b champs: improve validation message of numeric fields
Replaces

> Champs value doit être un nombre

by

> La valeur du champ doit être un nombre entier (sans chiffres après
> la virgule)
2019-07-11 15:12:48 +02:00
Paul Chavard
3cb39c2840 Refactor message attachements to use active_storage 2019-07-10 15:35:29 +02:00
Pierre de La Morinerie
055fc63c45 profile: improve email success message wording 2019-07-10 11:31:09 +02:00
simon lehericey
ea79b9a595 typo: use ’ 2019-07-09 11:55:17 +02:00
simon lehericey
d36f6ebcd7 [fix #1709] A user can change its email 2019-07-09 11:55:17 +02:00
simon lehericey
0f9fdf3f75 Activate device email change confirmation 2019-07-09 11:55:17 +02:00
simon lehericey
d68d2be798 Profil: accessible to all roles 2019-07-09 11:55:17 +02:00
Mathieu Magnin
b34f8fbe3d Add ActionText 2019-07-03 13:15:49 +02:00
simon lehericey
4b154983fb Landing: voir les démarches -> comment trouver ma démarche 2019-07-03 12:59:09 +02:00
simon lehericey
c7e10fc43f Manager: remove repasser_en_instruction 2019-07-02 18:40:20 +02:00
simon lehericey
b79220e711 UI 2019-07-02 18:35:47 +02:00
Paul Chavard
fb0ef15e3c Export dossiers v2 2019-07-02 14:20:29 +02:00
clemkeirua
dfefb827d9 missing connect-src 2019-07-02 10:50:10 +02:00
clemkeirua
d6f2de2fbf enable static + activate csp in production 2019-07-02 09:40:38 +02:00
clemkeirua
0cfd3e3c1f disable csp 2019-07-01 12:10:08 +02:00
clemkeirua
eaf850c1e9 enable csp 2019-06-27 11:10:29 +02:00
clemkeirua
f19b5f8911 fix csp rule for crisp websocket 2019-06-26 12:37:55 +02:00
clemkeirua
7064f7e973 enable crisp websockets and css 2019-06-25 17:39:08 +02:00
clemkeirua
d3c6021ef4 add duplicate rules as fallback 2019-06-20 11:34:24 +02:00
clemkeirua
dc6c2e6bc0 add missing elements 2019-06-17 17:05:08 +02:00
Nicolas Bouilleaud
eb592f8ddf Add manager controller for bill signatures 2019-06-17 16:16:28 +02:00
Nicolas Bouilleaud
f355f849a6 Add BillSignature Model 2019-06-17 16:16:28 +02:00
Nicolas Bouilleaud
dace9a53d3 Add Universign timestamp API query 2019-06-17 16:16:28 +02:00
clemkeirua
765b10026e more generic elements to the security policy 2019-06-17 09:51:27 +02:00
pedong
abcd58c35d [fix #3710] date with letter
Co-Authored-By: simon lehericey <mail@simon.lehericey.net>
2019-06-12 17:48:12 +02:00
Chaïb Martinez
eccd456325 Add crisp
Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
2019-06-05 17:41:47 +02:00
Paul Chavard
ff44b7a600 Refactor purge pj to be more generic 2019-05-29 15:54:51 +02:00
Pierre de La Morinerie
d410e31344 active_storage: document the virus scan hooks 2019-05-28 11:39:22 +02:00
Paul Chavard
6a3413018a Refresh attachments with virus scan result 2019-05-21 14:21:55 +02:00
Paul Chavard
cc4eba2b36 Less mokey patching 2019-05-21 14:21:42 +02:00
clemkeirua
5cbbbb8d3e more whitelist for the common domains we use 2019-05-20 09:52:44 +02:00
Paul Chavard
42235e81b1 Use active storage load hook to extend blob 2019-05-16 20:43:01 +02:00
Paul Chavard
348b15f595 Put devtools behind feature flags 2019-05-15 18:10:25 +02:00
clemkeirua
6fe4031b2e use constant for localhost 2019-05-15 16:33:27 +02:00
clemkeirua
b670b60ac6 changement de l'URI de report-uri 2019-05-15 15:32:00 +02:00
Pierre de La Morinerie
abfeb1c2db locales: remove unused carrierwave localisation
- It was broken since the renaming of `extension_white_list` to
  `extension_whitelist` (f0ed61cce8)
- The localisation is already included in the `carrierwave-i18n` gem
- The localisation included in the gem is better than ours (it mentions
  which extensions are allowed).
2019-05-15 14:39:40 +02:00
Pierre de La Morinerie
d431eeeb93 carrierwave: fix typo
Turns out the `openstack_identity_api_version` has not actually been
filled out for a while, because of a typo.
