Identified and resolved minor code formatting issues.
Updates:
* Add a newline at the end of the file
* Capitalize first names and last names of all users.
The current Renovate configuration is using the wrong match manager, as our
project utilizes `pyproject.toml` instead of `setup.cfg`. This commit corrects
the configuration to ensure compatibility with our project structure.
* ✨(api) search users by email
The front end should be able to search users by email.
To that goal, we added a list method to the users viewset
thus creating the /users/ endpoint.
Results are filtered based on similarity with the query,
based on what preexisted for the /contacts/ endpoint.
* ✅(api) test list users by email
Test search when complete, partial query,
accentuated and capital.
Also, lower similarity threshold for user search by email
as it was too high for some tests to pass.
* 💡(api) improve documentation and test comments
Improve user viewset documentation
and comments describing tests sections
Co-authored-by: aleb_the_flash <45729124+lebaudantoine@users.noreply.github.com>
Co-authored-by: Anthony LC <anthony.le-courric@mail.numerique.gouv.fr>
* 🛂(api) set isAuthenticated as base requirements
Instead of checking permissions or adding decorators
to every viewset, isAuthenticated is set as base requirement.
* 🛂(api) define throttle limits in settings
Use of Djando Rest Framework's throttle options, now set globally
to avoid duplicate code.
* 🩹(api) add email to user serializer
email field added to serializer. Tests modified accordingly.
I added the email field as "read only" to pass tests, but we need to discuss
that point in review.
* 🧱(api) move search logic to queryset
User viewset "list" method was overridden to allow search by email.
This removed the pagination. Instead of manually re-adding pagination at
the end of this method, I moved the search/filter logic to get_queryset,
to leave DRF handle pagination.
* ✅(api) test throttle protection
Test that throttle protection succesfully blocks too many requests.
* 📝(tests) improve tests comment
Fix typos on comments and clarify which setting are tested on test_throttle test
(setting import required disabling pylint false positive error)
Co-authored-by: aleb_the_flash <45729124+lebaudantoine@users.noreply.github.com>
---------
Co-authored-by: aleb_the_flash <45729124+lebaudantoine@users.noreply.github.com>
Co-authored-by: Anthony LC <anthony.le-courric@mail.numerique.gouv.fr>
Github secrets are difficult to maintain in time because we do not have
a way to track them efficiently. So to avoid this issue, we prefer to use
sops encrypted files to manage our secrets.
Add styled-components to the app-desk, it will help us to create
easily styled components.
We create 2 components, Box and Text, it is 2 generic components
that we help us to style quickly html elements. They use
the power of styled-components and Cunningham's design system.
We export the app in the out folder. This is a static export,
so our app can be deployed and hosted
on any web server that can serve HTML/CSS/JS static assets.
Create a fetch wrapper for the API calls, it will handle:
- add correct basename on the api request
- add Bearer automatically on the api request
- logout automatically on 401 request
Add test-e2e to people.yml, it will run e2e tests on every PR.
Steps:
- set env vars for e2e tests
- build and start docker servers
(backend, keycloak, DB)
- install playwright
- build apps
- run e2e tests
- save reports
Install playwright, adapt the config file and add a scripts to
run the tests.
e2e testing will monitor all our frontend applications,
so we install it in the frontend folder.
It configures the base of our monorepo.
- Adapt the tests to use React-Query
- Install fetch-mock to mock the fetch requests with Jest.
- Create a test to show how to mock the fetch requests
with fetch-mock
The admin was broken as we did not worry about it up to now. On the frontend
we want to use OIDC authentication only but for the admin, it is better if
the default authentication works as well. To allow this, we propose to add
an "email" field to the user model and make it the identifier in place of
the usual username. Some changes are necessary to make the "createsuperuser"
management command work.
We also had to fix the "oidc_user_getter" method to make it work with Keycloak.
Some tests were added to secure that everything works as expected.
As a prove of concept, to check the full process of our token,
we create a basic feature Teams.
This feature can create a team and list all teams.
We use react-query to manage the cache and the request to the API.
Integrate keycloak with the frontend.
We use the keycloak-js library to handle the
authentication and authorization.
We installed Zustand to handle the states of the
application.
We store the token and auth process in authStore.
Keycloak is a open source identity and access management
for modern applications and services.
- add keycloak server in docker-compose
- add keycloak in frontend
eslint is not enough for css, so we need a css linter too.
This commit adds stylelint to the project, we configure it
with prettier and add a check during the build process.
Integrate cunningham design system into app desk.
It comes with some boilerplate code that will have to be
adapted to our needs when we will get the design.
