studio/people
Archived
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
922 Commits 1 Branch 0 Tags
8691f1846d0dc7944ace7363afdd83cd0ddef62f
Commit Graph

922 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sabrina Demagny
8691f1846d 📝(scripts) enhance release scripts instructions 
Add information about settings and helm chart to configure
Add more details about translations PR autogenerated
 2025-04-08 22:00:41 +02:00
Sabrina Demagny
edbf77c525 💄(domain) enhance admin action label to import mailboxes 
So far, "Synchronise from dimail" only import missing mailboxes
from dimail, so this label needs to be more explicit.
 2025-04-08 21:39:16 +02:00
Quentin BEY
140d099fce ⬆️(backend) bump django-lasuite to v0.0.2 
This will allow the introspected token to not contain the `iss` claim.
 2025-04-07 13:55:19 +02:00
sdemagny
133688324b 🌐(i18n) update translated strings 
Update translated files with new translations
 2025-04-04 17:46:21 +02:00
Sabrina Demagny
a7b3cd42bc 🔖(minor) release version 1.15.0 
Update all version files and changelog for minor release.
 2025-04-04 17:46:21 +02:00
Jacques ROUSSEL
ceebf8f7aa 🐛(ci) remove path to trigger relaese helm chart 
We had an issue with the automatic helm chart releaser so we decide to
trigger the job on every merge.
 2025-04-04 17:18:20 +02:00
Sabrina Demagny
8ef2cc9a37 🧱(helm) add la-suite ingress path 
The route was added but not declared in the ingress.
 2025-04-04 15:02:20 +02:00
Quentin BEY
e2d362bc77 (backend) add django-lasuite dependency 
Use the OIDC backends from the new library.
 2025-04-04 09:57:12 +02:00
Sabrina Demagny
594d3af0d0 (plugins) add endpoint to list SIRET of active organizations 
Allow access to AccountService with right scope to list
SIRET of active communes
 2025-04-04 08:47:24 +02:00
Sabrina Demagny
855e20d407 (core) create AccountServiceAuthentication backend 
Backend authentication with API Key to AccountService
 2025-04-04 08:47:24 +02:00
Sabrina Demagny
f60bfc2676 (core) create AccountService model 
Create new model to allow access of some API
endpoints with API Key authentification.
Scopes will allow to define permission access on those
endpoints.
 2025-04-04 08:47:24 +02:00
Marie PUPO JEAMMET
b4de7fda92 🔒️(users) restrict listable users to same organization 
This is a quick fix to a security issue. Previously, any user could
list all users. Now /users/ endpoint only lists users from same
organization.
 2025-04-03 16:18:25 +02:00
Quentin BEY
a009f3ccb7 🐛(plugin) allow simple application name 
This allows to use the application name, instead of the full path to the
application configuration in the INSTALLED_PLUGINS setting.
 2025-04-03 15:17:53 +02:00
Marie PUPO JEAMMET
2f1843e0e8 🐛(stats) rename stat for clarity 
Public statistics on domains was modified to count only enabled
domains. Modify stat name to reflect change.
 2025-04-03 14:58:07 +02:00
Quentin BEY
3a044e6b02 📝(helm) update missing documentation 
Seems like the readme was not updated after adding the celery beat
worker configuration.
 2025-04-03 10:33:47 +02:00
Quentin BEY
7c569a3ca3 🧱(helm) disable createsuperuser job by setting 
This provides the way to disable the admin user creation at each
deployment. In production we don't want to persist a generic admin user:
it should be created once, at first deployment then replaced by
nominative accounts.
 2025-04-03 10:33:23 +02:00
Quentin BEY
e23d236614 (pytest) fail on tests external calls 
The backend tests must not try to call the real world.
 2025-04-03 09:39:15 +02:00
renovate[bot]
61c3b6ac6b ⬆️(dependencies) update django to v5.1.8 [SECURITY] 2025-04-03 07:47:33 +02:00
Quentin BEY
1eb9dffa48 🐛(contacts) add missing select_related 
The new DRF version (3.16.0) adds a check on unique together and needs
more fields to be loaded. To prevent an extra query, we select the owner
value in the DB query.
 2025-04-01 10:58:49 +02:00
renovate[bot]
d0854851a2 ⬆️(dependencies) update python dependencies 2025-04-01 10:58:49 +02:00
renovate[bot]
6eae92d9e5 ⬆️(dependencies) update js dependencies 2025-03-31 09:39:23 +02:00
Jacques ROUSSEL
b02146e4eb 🐛(ci) use github action for argocd webhook notification 
In order to refactor this notification between alls projetcs, we
chooseto use a custom github action
 2025-03-28 16:32:10 +01:00
Quentin BEY
dd43483ce6 🔒️(passwords) add validators for production 
This enabled various password validators to enforce password complexity.
 2025-03-28 15:43:45 +01:00
Sabrina Demagny
838d1267b2 (domains) allow to re-run check on failed domain 
In use we realize that it is also necessary to be able
to re-run dimail check on domain failed
 2025-03-28 15:03:15 +01:00
Quentin BEY
fbe3aa54d0 🐛(ci) use sha256 to sign argocd webhook call 
The argocd webhook call needs now to use sha256 digest now to sign