2019-05-15 14:03:15 +02:00
Paul Chavard
9725f2a418 Enable new champs editor for all 2019-05-14 16:18:29 +02:00
Paul Chavard
3446782cd0 Remove deprecated editor 2019-05-14 16:18:29 +02:00
Paul Chavard
dba8d65137 Track dossier operations with author and subject 2019-05-14 14:31:03 +02:00
Chaïb Martinez
3004f96cf5 Add video and webinar URLs to admin pages
Fix #3850

Signed-off-by: Chaïb Martinez <chaibax@gmail.com>
2019-05-13 17:47:02 +02:00
clemkeirua
675cc5150c update on the security policy headers 2019-05-09 14:55:21 +02:00
Nicolas Bouilleaud
3ff0c83485 Add multi-admin UI
refs #1626
2019-05-06 16:19:08 +02:00
clemkeirua
2ae02a132b Report-Only for tests 2019-05-06 10:07:51 +02:00
clemkeirua
64b858ef19 handle Gon + add report-uri URL 2019-05-06 10:07:51 +02:00
clemkeirua
8582b08a98 add security policy 2019-05-06 10:07:51 +02:00
Paul Chavard
f113d108c9 Save virus scan status to blob metadata 2019-05-02 15:58:09 +02:00
Paul Chavard
d72cead7ff Remove unnecessary uglify options
New options :
terserOptions:
   { output: { ecma: 5, comments: false, ascii_only: true },
     parse: { ecma: 8 },
     compress: { ecma: 5, warnings: false, comparisons: false },
     mangle: { safari10: true } } }
2019-05-02 14:10:48 +02:00
Paul Chavard
2f633b5d23 Load leaflet from a separate chunk 2019-05-02 14:10:48 +02:00
Pierre de La Morinerie
e06e32238c api_entreprise: display a specific error message on network errors 2019-05-02 11:24:38 +02:00
Pierre de La Morinerie
6c8280fba6 api_entreprise: add a feature flag for toggling API INSEE v3 2019-04-30 17:27:58 +02:00
simon lehericey
1d051dc3ef Can change a piece_justificative_template on a type_de_champ 2019-04-18 11:13:35 +02:00
Mathieu Magnin
14c3fb7224 [Fix #3064] Add a preview button for state notifications emails 2019-04-11 11:03:13 +02:00
Pierre de La Morinerie
01e113d04f Revert "locales: tell that API Entreprise is unavailable for now"
This reverts commit a598383856.
2019-04-04 17:15:31 +02:00
Pierre de La Morinerie
41ad89d8ac commencer: fix redirection with invalid path 2019-04-04 14:03:40 +02:00
Paul Chavard
b9be186d2c Sentry should send environment information 2019-04-03 18:19:16 +02:00
Pierre de La Morinerie
22f2ca105e commencer: display a FranceConnect button
Fix #3640
2019-04-03 16:08:09 +02:00
simon lehericey
6d42c8f08a env.example: add TRUSTED_NETWORKS variable 2019-04-03 15:21:19 +02:00
Paul Chavard
639facaf2a Add new types_de_champ#move api 2019-04-03 14:38:07 +02:00
Paul Chavard
51c79ba6a6 Update webpacker and replace vue with react 2019-04-03 14:38:07 +02:00
Pierre de La Morinerie
a598383856 locales: tell that API Entreprise is unavailable for now 2019-04-03 11:24:51 +02:00
Paul Chavard
e71cdcd12c Move all the trackers to a separate js pack 2019-04-02 17:33:53 +02:00
Pierre de La Morinerie
97af31d54f app: rename references to betagouv/tps
Github has an automatic redirection, but better be clean.
2019-03-26 11:10:30 +01:00
Pierre de La Morinerie
30d11e0dac app: rename new_gestionnaire to gestionnaires 2019-03-26 10:48:59 +01:00
Pierre de La Morinerie
ded5b70444 app: rename new_user to users 2019-03-25 10:56:39 +01:00
Mathieu Magnin
2c1e1db37d [Fix #3617] 404 when filter[value] contains a "." 2019-03-19 14:25:57 +01:00
simon lehericey
ed6828c66c Notification: UI 2019-03-18 16:37:51 +01:00
simon lehericey
eae6986079 Puma: change config to enable cluster mode in production 2019-03-18 11:40:13 +01:00
Paul Chavard
504b26bf5e Add administrateur to demarche from manager 2019-03-12 11:59:01 +01:00
Mathieu Magnin
44f28ec565 Remove feature flag for publish draft 2019-03-12 11:26:07 +01:00
Frederic Merizen
b3c3541725 [#3477] Update brakeman config 2019-03-11 17:14:17 +01:00
Frederic Merizen
8d8376947d [Fix #3477] Individually remove values from multi-value filter 2019-03-11 17:14:17 +01:00
Frederic Merizen
98713b6a4d Proxy for SendinBlue API 2019-03-08 16:33:28 +01:00
Frederic Merizen
fc38880155 Move sendinblue client key to configuration file
This is not a secret (it's sent to the client as part of the JS anyway) so it's
not a big deal that it was on the public repository but it's still better to
have it be configurable.
