summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-11-11Merge branch 'test/feature-for-service-endpoint' of ↵elijah
https://github.com/azul/leap_web into develop
2014-11-11Merge branch 'feature/error-tweaks' of https://github.com/azul/leap_web into ↵elijah
develop
2014-11-10added destroy user to apielijah
2014-10-20updated i18n:bundle task so that transifex can pull in strings automatically ↵elijah
from a stable url.
2014-10-09added a rake task i18n:bundle in order to support uploading strings to transifexelijah
2014-09-04fixed typo on configs_controller.rbelijah
2014-07-31update debugger to work with latest rubyAzul
2014-07-31features for anonymous use and service endpointAzul
Also moved the location of the config files into a configuration setting.
2014-07-31use ApiController#anonymous_access_allowed?Azul
There are some places where we only want to require login unless you can use EIP anonymously. So far we had an anonymous_certs_allowed? method in all these controllers. Now it's replaced with ApiController#anonymous_access_allowed?. The naming better reflects that there might be other services that allow anonymous use at some point. This also fixed a typo name -> @filename that broke the ConfigsController.
2014-07-31update debugger to work with latest rubyAzul
2014-07-31respond with 404 and 500 when rendering custom error pagesAzul
includes test
2014-07-31filter out 404 error tracesAzul
They add very little value and clutter the production logs when bots scan.
2014-07-29changed the development mode admin user from 'admin' to 'staff', since admin ↵elijah
is a reserved username that can't be registered.
2014-07-21Version 0.6.00.6.0Azul
We now allow admins to unblock handles of users who deleted their accounts. The admin interface also received some bugfixes. On the API side of things we support validation of SMTP certs and added an endpoint that requires authentication for retrieving the configuration files. Here's the list of changes: Pull request #181 from azul/feature/allow_anonymous_config_access * Allow fetching configs if anonymous EIP access is allowed Pull request #180 from azul/feature/messages-api * fix messages feature to match latest response format * add translation and fix tests * some cleanup of the messages api and cuke feature Pull request #176 from azul/feature/api-authenticated-configs * cuke: drop jsonpath, use simple keys instead * make sure i18n key can be found (cascade) * clean up error assertions in tests * fix controller refactor and features * move fetch_user into module so it can be mixed in * send config files from ConfigsController * ApiController with API style auth * clean up and simplify error responses and test code * move unauthenticated api endpoints into separate feature * send static list of configs for now * use cucumber; initial ConfigsController * render valid json error if provider file not found * SessionsController#unauthenticated for 401s * separate login_required from access denied response * rename warden extension to patch the original Pull request #179 from fbernitt/issue_5217_addendum * Moved check for allow_registration into filter. Pull request #175 from azul/feature/view-for-valid-certs * allow querying for the expiry of a particular fingerprint * fix tests and simplify time calculations * Identity view cert_fingerprints_by_expiry * store expiry with cert fingerprints Pull request #178 from fbernitt/issue_5217_allow_registration * Added allow_registration toggle. Pull request #174 from azul/bugfix/admin-navigates-all-tickets * adopt ticket list test to new behaviour * only use user ticket(s) path for real users * stay on all tickets view when sorting (#5879) Pull request #173 from azul/feature/unblock-handles * list identities based on search only * make link_to_navigation more generic and reuse it * Enable unblocking handles in identities tab * backport bootstraps 3.2s list-inline * move braintree initilializer into core * remove dummy app * create client certificates with generous not_before (fixes #5884)
2014-07-21Merge pull request #181 from azul/feature/allow_anonymous_config_accessazul
Allow fetching configs if anonymous EIP access is allowed
2014-07-18Allow fetching configs if anonymous EIP access is allowedAzul
2014-07-18Merge pull request #180 from azul/feature/messages-apiazul
Feature/messages api
2014-07-17fix messages feature to match latest response formatAzul
2014-07-17add translation and fix testsAzul
2014-07-17some cleanup of the messages api and cuke featureAzul
2014-07-17Merge pull request #176 from azul/feature/api-authenticated-configsazul
API: Authenticated access to config settings
2014-07-17cuke: drop jsonpath, use simple keys insteadAzul
Also fixed the test for login_required
2014-07-17make sure i18n key can be found (cascade)Azul
Also reformated long haml lines some. You can add a linebreak after a comma.
