summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-08-27Merge branch 'master' into billing_with_testsjessib
2013-08-27Merge pull request #72 from azul/feature/token-based-authjessib
Feature: Token based auth
2013-08-27refactor: Changing the py test to use less globals and session only locally.Azul
2013-08-27use token to update user passwordAzul
2013-08-27separate different tests for showing non existant userAzul
This way the failed stubbing errors were more telling
2013-08-27token.user will get you the right userAzul
This way we can stub the token to return the user directly. Stubbing User.find_by_param is not a good idea as it will make all calls to User#find_by_param with a different id fail.
2013-08-27do not redirect if no token presentAzul
So far we allow two mechanisms of authentication: * session based * token based If token fails session will be atempted in most cases. So we can't just redirect here or we get a double render error.
2013-08-27make sure find_record still works with real recordsAzul
2013-08-27clear token on logout with testAzul
2013-08-27basic testing for token based auth in testsAzul
2013-08-27first steps towards enabling token based authAzul
2013-08-27sort authentication controller extensionAzul
2013-08-27minor: remove puts lineAzul
2013-08-26add public/img and config/couchdb.yml.* to gitignoreAzul
[ci skip]
2013-08-22Disable billing for pull request.jessib
2013-08-22Some more billing cleanup.jessib
2013-08-22Merge pull request #69 from azul/bugfix/update_user_password_through_apijessib
Test updating user password through api
2013-08-22Merge pull request #70 from azul/bugfix/validate_login_like_signupjessib
use the same login validations on sessions and users
2013-08-21Merge remote-tracking branch 'jessib/js_warning'Azul
2013-08-21return 204 NO CONTENT on API logoutAzul
That's the only meaningful response.
2013-08-21use the same login validations on sessions and usersAzul
The session ones were outdated so valid usernames could not login if they contained a '.' Refactored so both models use the same module for this validation to ensure consistency.
2013-08-21also test updating the user password in python against dev.bmAzul
2013-08-21integration test updating users passwordAzul
2013-08-20Tweak to parameters to fix wrong-number-of-arguments error blocking other work.jessib
2013-08-19Change JS warning message per https://leap.se/code/issues/3492jessib
Key must end in _html so the html doesn't get escaped.
2013-08-15Some notes on tests that don't work. (Failing tests are skipped though.)jessib
2013-08-15Merge pull request #66 from jessib/feature/comment_creation_accessazul
Per ISEC informational issue, manually set the private property only in ...
2013-08-13Option to disable billing engine and hide billing related links. To actual ↵jessib
disable, must remove billing engine from Gemfile (and re-bundle)
2013-08-13Fix this, so the comment will get set to false in cases where the user isn't ↵jessib
an admin.
2013-08-12Remove broken test.jessib
2013-08-12Merge pull request #2 from azul/feature/billing-with-passing-testsjessib
fix billing tests to use user id with customer resources
2013-08-12Per ISEC informational issue, manually set the private property only in ↵jessib
cases where it is an admin who set it.
2013-08-12more integration tests for billingAzul
2013-08-09fix billing tests to use user id with customer resourcesAzul
I think this is very confusing and should be changed to: resource :users do |user| user.resource :customer end
2013-08-08Merge pull request #1 from azul/braintree_conf_from_filejessib
Read Braintree config from file
2013-08-08Merge pull request #64 from azul/feature/identity-rewritejessib
Feature/identity rewrite
2013-08-08Still a bit hacky, but catching some more corner cases as far as setting the ↵jessib
user variable, due to complication that an admin might be accessing data for another user.
2013-08-08read braintree configuration from config/config.ymlAzul
This can be set per environment and also is not tracked in git
2013-08-08Merge branch 'bugfix/3410-close-srp-vulnerablility'Azul
2013-08-08close srp vulnerability and report error in webappAzul
2013-08-07integration test exploiting srp vulnerabilityAzul
2013-08-06Some more tweaks to have billing code work, and allow admins to view but not ↵jessib
edit for other users.
2013-08-06Fix stupid typo.jessib
2013-08-01Start to functionality for admins viewing billing of other users.jessib
2013-08-01Merge branch 'master' into billing_with_testsjessib
Conflicts: app/views/home/index.html.haml
2013-07-31added empty 'home' layout and removed debugger from homecontrollerelijah
2013-07-25Have navigation link to new customer form if user is not already a braintree ↵jessib
customer.
2013-07-24also destroy the identity for a test user during teardownAzul
2013-07-24keeping the pgp_key accessors for User so views still workAzul
2013-07-24separate signup and settings service objects for userAzul
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-10 21:07:30 +0000