Copy from docs project commit by @lunika
 2025-03-28 11:09:04 +01:00
Sabrina Demagny
e4e9a121a4 (organization) add is_active field 
Add flag to indicate whether the organization is active.
Prepare organizations provisioning. The organization
will be created with this flag set to False and will
become active when the first user is associated with it.
 2025-03-27 18:34:09 +01:00
Sabrina Demagny
3173e096d9 🐛(dimail) enhance sentry log for dimail error 
Remove duplicate sentry log and fix failure if response content
has an unexpected format
 2025-03-27 18:25:24 +01:00
Marie PUPO JEAMMET
4420bab073 🐛(demo) fix missing support_email field 
"support_email" field was missing for all domains created in demo.
this lead to "make demo" and "setup_dimail_db" commands to fail.
 2025-03-27 18:06:36 +01:00
Marie PUPO JEAMMET
8cbedeb76e ♻️(dimail) refacto setup_dimail_db to call dimail client 
Management command "setup_dimail_db" called dimail directly, thus
creating duplicated code. It now calls "create_domain" and "create_allow"
methods from DimailAPIClient (create_user is left unchanged to create
special users such as dimail admin or people)
 2025-03-27 18:06:36 +01:00
Quentin BEY
28fdee868d ♻️(plugins) rewrite plugin system as django app 
This allow more flexibility around the installed plugins, this will
allow to add models in plugins if needed.
 2025-03-26 19:56:23 +01:00
Quentin BEY
4ced342062 ♻️(core) move app ready code to functions 
For readability, we move the code block from the `ready` method to a
dedicated function.

This will allow to add more things to do in the `ready` with more focus.
 2025-03-26 19:56:23 +01:00
Laurent Bossavit
2502ff0c99 🔧(dns) make target zone for communes domains configurable 
Add a configuration setting tied to an env var, so we can have
a separate zone for staging/preprod.
 2025-03-25 19:48:43 +01:00
Laurent Bossavit
dc33493739 Revert "(dimail) remove ci-time dependency on dimail to improve CI times" 
This reverts commit 81030004e9.
 2025-03-25 18:36:17 +01:00
Laurent Bossavit
81030004e9 (dimail) remove ci-time dependency on dimail to improve CI times 
The Gitlab instance hosting dimail images has become unstable
resulting in excessive CI failures, and we don't actually depend
on dimail for CI.
 2025-03-25 18:10:34 +01:00
Sabrina Demagny
339831f090 🌐(i18n) update translations 
Run i18n-download-and-compile to download translations from
Crowdin and compile them
 2025-03-25 13:45:24 +01:00
Sabrina Demagny
5178e460c4 (domains) notify support when domain status changes 
During the scheduled task to check domains,
send an email notification to domain support if a
status has changed.
 2025-03-25 08:44:35 +01:00
Sabrina Demagny
feb5d7154b (domains) define domain check interval as a settings 
For now, to avoid overloading dimail, we have defined a
time interval between each check request to dimail.
This interval should be configurable for testing and
different environments.
 2025-03-25 08:44:35 +01:00
renovate[bot]
7dac39034a ⬆️(dependencies) update js dependencies 2025-03-24 10:55:35 +01:00
renovate[bot]
660fc7c291 ⬆️(dependencies) update python dependencies 2025-03-24 09:34:53 +01:00
renovate[bot]
27fd43b164 ⬆️(dependencies) update next to v15.2.3 [SECURITY] 2025-03-22 12:44:17 +01:00
Laurent Bossavit
e63c31f960 🐛(front) disable retries in useQuery and useInfiniteQuery 
The default options in TanStack Query don't make sense for these purposes
and were inducing a need for long timeouts in Playwright tests. (Personal
aside: I consider timeouts in Playwright as a testing smell.)
 2025-03-20 14:56:15 +01:00
Quentin BEY
6b2ca88ff2 (oidc) add simple introspection backend 
This provides a configurable OIDC introspection backend to be able to
call introspection endpoints which returns JSON data instead of an
encrypted JWT.

Two backends are currently defined:

 - ResourceServerBackend` which expect a JSON response
 - JWTResourceServerBackend which implements RFC 9701 and expects
   JWE reponse.

There might be other cases (eg: ResourceServerBackend with JWT, JWS or
JWE, etc. but for now we don't use it, so we follow YAGNI).

This also allow to configure the claim to determine the "audience":

 - client_id: for our Keycloak implementation
 - aud: used by ProConnect
 2025-03-20 09:30:18 +01:00
Quentin BEY
b771f614e2 🧑‍💻(tilt) setup resource server with kc 
This configures the settings to be able to call people as a resource
server when using Keycloak deployment.
 2025-03-20 09:30:18 +01:00
Marie PUPO JEAMMET
889a495ea3 🧐(stats) restrict domains count to active domains 
Stats are currently counting all domains, including users tests.
Counting enabled domains is more relevant to reflect actual use.
 2025-03-19 16:52:11 +01:00
Sabrina Demagny
f21716dc68 📝(release) add information about crowdin download 
Now a github action downloads last translations from crowdin
when a release branch is created.
We have to merge crowdin translations into release
branch before submit the release PR ;)
 2025-03-18 18:29:02 +01:00
Sabrina Demagny
7e1f0b31f9 (scripts) enhance release script input 
Remove leading and trailing spaces inserted by mistake in the input.
For the version number, a space can corrupt the version control files.
 2025-03-18 18:29:02 +01:00
Sabrina Demagny
666cafe220 📝(dimail) add some info about data required to create mailbox 
Prepare generic mailbox implementation
 2025-03-18 18:29:02 +01:00
Quentin BEY
1ec98f0948 🧑‍💻(tasks) run management commands 
This allows to run management commands from a celery task.
 2025-03-18 18:02:53 +01:00
renovate[bot]
f0258bbde7 ⬆️(dependencies) update python dependencies 2025-03-17 12:02:44 +01:00
renovate[bot]
773f8cfb4b ⬆️(dependencies) update js dependencies 2025-03-17 11:41:57 +01:00