2019-03-08 16:33:28 +01:00
Mathieu Magnin
1eed114d78 Add status page in footer 2019-03-05 17:42:00 +01:00
Frederic Merizen
d54a0a4612 Fix link to procedure brouillon in manager 2019-03-04 15:03:30 +01:00
simon lehericey
2920769a68 ActiveStorage: temp url are valid for 1 hour 2019-02-28 18:36:28 +01:00
simon lehericey
9d92e43d8d [fix #3315] Migrate service organisme 2019-02-18 16:50:44 +01:00
simon lehericey
a7e068003a [fix #3427] Administration can soft delete a dossier 2019-02-14 18:09:08 +01:00
Paul Chavard
5da5f75c5f [Types de Champ Editeur] Save on change and only edited model 2019-02-07 17:05:55 +01:00
simon lehericey
32281092e6 mina: reuse gem between deployment 2019-02-06 14:41:45 +01:00
Paul Chavard
071448e1d9 Champ Repetition dossier editor 2019-02-04 16:19:07 +01:00
Paul Chavard
862ab4ed04 “Bloc répétable” is ready to be tested 2019-02-04 15:46:39 +01:00
Pierre de La Morinerie
283f110e9b stats: improve numeric separators and suffixes 2019-02-01 11:02:37 +01:00
pedong
6103176a78 [fix #1238] add previsualization attestation for gestionnaire 2019-01-22 14:54:24 +01:00
Pierre de La Morinerie
016e5f2e6f commencer: add an independant page 2019-01-21 14:45:38 +01:00
Paul Chavard
6036d7906f Enable champ_siret for all 2019-01-17 15:17:48 +01:00
Paul Chavard
9136c9dfa0 Enable support_form for all 2019-01-17 15:17:48 +01:00
Paul Chavard
41c9b21509 Use new editor 2019-01-17 11:20:31 +01:00
Paul Chavard
e1a1a2b2ad Add new admin procedure update action 2019-01-17 11:20:31 +01:00
Paul Chavard
d9d0b29cbf Add Vue.js 2019-01-17 11:20:31 +01:00
Frederic Merizen
0846860748 Proxy for active storage service provider 2019-01-16 11:34:57 +01:00
Pierre de La Morinerie
3b92fe93fc stats: make groupdate week start on Monday 2019-01-10 16:14:14 +01:00
gregoirenovel
5fa5f2aa37 Bump development gems
- rubocop (0.61.1 → 0.62.0)
2019-01-05 11:47:55 +01:00
gregoirenovel
0596d53ac2 Enable the Lint/UnusedBlockArgument cop 2019-01-03 10:53:50 +01:00
gregoirenovel
8ffcc16ec5 Avoid EOL ifs 2019-01-03 10:53:50 +01:00
gregoirenovel
7ffe40868b Use parentheses 2019-01-03 10:53:50 +01:00
Chaïb Martinez
0fe473b84e Add 2 new categories in admin contact form 2018-12-20 15:29:49 +01:00
Paul Chavard
5d1c24f3d8 Add type de champ repetition models (with row) 2018-12-19 15:31:11 +01:00
Frederic Merizen
832b4a61bc Drop CleverCloud Service for ActiveStorage 2018-12-19 10:36:02 +01:00
Frederic Merizen
57a136c861 Make champ PJ generally available 2018-12-18 11:11:23 +01:00
Mathieu Magnin
5ab0853f1c Harmonize user champ pj purge route to gestionnaire 2018-12-14 11:38:59 +01:00
Mathieu Magnin
edf3eefa87 Fix Sentry 114, Instructeur can delete pj in private champs 2018-12-13 17:27:05 +01:00
Frederic Merizen
0a1bdbb6d3 [#2180] Passer sur le nouveau fournisseur de stockage 2018-12-11 19:54:11 +01:00
pedong
de5de75869 [fix #2985] del champ_linked_dropdown in feature 2018-12-10 16:47:22 +01:00
simon lehericey
db6c86b242 DossierController: user can destroy pjs 2018-12-06 10:45:10 +01:00
Mathieu Magnin
