summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-05-30Merge pull request #168 from azul/bugfix/fix-login-validationsazul
Fix login validations
2014-05-29clearify identity validationsAzul
Identity.new.valid? should not crash. So validate presence where needed and skip the other validations if the value is absent.
2014-05-29ensure User#reload returns selfAzul
2014-05-29hand on errors from Email to Identity to UserAzul
errors.each iterates through all errors for all attrbibutes nicely.
2014-05-29catch corner cases of account creationAzul
Users now always check if their identity is valid. We need to make sure this works if the user is a new record and once it has been persisted. While the user is a new record the identity will have no user_id. Old identities that are left to block the login of a user who canceled their account also have a blank user_id. They still should render the new identity invalid so the user can't be saved with a login that has been reserved. Once the user has been persisted we set the user_id on the identity and save it too when creating an Account. This allows us to create a plain user and save it and it will still have an in memory identity only. But the default is to create the user by means of creating an account so an identity will be created as well.
2014-05-28adopt tests to new error messages for identitiesAzul
2014-05-28allow changing the user_id on an identityAzul
we set it to nil when we disable it
2014-05-28bring back the alias functionality in IdentitiesAzul
2014-05-28ensure identity is cleared on user.reload - fixes testAzul
2014-05-28minor: beautify handle lookup in etc/passwd someAzul
2014-05-28use Identity for testing login availabilityAzul
We create an identity alongside each user. Make sure the identity is valid when creating the user. This also ensures that the login picked is available because otherwise the identities address would not be available anymore.
2014-05-26Merge pull request #163 from azul/feature/3398-save-hashed-tokenazul
hash token with sha512 against timing attacs #3398
2014-05-26Merge pull request #165 from azul/feature/cert-fingerprintsazul
Feature/cert fingerprints
2014-05-26hash token with sha512 against timing attacs #3398Azul
2014-05-26fix test to require loginAzul
2014-05-26change from GET to POST for certsAzul
We create them. let's reflect that in the verb.
2014-05-22Merge pull request #166 from elijh/feature/footerazul
better detection if price link should be shown in the footer
2014-05-22Merge pull request #162 from azul/feature/3295-custom-error-pagesazul
Feature/3295 custom error pages
2014-05-20better detection if price link should be shown in the footerelijah
2014-05-19store fingerprints with timestampAzul
Only storing the date as that should suffice for normal expiry and is less useful for identifying users by timestamps
2014-05-19minor: fix testsAzul
2014-05-19store cert fingerprint with main user identityAzul
2014-05-19SmtpCertsController, routes and testsAzul
2014-05-19fix Email so User.new.valid? does not crashAzul
Email.new(nil) now returns an invalid email rather than crashing.
2014-05-19basic integration test for cert APIAzul
2014-05-19calculate cert fingerprints to store for leap_mxAzul
stelfox.net/blog/2014/04/calculating-rsa-key-fingerprints-in-ruby/
2014-05-19little bit of documentationAzul
2014-05-19minor: remove unused error pagesAzul
2014-05-19i18n for error pagesAzul
2014-05-19custom error pages for 404 and 500 errorsAzul
2014-05-19update Gemfile.lock to reflect new versionAzul
2014-05-16Version 0.5.10.5.1Azul
Changes since 0.5.0 * Message API * Payment reminder messages * Messages to Warn after expiring trial period * cleanup and refactoring of messages code * require token authentication for API * rename security related functions to be clear * nagios test for webapp login * nagios test for soledad sync * prevent crash when destroying tokens (#5382) * redirect home when logged in visits /signup (#5446) * large refactoring of engine and directory layout * move users engine into main * move certs engine into main * update documentation for new engine layout * move remaining engines into engines directory * rename help engine to support * refactor nagios tests with support classes * nagios test for registering new users * enable nagios tests to work with older versions of requests lib * API endpoint for requesting the current service_level * null pattern refactoring for current_user as UnauthenticatedUser * rename