summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-11-12make sure we log json request errors and their backtracesAzul
2013-11-12Merge pull request #111 from jessib/bugfix/4453_missing_templateazul
Maybe not ideal fix, but since there is no edit view, we want to show th...
2013-11-11Maybe not ideal fix, but since there is no edit view, we want to show the ↵jessib
show view with the appropriate error messages.
2013-11-11Merge pull request #109 from azul/feature/clear-all-data-of-deleted-userjessib
Feature/clear data of deleted user
2013-11-10update readme to require ruby 1.9.3 instead of 1.8Azul
2013-11-08removed outdated test.Azul
2013-11-07only check number of disabled identities to make test more robustAzul
2013-11-06use the account lifecycle from UsersController#destroyAzul
2013-11-06destroy all tickets created by a user when account is destroyedAzul
In order to keep the users engine independent of the tickets engine i added a generic load hook to the account model. The tickets engine then monkeypatches the account destruction and destroys all tickets before the user is destroyed. The tickets are destroyed first so that even if things break there should never be tickets with an outdated user id. I would have prefered to use super over using an alias_method_chain but I have not been able to figure out a way to make account a superclass of the account extension and still refer to Account from the users engine.
2013-11-06Ticket.destroy_all_from(user) - remove all tickets created by a userAzul
We'll use this to clean up after user destruction
2013-11-06refactor: split up and cleaned up ticket validation testsAzul
2013-11-06integration test for blocking handles after account destroyedAzul
has not been run yet.
2013-11-06refactor: extract method on account testAzul
also test one can't login anymore after destroying the account.
2013-11-05Identity.destroy_all_disabled will clean up disabled identitiesAzul
This is mostly for cleaning up after tests so far. But we might expand this to destroy all identities disabled before a certain date.
2013-11-05disabled identities to block handles after a user was deletedAzul
2013-11-05refactor: Identity.disable_all_for(user) on user destructionAzul
This way the identity model defines how identities should be disabled. We currently still destroy them. But it will be easy and nicely isolated to change this next.
2013-11-04Merge pull request #108 from azul/feature/proper-user-deletionjessib
notify user their account was successfully deleted (refs #4216)
2013-10-30test helper to expect_logout.Azul
Currently it expects both the session and the token to be cleared. This might change. But we'll always have a definition of what it means to logout we can test this way.
2013-10-30notify user their account was successfully deleted (refs #4216)Azul
Also fixes a cornercase when admins deleted their own account. So far they would be redirected to the users list - which then refused access. Now they'll be redirected to the home landing page as well.
2013-10-28Fix button to enable account: https://leap.se/code/issues/4246jessib
2013-10-28Merge pull request #107 from azul/feature/reenable-submit-buttonjessib
reset button loading... state on error (#4231)
2013-10-28no need to create a user for testing failed login attemptAzul
2013-10-28reset button loading... state on error (#4231)Azul
including test refactored error display some
2013-10-28Merge branch 'feature/4109-https-sources' into developAzul
2013-10-28Merge remote-tracking branch 'origin/master' into developAzul
2013-10-21the class for the html tag is linux32 - not just linuxAzul
2013-10-21Merge pull request #104 from azul/test/api-login-with-umlauts-in-passwordjessib
test login through the API using python with umlauts
2013-10-21adopt css to mac-> osx changeAzul
2013-10-21use osx not mac as an identifier for the os.Azul
2013-10-21remove duplicate source line that was using httpAzul
I don't think we need to list the sources again in common_dependencies.rb
2013-10-21fix download urls for mac, android and windowsAzul
They did not point directly to the download.
2013-10-18include Gemfile.lock to prevent unintended updates (#4174)Azul
We had a broken production server lately because it had upgraded the couchrest model dependency to one that had a different naming scheme for a function we overwrite. So that broke production. Let's prevent that by including the Gemfile.lock in our repositories.
2013-10-18use https sources in Gemfiles and also in the documentation (#4109)Azul
2013-10-18test logging in through the API using python with umlautsAzul
2013-10-18Version 0.2.50.2.5Azul
* detect os in browser and show proper download link (#4173) * billing: admin can see past due subscriptions * passwords with umlauts work when logging in after signing up with the * client (#4002) * blacklisting common system email addresses listed in RFC 2142 (#3602) * blacklisting all usernames on the server (#3602) * configurable blocking of logins in the configuration (#3602) * require aliases to be all lower-case * Only allow braintree one-off payments when unauthenticated, & call them 'donations'. (#3796)
2013-10-18Merge pull request #103 from azul/feature/configurable-download-urlsazul
Make download links configurable
2013-10-18Make download links configurableAzul
This way we won't have to redeploy once the new links to the windows and the android version are there. Also this obviously offers more flexibility for providers.
2013-10-18Merge pull request #98 from jessib/feature/billing-past-due-subscriptionsazul
Feature/billing past due subscriptions
2013-10-17Some cleanup of code to deal with past due subscriptions.jessib
2013-10-17Merge pull request #102 from azul/feature/3602-email-blacklistjessib
blacklist system logins for aliases and logins
2013-10-17Merge pull request #101 from azul/bugfix/4002-utf8-encode-srp-passwordjessib
use latest version of srp_js to fix #4002
2013-10-17Merge pull request #100 from azul/feature/os-detectionjessib
remove leftover from testing os specific sections
2013-10-17blacklist system logins for aliases and loginsAzul
We blacklist based on three things: * blacklist in APP_CONFIG[:handle_blacklist] * emails in RFC 2142 * usernames in /etc/passwd The latter two can be allowed by explicitly whitelisting them in APP_CONFIG[:handle_whitelist]. We stick to blocking names that have been configured as both blacklisted and whitelisted - better be save than sorry.
2013-10-17use latest version of srp_js to fix #4002Azul
We were not encoding the srp password properly before. So umlauts in the password would cause the login procedure to fail.
2013-10-16remove leftover from testing os specific sectionsAzul
2013-10-15Add permissions to subscriptions index, and fix test to stub the ↵jessib
subscription's balance.
2013-10-15Merge pull request #99 from azul/feature/os-detectionjessib
detect os in browser and show proper download link
2013-10-15detect os in browser and show proper download linkAzul
We add a class to the html element based on the detected os and use that to pick which download link should be visible. If we detect an os that is not supported we display a deactivated download link instead with all alternatives.
2013-10-10Admins can cancel pastdue subscriptions, but users cannot cancel their own ↵jessib
pastdue subscription, as then admins won't be able to search for them.
2013-10-10Merge branch 'develop' into feature/billing-past-due-subscriptionsjessib