55525af060 Add rake task to run after party with mina 2018-12-04 14:43:55 +01:00
Paul Chavard
2f2aa580f8 Update activestorage.js 2018-12-04 11:37:00 +01:00
Paul Chavard
6043e59937 Disable after party 2018-12-01 10:30:35 +01:00
Frederic Merizen
dd07a8ca1f [#2180] Use different container for activestorage and for carrierwave 2018-11-29 11:31:58 +01:00
Paul Chavard
b9af07b845 Add admin support contact form 2018-11-28 16:50:37 +01:00
Paul Chavard
3f62d2b0b6 Allow to override active_job adapter 2018-11-27 17:26:21 +01:00
pedong
ef1c17beaa [Fix #3056] get url api in the environment variable 2018-11-27 14:47:10 +01:00
Mathieu Magnin
804f0665e3 Re-enable releases cleanup 2018-11-22 18:26:18 +01:00
gregoirenovel
d0ec53a494 Move accessibilite to the root controller 2018-11-22 02:00:54 +01:00
gregoirenovel
82d764e340 Move tour_de_france to the root controller 2018-11-22 02:00:54 +01:00
gregoirenovel
4a8b56cded Remove an unneeded slash 2018-11-22 02:00:54 +01:00
gregoirenovel
be08e5a248 Move a route to a better position 2018-11-22 02:00:54 +01:00
gregoirenovel
dffd132564 Remove a useless file 2018-11-22 01:51:55 +01:00
gregoirenovel
455e7ef364 Remove a dead route 2018-11-22 01:47:29 +01:00
Mathieu Magnin
167aff30f4 Cancel cleanup 2018-11-21 16:28:02 +01:00
Mathieu Magnin
88b8c190f5 Cleanup releases after deploy 2018-11-21 14:35:00 +01:00
Mathieu Magnin
3ce9dd39af [Fix #3008] Soft delete demarche button in manager 2018-11-21 14:29:42 +01:00
Pierre de La Morinerie
ac9a87f27b config: fix email assets not having the full URL domain prepended
When sending emails, the mailer doesn't have access to the request
host. It needs to infer it by itself.

For this we need two settings:

- action_mailer.default_url_options, to generate urls to routes
- action_mailer.asset_host, to generate full urls to assets

Only the first one of these settings was set in production.

Fix #2518
2018-11-21 12:30:00 +01:00
Frederic Merizen
e69e459649 [#2180] Add activestorage-openstack 2018-11-16 11:11:40 +01:00
Frederic Merizen
d901cb286b [#2180] Bump fog-openstack 2018-11-16 11:11:39 +01:00
Frederic Merizen
6da33f2387 [#2180] Drop fog 2018-11-16 11:11:39 +01:00
Paul Chavard
2eb61bd6ed Move dossier invites handler to invites controller 2018-11-14 15:16:49 +01:00
Pierre de La Morinerie
f7c586f3e4 features: add maintenance features to the 'production' group 2018-11-13 16:38:56 +01:00
Pierre de La Morinerie
0eb21fe8c4 manager: localize model names 2018-11-13 11:20:12 +01:00
simon lehericey
fb76197404 SessionController: flipflop trusted device 2018-11-13 10:41:45 +01:00
simon lehericey
36621bffeb FlipFlop: enable for gestionnaire 2018-11-13 10:41:45 +01:00
simon lehericey
5690599289 Session: send a mail to confirm gestionnaire login 2018-11-13 10:41:45 +01:00
Paul Chavard
624b442cd7 Remove “Outil de changement d'état d'un dossier” 2018-11-08 14:56:45 +01:00
Chaïb Martinez
8d02b4dbdf Add Matomo Suivi page 2018-11-08 14:25:37 +01:00
Pierre de La Morinerie
b94bc654c9 config: remove duplicated line
The line is duplicated above in the same file.
