Age | Commit message (Collapse) | Author |
|
require_login is require_token for the api controller
It also skips the verify_authenticity_token before filter.
So all Subclasses of the ApiController will only support token auth.
Also made the V1::UsersController a bit more strict. Now way for admins to alter other users through the api. We don't support that yet so let's not allow it either.
|
|
we compare the cert that expires last to the one we just saved. So we need to make sure the one we saved is the one that expires last.
|
|
|
|
|
|
Also added authentication steps to cucumber
|
|
|
|
|
|
Warden will catch all 401 responses at the rack level and call the app for failures. By default that is SessionsController#unauthenticated.
I'm sticking with this. If we ever have other rack endpoints they can just send a 401 and the webapp will take care of the message.
Other options would have been to tell warden not to take care of 401 either during initialization or by calling custom_failure! in the login_required method.
We probably want a response that has a unique identifier for the error to process by the client and a translated message later on. For now i think the 401 suffices to identify the issue at hand.
|
|
They are very different. Let's handle them in different methods.
|
|
the Warden::SessionSerializer was not getting loaded at all because we had a file by the same name. We want it to get loaded and be patched instead.
|
|
Moved check for allow_registration into filter.
|
|
|
|
Feature/view for valid certs
|
|
|
|
It removed most of the reduce functions... really not what we wanted
|
|
|
|
Also move complex identity views into js designs.
Includes test.
Here's how you would query it from outside rails:
```
$ curl
'localhost:5984/identities/_design/Identity/_view/cert_fingerprints_by_expiry?startkey="2014-07-05"'
{"total_rows":4,"offset":1,"rows":[
{"id":"6c9091d4f13eaeaa6062c9d0528fd34d","key":"2014-07-05","value":"fingerprint"},
{"id":"6f3aa93828b4f6978d551f2623b9d103","key":"2014-07-05","value":"fingerprint"},
{"id":"b6cafacfa65042679691cd5065fb19e3","key":"2014-07-07","value":"fp"}
]}
```
Note that the expiry will be used as the key. So you should use the
current data (or yesterday) as the startkey to get all fingerprints that
have not expired yet.
The fingerprint itself is in the value. No need to include docs.
|
|
We used to store the creation date but this way it's easier to query for non expired certs
|
|
Added allow_registration toggle.
|
|
- default is true
- See issue #5217
- See companion change in leap_platform.
|
|
Admin navigates all tickets - fixes #5879
|
|
We completely ingnore the user_id param for non admins now. So if someone tries to show somebody elses tickets they will see their own instead.
|
|
|
|
only submit the params that differ from the defaults
|
|
When an admin sorted the tickets view in a different order it would take them to their own tickets list before
|
|
This was causing problems with zeus
|
|
Allow admins to unblock handles
|
|
|
|
|
|
Use link_to_navigation for all important navigation items. It creates a link in a list item for use with bootstrap. It supports an :active flag and an :icon option in the html_options now. It also translates the label. This way it can be used in a lot of places as the generic navigation link.
|
|
There's an identities tab now for admins that will allow unblocking blocked handles. It should be easy to expand for aliases and forwards and other types of actions such as editing.
|
|
list-unstyled comes for free
|
|
it needs APP_CONFIG to be loaded and was failing due to that.
Also this sets up some configuration options. They might only be needed if the billing engine is used but they should not be nested in there never the less.
|
|
We're not supporting including leap_web as a gem right now.
|
|
|
|
|
|
This release enables using custom gems in the leap platform
customization. It also fixes cornercases during the account creation and
documents debugging in production.
* android app now supports signup, so change text that said otherwise.
* added debugging note to DEVELOP.md
* Account.create - do a User.new instead of User.create, so that we can
report the errors on the object if not saved.
Pull request #172 from elijh/feature/customgem
* Gemfile: fix problem when config is missing environments
* support for optional gems in Gemfile (engines/ and
* config/customization/gems/)
Pull request #171 from elijh/feature/identityfail
* if identity fails to be created, destroy the user. also, pass through
identity errors to user and add identity class hook.
|
|
|
|
|
|
the errors on the object if not saved.
|
|
Add support for custom gems via a dynamic Gemfile
|
|
if identity fails to be created, destroy the user.
|
|
|
|
identity errors to user and add identity class hook.
|
|
|
|
|
|
Hotfix since 0.5.2 release candiate:
* tickets: fix bug that allow index of other users
Pull request #167 from azul/feature/i18n-for-ticket-system:
* fix flash for creating anonymous tickets
* adopt tests to new translations
* destroy_btn helper method
* move users key into layouts scope so it does not conflict with users
scope
* add btn helper for link_to with .btn
* remove icon_color variable - yagni
* sorting translation keys some
* navigation works with empty locale selected
* tickets: structure i18n
* flash_for with_errors option displays error messages
* remove unused bold helper and instead sanitize flash
* Controller#flash_for instead of FlashResponder
* split up and refactor TicketController#update
* separate tests for the ticket list from main controller test
* splitting up long functional test case
* move comment related tests out of TicketControllerTest
* use i18n.missing_translations
Pull request #168 from azul/bugfix/fix-login-validations:
* clearify identity validations
* ensure User#reload returns self
* hand on errors from Email to Identity to User
* catch corner cases of account creation
* adopt tests to new error messages for identities
* allow changing the user_id on an identity
* ensure identity is cleared on user.reload - fixes test
* use Identity for testing login availability
Pull request #163 from azul/feature/3398-save-hashed-token
* hash token with sha512 against timing attacs #3398
Pull request #165 from azul/feature/cert-fingerprints
* change from GET to POST for certs
* store fingerprints with timestamp
* store cert fingerprint with main user identity
* SmtpCertsController, routes and tests
* fix Email so User.new.valid? does not crash
* basic integration test for cert API
* calculate cert fingerprints to store for leap_mx
Pull request #166 from elijh/feature/footer
* better detection if price link should be shown in the footer
Pull request #162 from azul/feature/3295-custom-error-pages
* little bit of documentation
* i18n for error pages
* custom error pages for 404 and 500 errors
|
|
|
|
Feature/i18n for ticket system
|
|
Fix login validations
|