studio/people
Archived
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
808 Commits 1 Branch 0 Tags
b4ab36fc0e4d5b1ff152b659f2374b8ae2cac64c
Commit Graph

808 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Quentin BEY
b4ab36fc0e 📝(oidc) describe the IdP aspect of people 
This provides a light documentation about the way to
configure people as an IdentityProvider.
 2025-03-03 12:24:43 +01:00
Quentin BEY
160ce92e54 (oidc) add IdP e2e test for login 
This is a simple test to assert a user can login via people when setup
as an identity provider.
 2025-03-03 12:24:43 +01:00
Quentin BEY
a7ab2142f9 🔇(helm) disable sentry on local stack 
This is making too much noise when developing using the tilt stack...
 2025-03-03 12:24:43 +01:00
Quentin BEY
cf4b435c63 🧑‍💻(tilt) allow use of people as an IdP 
Few fixes to allow the keycloak dev stack to use people
as an Identity Provider.
This requires the update of the bitnami keycloak chart we
use.
 2025-03-03 12:24:43 +01:00
Quentin BEY
fd8e0e08c3 💄(oidc) add login page in the frontend 
To have a better user experience, we want the login page
to in the frontend.
 2025-03-03 12:24:43 +01:00
Quentin BEY
68550f6f7e 🧑‍💻(demo) configure people as an IdP 
This configures local environment to test login through people:
- Keycloak configuration of the IdP (people)
- Add Keycloak Application in people

The only user who can login for now is "admin".
 2025-03-03 12:24:43 +01:00
Quentin BEY
db6cdadd72 (oidc) add django-oauth-toolkit w/ configuration 
This allows to use `people` as an identity provider using
OIDC and local users.
This commit is partial, because it does not manage a way to
create "local" users and the login page is the admin one, which
can't be used for non staff users or login with email.
 2025-03-03 12:24:43 +01:00
Quentin BEY
8faa049046 🗃️(mailbox_manager) add organization to domain 
To be able to provide a SIRET in the ProConnect IdP process
we need to be able to link a mail domain to its organization.
For now this is not mandatory, as we can't detect the organization
and need a frontend process to clarify it.
 2025-03-03 12:24:43 +01:00
renovate[bot]
a386c61729 ⬆️(dependencies) update js dependencies 2025-03-03 10:09:30 +01:00
Marie PUPO JEAMMET
99cc4d00d5 🔧(api) add sidecar for swagger collection 
add drf_spectacular_sidecar to correctly collect swagger
upon collectstatic
 2025-02-26 14:59:58 +01:00
Marie PUPO JEAMMET
55b7d1adbd 🔧(swagger) activate swagger in staging 
activate swagger in staging for devs from other teams to build interop
more easily
 2025-02-25 17:57:40 +01:00
renovate[bot]
7d3f10a4b6 ⬆️(dependencies) update js dependencies 2025-02-24 23:16:46 +01:00
Laurent Bossavit
5f294b8436 📌(renovate) ignore @hookform/resolvers until issue fixed 
Version 4.1.0 breaks Zod resolvers, ignore for now.
 2025-02-24 23:03:19 +01:00
Laurent Bossavit
db338231b7 🧑‍💻(bootstrap) install playwright browsers for local dev 
Removal of Playwright browsers installation is a win for CI but
not a reason to degrade developer experience, so we install them
locally as part of the bootstrap process.
 2025-02-24 22:52:47 +01:00
renovate[bot]
21033dedbd ⬆️(dependencies) update python dependencies 2025-02-24 16:15:28 +01:00
Sabrina Demagny
2dfa97749f 🧑‍💻(scripts) improve release script 
Add explicit links to current and deployment repositories
and change commit message to bump preprod version on deployment repo.
 2025-02-21 15:25:05 +01:00
Quentin BEY
7ccd8e3035 🧱(helm) remove extras from helmchart release 
The local helm chart provides templates for local use only.
 2025-02-21 11:29:20 +01:00
Quentin BEY
8d0fbdfecd 🧱(helm) add resource-server ingress path 
The route was added but not declared in the ingress.
 2025-02-21 11:17:44 +01:00
Sabrina Demagny
a83fb25f6d 🌐(backend) synchronize translations with crowdin again 
All translations of backend were synchronized and translated
on crowdin again.
Please use make 'i18n-generate-and-upload' then go to crowdin
to update translations then do 'make i18n-download-and-compile'
 2025-02-20 17:31:46 +01:00
Marie PUPO JEAMMET
11c7af205b 📝(tilt) upgrade tilt doc 
upgrade tilt doc by remove sops-related topics +
adding linux instructions
 2025-02-20 11:11:56 +01:00
Sabrina Demagny
f23f1eabd6 🔖(patch) release version 1.12.1 
Update all version files and changelog for patch release.
 2025-02-20 09:41:18 +01:00
Laurent Bossavit
7025a0787f 👽️(dimail) increase timeout value for API calls 
The domain creation endpoint will sometimes take longer than 5s to
complete: increase timeouts.
 2025-02-20 09:39:17 +01:00
Sabrina Demagny
70d22eecfa 🔖(minor) release version 1.12.0 
Update all version files and changelog for minor release.
 2025-02-18 08:51:31 +01:00
Laurent Bossavit
7379d70321 🐛(communes) add missing user creation in domain provisioning 
Add user in Dimail for automatically provisioned domains.
 2025-02-18 08:30:25 +01:00
Sabrina Demagny
29d0bbb692 (frontend) display button to re-run fetch domain from dimail 
Add the button in the modal which describes actions required
to make the domain work
 2025-02-17 20:39:03 +01:00
Sabrina Demagny
cdb766b0e0 (domains) allow to run all fetch domain data from dimail 
Fetch domain status and expected config from dimail.
 2025-02-17 19:40:13 +01:00
Sabrina Demagny
38de864d68 (domains) add admin action to fetch domain DNS config 
Create a Django admin action to allow retrieval of
the expected domain configuration from dimail.
These values shouldn't change unless external
intervention occurs. An admin command seems sufficient to handle
hypothetical changes.
 2025-02-17 19:28:43 +01:00
Sabrina Demagny
cad065da84 (frontend) display domain expected config for DNS 
If any action is required on the domain, display the
expected domain configuration in the modal window to
inform the user of actions required to operate the domain.
 2025-02-17 19:28:43 +01:00
Sabrina Demagny
3893fdf4d7 (domains) get domain expected config for DNS 
Call dimail to get DNS configuration values
to make an external domain work and save it in our db.
Add values to serializer for displaying.
 2025-02-17 19:28:43 +01:00
Laurent Bossavit
d29b5141b1 ️(ci) save time on CI by not downloading already present browser 
See https://github.com/microsoft/playwright/issues/23388
 2025-02-17 10:30:06 +01:00
renovate[bot]
110fc82250 ⬆️(dependencies) update python dependencies 2025-02-17 09:03:33 +01:00
Sabrina Demagny
95f19f7c6c 🩹(domains) add missing migrations after define ordering 
Add missing migration after define ordering by created_at
for Mailbox, MailDomain and MailDomainAccess by created_at.
 2025-02-14 18:37:32 +01:00
Sabrina Demagny
ab03cd9db9 (domains) check status after creation 
Fetch domain status from dimail just after domain creation.
 2025-02-14 16:47:53 +01:00
Quentin BEY
a811431070 🧑‍💻(tilt) use maildev for local kube 
Switch from mailcatcher to maildev for local work purpose.
 2025-02-13 15:12:45 +01:00
Quentin BEY
d23ac76f36 🧑‍💻(dev) use maildev for local developments 
Switch from mailcatcher to maildev for local work purpose.
 2025-02-13 15:12:45 +01:00
Sabrina Demagny
9377a96e87 💄(domains) remove useless bold text broken after fbb4797 
Fix domain names displaying after fetch status
from dimail failure after commit fbb4797
 2025-02-13 09:31:06 +01:00
Sabrina Demagny
25313d3e84 🔒️(docker) patch libssl3 and libcrypto3 to address CVE-2024-12797 
Added temporary root privileges to update OpenSSL libraries. Upgrades libssl3
and libcrypto3 to 3.3.3-r0 to fix HIGH severity vulnerability. Properly
switches back to nginx user after updates. Maintains unprivileged execution
while addressing security concern affecting RFC7250 Raw Public Keys
authentication.

