leap_web.git/app/controllers, branch drop/ruby-2.1 [leap_web] fix: respond with error on invalid pgp key 2017-11-16T12:18:55+00:00 Azul azul@riseup.net 2017-11-16T12:18:55+00:00 1ce9a3355ee59181df0359ebb455efa9ef323bb6 We used to just ignore the key. Also separated the code for handling key updates from other user updates. This should eventually be moved to a different route. Mixing the two makes the implementation really hard. 
We used to just ignore the key.
Also separated the code for handling key updates from other
user updates. This should eventually be moved to a different
route. Mixing the two makes the implementation really hard.
fix: alternate email dialogue 2017-11-13T12:16:41+00:00 Azul azul@riseup.net 2017-11-13T12:16:41+00:00 028376fe1ea7638f0119ba9614629f66453d206f fixes #8796 Cleaned up UserController#update earlier but missed that it was used to change fallback email addresses. Now it is back. This time including an integration test. 
fixes #8796

Cleaned up UserController#update earlier but missed that it was
used to change fallback email addresses. Now it is back. This
time including an integration test.
Merge branch '8800-hand-out-configs-json-without-authentication' into 'master' 2017-11-08T06:58:09+00:00 azul azul@riseup.net 2017-11-08T06:58:09+00:00 e7dfe732599df8df4299c60d14f7c1e3e112b27d feat: allow unauthenticated access to list of configs Closes #8800 See merge request leap/webapp!45 
feat: allow unauthenticated access to list of configs

Closes #8800

See merge request leap/webapp!45
 fix: sanity checks on user params 2017-10-24T11:33:03+00:00 Azul azul@riseup.net 2017-09-17T07:54:55+00:00 325bccc1649c928d512ce7c7b11e14566a8c9eeb fixes #8801 Includes a test reproducing 500 on lynx We now make use of ActionController::Parameters require and permit methods. 
fixes #8801

Includes a test reproducing 500 on lynx

We now make use of ActionController::Parameters require and permit
methods.
feat: sort invite codes by last update 2017-10-17T12:05:59+00:00 Azul azul@riseup.net 2017-10-17T12:05:59+00:00 47df0b296b282d0fe554c3b596b366c5403c9588 They used to be sorted by the code which was not helpful fixes #8806 requires deploy of new design docs to the platform 
They used to be sorted by the code which was not helpful

fixes #8806
requires deploy of new design docs to the platform
fix: login error message with locale set 2017-10-16T13:47:39+00:00 Azul azul@riseup.net 2017-10-16T13:46:07+00:00 aba11e35fa483ae72203854e323445e8330ed71b On a failed login the warden failure app gets called. Some of the params are changed accordingly but controller and action remain. set_locale would detect there was no locale in the path and thus attempt to redirect. However the params still belong to the previous request which was a POST to Api::SessionsController. This route does not respond to get requests and so it would trigger a 404 in production and a 500 in development. This commit prevents set_locale to act upon warden failure app controller calls by adding /new to the list of `NON_LOCALE_PATHS`. (The path is updated by warden to the name of the action called in the failure app). A test is included in this commit that tries to login with an invalid username, password combination and a german locale set. fixes #8805 
On a failed login the warden failure app gets called.
Some of the params are changed accordingly but controller
and action remain.
set_locale would detect there was no locale in the path
and thus attempt to redirect. However the params still
belong to the previous request which was a POST to
  Api::SessionsController.
This route does not respond to get requests and so it
would trigger a 404 in production and a 500 in development.

This commit prevents set_locale to act upon warden failure
app controller calls by adding /new to the list of
`NON_LOCALE_PATHS`. (The path is updated by warden to the
name of the action called in the failure app).

A test is included in this commit that tries to login
with an invalid username, password combination and a german
locale set.

fixes #8805
feat: allow unauthenticated access to list of configs 2017-09-11T12:55:14+00:00 Azul azul@riseup.net 2017-09-11T12:55:14+00:00 ef91e8fe1fb5c1cf8f2f84fd25ef2b115f0ec8c8 This should simplify client code significantly according to platform#8849 
This should simplify client code significantly according to
platform#8849
fix: set token in forms correctly 2017-04-20T13:59:18+00:00 Azul azul@riseup.net 2017-04-20T13:59:18+00:00 653f92e6ac5c0b61e8113665735d929426deb714 We now use the hash of the token for comparison and as the id. In order to use it you need the original token though. So forms and thus the session should have token.to_s rather than token.id. 
We now use the hash of the token for comparison and as the id.
In order to use it you need the original token though. So forms and
thus the session should have token.to_s rather than token.id.
feature: delete user clearing username 2017-04-03T08:43:42+00:00 Azul azul@riseup.net 2017-04-03T08:43:42+00:00 e9bdd2aa5a0662a9fc6d5ce730e26cfd560210ba 






bugfix: handle couch 404s
2017-03-23T08:49:17+00:00

Azul
azul@riseup.net

2016-11-21T15:14:38+00:00

1e672227a23afbb9f319a0aefa0b0ca3495fa1c6

our special error handler for json requests would turn all exceptions
into 500s - removed it. now the rescue_responses can do their thing
again.





our special error handler for json requests would turn all exceptions
into 500s - removed it. now the rescue_responses can do their thing
again.