UnauthenticatedUser to AnonymousUser * change service level configuration strategy * bringing back empty cert prefixes * adopt service_level config to platform settings * add signup and login info on the forms * cleanup homepage * unify wording for destroying accounts * recover from invalid tickets (#5552) * remove cert link in development * display notice that client signup is prefered (#5549) * capitalize Loading... indicator (#5542) * use simple_form for all forms * ensure buttons are properly loading and reset * open close toggle in ticket header * translate signup and login buttons * basic password validation (#5557) * reduce client_side_validations dependency (to be removed) * simplify download button * remove OS specific download buttons * adopt pricing view to current service_level format * upgrade debugger to work with latest ruby 1.9.3 patch release * hide srp forms when js is disabled (#5548) * allow for usernames with dots * fix ticket form submission and validation (#5657) * stop email autofil for ticket forms (#5664) * User#email returns email addresses only if service provided * move User Control Panel heading out of masthead (#5658) * open/close toggle and fields in different forms (#5659) * upgrade rails to 3.2.18 for security fixes
2014-05-16Merge remote-tracking branch 'origin/develop'Azul
Conflicts: app/assets/javascripts/srp test/nagios/soledad_sync.py test/nagios/webapp_login.py
2014-05-15Merge pull request #161 from azul/bugfix/download-button-widerazul
make download button wide enough for helvetica #5039
2014-05-15Merge pull request #160 from azul/upgrade/rails-3.2.18azul
upgrade rails to 3.2.18 for security fixes
2014-05-14check for presence of service_levelsAzul
This way the pricing link will not be shown for an empty hash. Which is easier to get into the config file than nil. And we can later verify the configuration to have a hash as the service_levels.
2014-05-14upgrade rails to 3.2.18 for security fixesAzul
2014-05-14make download button wide enough for helvetica #5039Azul
2014-05-14Merge pull request #159 from azul/bugfix/5659-fix-ticket-form-submitazul
open/close toggle and fields in different forms - fixes #5659
2014-05-14Merge pull request #157 from azul/bugfix/5664-stop-email-autofillazul
Bugfix/5664 stop email autofill
2014-05-14Merge pull request #158 from azul/bugfix/5658-fix-broken-mastheadazul
move User Control Panel heading out of masthead
2014-05-13adjust tests to new config and method implementationAzul
Ticket.is_creator_vlidated? now actually fetches the user from the db and returns false if it does not exist.
2014-05-13open/close toggle and fields in different forms - fixes #5659Azul
2014-05-13move User Control Panel heading out of mastheadAzul
the masthead can only handle content of a limited width. Alternatively we could make the masthead title wider and add padding on the left so it still aligns nicely with the mask. However the wider we make it the worse it looks on small width displays. Another option would be to make the masthead contain multiple lines. However vertical aligment to the middle of 1 OR 2 lines of text is a real pain. So I went with a super simple masthead and the Caption goes below.
2014-05-13destinguish user.email from user.email_addressAzul
use the former if you want a working email account or nil, the latter if you want the email address associated with a given user no matter if the user actually has an email account or not.
2014-05-13prefill ticket form from the model - fixes #5657Azul
email and regarding user fields can be set to defaults based on created_by user. If these fields are emptied by the submitting user they will be set to whereas they are nil if they have not been initialized. In that case we will use meaningful defaults from the user who created the ticket.
2014-05-13minor: use %Q for interpolated string with "Azul
2014-05-13keep empty email field if user removed prefillAzul
We should respect the users choice. We can still get their email from the user id if we really need to.
2014-05-13allow for usernames with dotsAzul
preparing for #5664 with some test improvements i ran into this issue This commit includes a fix and the test improvements. In particular it adds BrowserIntegrationTest#login - so there is no need to go through the signup procedure everytime you want a user to be logged in.
2014-05-09Merge pull request #156 from azul/bugfix/5548-hide-signup-forms-without-js0.5.1-rc2azul
hide srp forms when no js is available