2014-07-17clean up error assertions in testsAzul
We're not testing the redirects anymore. But the error messages should be pretty clear already. We can start testing redirects again once we redirect to different places for different actions.
2014-07-16minor: add missing i18n translation for overviewAzul
2014-07-15rename warden extension to patch the originalAzul
the Warden::SessionSerializer was not getting loaded at all because we had a file by the same name. We want it to get loaded and be patched instead.
2014-07-14fix controller refactor and featuresAzul
Also save debug log on failing features
2014-07-14minor: remove @s added by search and replaceAzul
meant to move id -> @id, also turned identity in the test titles into @identity.
2014-07-14move fetch_user into module so it can be mixed inAzul
We have an ApiController that wants to call #fetch_user. Since we can only inherit from one class i moved fetch_user into an extension.
2014-07-14send config files from ConfigsControllerAzul
2014-07-14ApiController with API style authAzul
require_login is require_token for the api controller It also skips the verify_authenticity_token before filter. So all Subclasses of the ApiController will only support token auth. Also made the V1::UsersController a bit more strict. Now way for admins to alter other users through the api. We don't support that yet so let's not allow it either.
2014-07-14minor: fix identity test for storing certsAzul
we compare the cert that expires last to the one we just saved. So we need to make sure the one we saved is the one that expires last.
2014-07-14clean up and simplify error responses and test codeAzul
2014-07-14move unauthenticated api endpoints into separate featureAzul
2014-07-14send static list of configs for nowAzul
Also added authentication steps to cucumber
2014-07-14use cucumber; initial ConfigsControllerAzul
2014-07-14render valid json error if provider file not foundAzul
2014-07-14SessionsController#unauthenticated for 401sAzul
Warden will catch all 401 responses at the rack level and call the app for failures. By default that is SessionsController#unauthenticated. I'm sticking with this. If we ever have other rack endpoints they can just send a 401 and the webapp will take care of the message. Other options would have been to tell warden not to take care of 401 either during initialization or by calling custom_failure! in the login_required method. We probably want a response that has a unique identifier for the error to process by the client and a translated message later on. For now i think the 401 suffices to identify the issue at hand.
2014-07-14separate login_required from access denied responseAzul
They are very different. Let's handle them in different methods.
2014-07-14rename warden extension to patch the originalAzul
the Warden::SessionSerializer was not getting loaded at all because we had a file by the same name. We want it to get loaded and be patched instead.
2014-07-14Merge pull request #179 from fbernitt/issue_5217_addendumazul
Moved check for allow_registration into filter.
2014-07-14Moved check for allow_registration into filter.Folker Bernitt
2014-07-14Merge pull request #175 from azul/feature/view-for-valid-certsazul
Feature/view for valid certs
2014-07-12allow querying for the expiry of a particular fingerprintAzul
2014-07-12minor: fix typo in load_viewsAzul
It removed most of the reduce functions... really not what we wanted
2014-07-12fix tests and simplify time calculationsAzul
2014-07-12Identity view cert_fingerprints_by_expiryAzul
Also move complex identity views into js designs. Includes test. Here's how you would query it from outside rails: ``` $ curl 'localhost:5984/identities/_design/Identity/_view/cert_fingerprints_by_expiry?startkey="2014-07-05"' {"total_rows":4,"offset":1,"rows":[ {"id":"6c9091d4f13eaeaa6062c9d0528fd34d","key":"2014-07-05","value":"fingerprint"}, {"id":"6f3aa93828b4f6978d551f2623b9d103","key":"2014-07-05","value":"fingerprint"}, {"id":"b6cafacfa65042679691cd5065fb19e3","key":"2014-07-07","value":"fp"} ]} ``` Note that the expiry will be used as the key. So you should use the current data (or yesterday) as the startkey to get all fingerprints that have not expired yet. The fingerprint itself is in the value. No need to include docs.
2014-07-12store expiry with cert fingerprintsAzul
We used to store the creation date but this way it's easier to query for non expired certs
2014-07-11Merge pull request #178 from fbernitt/issue_5217_allow_registrationazul
Added allow_registration toggle.
2014-07-11Added allow_registration toggle.Folker Bernitt
- default is true - See issue #5217 - See companion change in leap_platform.