| Age | Commit message (Collapse) | Author |
|---|
|
Hotfix since 0.5.2 release candiate:
* tickets: fix bug that allow index of other users
Pull request #167 from azul/feature/i18n-for-ticket-system:
* fix flash for creating anonymous tickets
* adopt tests to new translations
* destroy_btn helper method
* move users key into layouts scope so it does not conflict with users
scope
* add btn helper for link_to with .btn
* remove icon_color variable - yagni
* sorting translation keys some
* navigation works with empty locale selected
* tickets: structure i18n
* flash_for with_errors option displays error messages
* remove unused bold helper and instead sanitize flash
* Controller#flash_for instead of FlashResponder
* split up and refactor TicketController#update
* separate tests for the ticket list from main controller test
* splitting up long functional test case
* move comment related tests out of TicketControllerTest
* use i18n.missing_translations
Pull request #168 from azul/bugfix/fix-login-validations:
* clearify identity validations
* ensure User#reload returns self
* hand on errors from Email to Identity to User
* catch corner cases of account creation
* adopt tests to new error messages for identities
* allow changing the user_id on an identity
* ensure identity is cleared on user.reload - fixes test
* use Identity for testing login availability
Pull request #163 from azul/feature/3398-save-hashed-token
* hash token with sha512 against timing attacs #3398
Pull request #165 from azul/feature/cert-fingerprints
* change from GET to POST for certs
* store fingerprints with timestamp
* store cert fingerprint with main user identity
* SmtpCertsController, routes and tests
* fix Email so User.new.valid? does not crash
* basic integration test for cert API
* calculate cert fingerprints to store for leap_mx
Pull request #166 from elijh/feature/footer
* better detection if price link should be shown in the footer
Pull request #162 from azul/feature/3295-custom-error-pages
* little bit of documentation
* i18n for error pages
* custom error pages for 404 and 500 errors
|
|
|
|
Feature/i18n for ticket system
|
|
Fix login validations
|
|
|
|
|
|
|
|
Identity.new.valid? should not crash. So validate presence where needed and
skip the other validations if the value is absent.
|
|
|
|
errors.each iterates through all errors for all attrbibutes nicely.
|
|
Users now always check if their identity is valid. We need to make
sure this works if the user is a new record and once it has been
persisted.
While the user is a new record the identity will have no user_id.
Old identities that are left to block the login of a user who
canceled their account also have a blank user_id. They still should
render the new identity invalid so the user can't be saved with a
login that has been reserved.
Once the user has been persisted we set the user_id on the identity
and save it too when creating an Account. This allows us to create
a plain user and save it and it will still have an in memory identity
only. But the default is to create the user by means of creating an
account so an identity will be created as well.
|
|
|
|
we set it to nil when we disable it
|
|
|
|
|
|
|
|
We create an identity alongside each user. Make sure the identity
is valid when creating the user. This also ensures that the login
picked is available because otherwise the identities address would
not be available anymore.
|
|
|
|
|
|
Also translates the first arg if it's a symbol and adds more btn- classes if given as html_options[:type]
|
|
|
|
|
|
Just in case some translation keys are not present things should still work and make sense.
So translation keys should be picked in a meaningful way and scoped rather than prefixed.
For example overview.account will turn into "Account" if no translation is present while "overview_account" will turn into "Overview Account". We usually want the former.
|
|
|
|
|
|
|
|
FlashResponder added a flash before responding. However at the point of responding objects have already been saved. So there is no way to test if they were changed.
Now instead we can call
flash_for resource
before
resource.save
and it will add the flash messages only if the resource was actually changed.
|
|
close and open actions for plain opening and closing the tickets
respond_with so fields are not cleared on invalid update
the custom actions are not strictly restful. But adding a subresource felt like too much overhead and is conceptually hard to grasp (so we destroy the openess of the ticket to close it?).
|
|
|
|
|
|
|
|
This controller does too much - so the tests are also getting large and hard to keep track of
|
|
This will print missing translation keys at the end of the tests
|
|
hash token with sha512 against timing attacs #3398
|
|
Feature/cert fingerprints
|
|
|
|
|
|
We create them. let's reflect that in the verb.
|
|
better detection if price link should be shown in the footer
|
|
Feature/3295 custom error pages
|
|
|
|
Only storing the date as that should suffice for normal expiry and is less useful for identifying users by timestamps
|
|
|
|
|
|
|
|
Email.new(nil) now returns an invalid email rather than crashing.
|
|
|
|
stelfox.net/blog/2014/04/calculating-rsa-key-fingerprints-in-ruby/
|
|
|
|
|