2018-11-06 17:11:09 +01:00
Frederic Merizen
31ca0552ab [#835] Extract avis creation into concern 2018-11-06 15:44:43 +01:00
Frederic Merizen
6a43be4f39 [#835] Extra paths deserve eagler loading in production too 2018-11-06 15:44:43 +01:00
Frederic Merizen
02fa30c83b [#835] Remove redundant values from autoload_paths
(Level 1 subdirectories of app are already globbed by default rails config)
2018-11-06 15:44:43 +01:00
Paul Chavard
7a60f1b549 Enable champ carte for everyone 2018-11-06 14:26:32 +01:00
pengfei
7950597bf5 [fix #2858] env api geo 2018-11-06 12:54:01 +01:00
Paul Chavard
ca09aa52a3 Put IntegerNumberChamp behind a flag 2018-11-06 11:28:44 +01:00
Paul Chavard
074050a91a Add IntegerNumberChamp 2018-11-06 11:28:44 +01:00
Paul Chavard
45bfb2fd47 Add DecimalNumberChamp 2018-11-06 11:28:44 +01:00
Paul Chavard
cfd1950e17 Migrate commencer to new_user 2018-11-01 13:10:41 +01:00
Paul Chavard
6e4d111e09 Refactor and fix procedure update error handling 2018-10-30 15:59:37 +01:00
gregoirenovel
6bc1a8cb71 Remove the confirmation button from the manager 2018-10-30 15:24:30 +01:00
Paul Chavard
725e88a89a Rename :procedure_path -> :path 2018-10-30 12:01:45 +01:00
Paul Chavard
78dc582588 Remove ProcedurePath 2018-10-30 12:01:45 +01:00
simon lehericey
5aee0e7d40 Config: setup Paris time_zone 2018-10-26 10:10:20 +00:00
simon lehericey
b00dec4bf6 Conf: storage.apientreprise.fr -> static.demarches-simplifiees.fr 2018-10-25 17:05:22 +02:00
gregoirenovel
fed1f05456 Add CADRE_JURIDIQUE_URL 2018-10-25 14:45:13 +02:00
gregoirenovel
394524b397 Improve the webhook description 2018-10-25 14:45:13 +02:00
gregoirenovel
cfc58000c6 Improve urls.rb 2018-10-25 14:45:13 +02:00
gregoirenovel
5b32638502 Order shared_dirs by alphabetic order 2018-10-24 16:00:49 +02:00
gregoirenovel
a90232e57b Order require statements by alphabetic order 2018-10-24 16:00:49 +02:00
gregoirenovel
f60ff02394 Improve readability 2018-10-24 16:00:49 +02:00
gregoirenovel
21028bd97b Extract a task to make things more atomic 2018-10-24 16:00:49 +02:00
gregoirenovel
1c55a38e81 Move variable definition to the top 2018-10-24 16:00:49 +02:00
gregoirenovel
4026984852 Move a comment in the comment block 2018-10-24 16:00:49 +02:00
gregoirenovel
7559653062 Make the comments-code order match 2018-10-24 16:00:49 +02:00
gregoirenovel
70a3b9737c Improve a comment 2018-10-24 16:00:49 +02:00
gregoirenovel
b9c91cbab4 Factorize some code 2018-10-24 16:00:49 +02:00
gregoirenovel
fda1218a5f Keep the same order between shared_dirs and setup 2018-10-24 16:00:48 +02:00
gregoirenovel
883c981165 Group single-line parameter definitions 2018-10-24 16:00:48 +02:00
gregoirenovel
db540471d4 Remove a duplicated comment 2018-10-24 16:00:48 +02:00
simon lehericey
d4b3f829b6 Deploy: update description 2018-10-24 12:22:33 +02:00
simon lehericey
c616f6e5b8 Deploy: improve layout 2018-10-24 12:22:33 +02:00
simon lehericey
6e8473e6c1 Deploy: move print and use puts 2018-10-24 12:22:33 +02:00
simon lehericey
a1d813aff4 Deploy: use fetch 2018-10-24 12:22:33 +02:00
simon lehericey
9ee1119656 Deploy: STAGE_NAME -> STAGE 2018-10-24 12:22:33 +02:00
Mathieu Magnin
8316ab8e51 When deploying read stage from environment 2018-10-24 12:22:33 +02:00
Mathieu Magnin
bffeeaf954 Configure mina for new infra 2018-10-24 12:22:33 +02:00
Mathieu Magnin
d0a8cedbe2 Unicorn -> Puma 2018-10-24 12:22:33 +02:00
Paul Chavard
5a8a4b393f Add RPG carte source 2018-10-23 18:13:44 +02:00
Paul Chavard
7ffbe417f9 Add ApiGeo RPG adapter 2018-10-23 18:13:44 +02:00
Paul Chavard
ed46e2c3be Use Typhoeus in ApiGeo adapter 2018-10-23 18:13:44 +02:00
Chaïb Martinez
535fe6d13a Link directly to the instructeur tutorial in the instructeur email 2018-10-23 11:23:24 +02:00
Chaïb Martinez
796ff972e6 Add a webinaire registration CTA at the end of the admin email 2018-10-23 11:23:24 +02:00
Chaïb Martinez
e8dd6b00bf Link to the admin tutorial instead of the doc 2018-10-23 11:23:24 +02:00