Security: CVE-2024-12797
 2025-02-13 08:58:28 +01:00
Sabrina Demagny
9cd1b42c3d 💄(frontend) change support email example 
The domain of support email suggested was
the same as the example domain name
suggested below.
This was a bit confusing because if the
domain is broken we need to contact someone
with a working email address.
 2025-02-12 22:53:06 +01:00
Laurent Bossavit
d08198e44d 🔊(prod) move logging config up to Base configuration class 
This move makes it possible to set logging configuration on a per-deployment
basis in production.
 2025-02-12 15:04:23 +01:00
Sabrina Demagny
e55468862d 🧑‍💻(domains) change default ordering 
Order by last created models MailDomain, Mailbox and MailDomainAccess.
 2025-02-12 10:36:55 +01:00
Laurent Bossavit
fbb4797f29 🚨(pytest) fix or suppress warnings during backend tests 
Avoid unnecessary noise from testing processes
 2025-02-11 16:52:26 +01:00
Sabrina Demagny
0f290df24a (frontend) display required actions details on Domain 
On domain page, add link to display modal with needed informations
about actions to do to fix a domain.
 2025-02-11 14:07:39 +01:00
Sabrina Demagny
a2b2c71448 (api) add required actions to fix domain 
Send all informations about required actions
to do to fix a domain and full check domain
health from dimail too.
 2025-02-11 13:07:14 +01:00
Sabrina Demagny
e1594493a7 🐛(plugin) fix support email 
Use a real email to contact support in case
of actions required on the domain in collectivite.fr
 2025-02-11 11:15:45 +01:00
renovate[bot]
e903c5d4ca ⬆️(dependencies) update python dependencies 2025-02-11 10:57:20 +01:00
renovate[bot]
0f80d5f2db ⬆️(dependencies) update js dependencies 2025-02-11 10:42:56 +01:00
Laurent Bossavit
4cb695c2bf (plugin) add CommuneCreation plugin 
Add unit tests and refactor name normalization and zone naming.
 2025-02-11 09:53:31 +01:00
Laurent Bossavit
a68f8171cb (plugin) add CommuneCreation plugin 
Add E2E test to cover the API integration, access grant &c.
 2025-02-11 09:53:31 +01:00
Laurent Bossavit
471f69d4ec (plugin) add CommuneCreation plugin 
Extend plugin mechanism to be able to grant domain admin in Dimail
 2025-02-11 09:53:31 +01:00
Laurent Bossavit
dc938d3159 (plugin) add CommuneCreation plugin 
Add test for zone creation call
 2025-02-11 09:53:31 +01:00