summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-04-26remove outdated couchrest hackAzul
We had rewritten use_database so it would not crash the entire app if couch was not available at the time of initialization. couchrest now moved on and only sets the database name on use_database. The database will only be queried once it is really needed. So pretty much exactly what we want. Our hack instead caused quite a bit of problems as it would still initialize the database during start. This way the app would remain in an invalid state even when couch came back.
2016-04-11allow monitor auth to create users even if invites are normally required.elijah
2016-04-02disable per-user message tests (since this feature currently disabled)elijah
2016-04-01api: added super simple motd, closes #7866elijah
2016-03-31Merge remote-tracking branch 'github/211' into developAzul
2016-03-30api: return proper 404 for GET /1/identities/:id.jsonelijah
2016-03-30api: added json error pages, allow "." in the :id param of all api routeselijah
2016-03-28api: added get(:show) to identities and users, allow monitors to ↵elijah
create/delete test & tmp users.
2016-03-28api: added allow ability to limit what IPs can access api using a static ↵elijah
configured auth token.
2016-03-28api tokens - clarify terms: "monitors" are admins that authenticated via api ↵elijah
token, "tmp" users are users that exist only in tmp db, "test" users are either tmp users or users named "test_user_x"
2016-03-28api tokens: allow for special api tokens that work like session tokens but ↵elijah
are configured in the static config, to be used for infrastructure monitoring.
2016-03-28Merge branch 'azul-upgrade/rails' into developelijah
2016-03-28upgrade: downgrade rake to 10.xAzul
11.x will complain a lot about rails 3.2 code. We can upgrade when we upgrade rails itself.
2016-03-28upgrade: use latest rails 3.2 versionAzul
It includes a bunch of security fixes
2016-03-23Merge remote-tracking branch 'github/209' into developAzul
2016-03-20upgrade: downgrade rake to 10.xAzul
11.x will complain a lot about rails 3.2 code. We can upgrade when we upgrade rails itself.
2016-03-19Handle conflict on token cleanup - fixes #7670Azul
the only race condition I can think of here is this... somebody tries to authenticate with a token that is almost expired. auth checks and notices it is not expired yet so starts to prolonge it. Before the polonged token is written to the db the cleanup script discovers that it has just expired. prolonged token is written to the db cleanup script fails to delete it from the db as it has been updated. So what we want in this case is to keep the token alive as it was renewed in the last minute.
2016-03-19upgrade: use latest rails 3.2 versionAzul
It includes a bunch of security fixes
2016-02-15updated changes fileelijah
2016-02-10added travis build status to readmeelijah
2016-02-10allow user accounts to be re-enabled, and for associated identities to also ↵elijah
get re-enabled.
2016-02-02use RUBY_VERSION instead of :platform for Gemfile (since jessie has a really ↵elijah
old bundler)
2016-02-01disable failing cucumber test (leap_web is doing the right thing, the test ↵elijah
is just weird).
2016-02-01internet says that bundler on travis might be what is causing test fail, so ↵elijah
force install the lastest one.
2016-01-31remove cert fingerprints for disabled users, so that they cannot send email ↵elijah
anymore. closes #7690
2016-01-31vendor certificate_authority, because travis does not like pulling it from ↵elijah
github.
2016-01-31travis ci does not support :platform => :ruby_22, so remove for now.elijah
2016-01-31enable byebug for testselijah
2016-01-16change the default of config.assets.debug for development env.elijah
2016-01-16fix ticket display bugelijah
2016-01-16retain locale in URL when logging in and signing up, and ajax actions in ↵elijah
general.
2016-01-14added UI for invite codeselijah
2016-01-10added caution tape img.elijah
2016-01-10highlight admin areas with caution tape (wip)elijah
2016-01-10fix user listelijah
2016-01-10minor update to docselijah
2016-01-10Merge branch 'remove_couponcode' into developelijah
2016-01-10Merge branch 'remove_couponcode' of ↵elijah
https://github.com/Alster-Hamburgers/leap_web into remove_couponcode # Conflicts: # lib/tasks/invite_code.rake
2015-11-05set rbenv pin to 2.1.5elijah
2015-10-19Merge pull request #204 from pixelated/fix_payment_checkazul
[bug] Only show donation if payment present
2015-10-19[bug] Only show donation if payment presentFolker Bernitt
2015-10-19Merge pull request #198 from claucece/developazul
Braintree_implementation
2015-10-19Merge pull request #196 from EvyW/developazul
Admin - Ability to enable/disable user
2015-10-14Reverting submodule updateclaucece
2015-10-13Merge pull request #201 from Alster-Hamburgers/multi-inviteazul
Allow multi-use invite codes
2015-10-13Cleaned up last traces of the Great Git Messankonym
Removed the parts related to multi-use invite codes (those are in a separate pull request) - I hope this is all correct now! Sorry for the confusion.
2015-10-13Remove Coupon Code gem and make invite code = idankonym
Id is set = invite code to make it easier to delete the invite codes that get created during the leap platform tests (because this avoids having to look up ttheir id each time).
2015-10-13Replace Coupon Code gem for invite code creationankonym
Replacing the Coupon Code gem with base64/securerandom as suggested by Elijah.
2015-10-13Remove Coupon Code gem and make invite code = idankonym
Id is set = invite code to make it easier to delete the invite codes that get created during the leap platform tests (because this avoids having to look up ttheir id each time).
2015-10-13Remove Coupon Code gem from Gemfileankonym