| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Identity.new.valid? should not crash. So validate presence where needed and
skip the other validations if the value is absent.
|
|
|
|
errors.each iterates through all errors for all attrbibutes nicely.
|
|
Users now always check if their identity is valid. We need to make
sure this works if the user is a new record and once it has been
persisted.
While the user is a new record the identity will have no user_id.
Old identities that are left to block the login of a user who
canceled their account also have a blank user_id. They still should
render the new identity invalid so the user can't be saved with a
login that has been reserved.
Once the user has been persisted we set the user_id on the identity
and save it too when creating an Account. This allows us to create
a plain user and save it and it will still have an in memory identity
only. But the default is to create the user by means of creating an
account so an identity will be created as well.
|
|
|
|
we set it to nil when we disable it
|
|
|
|
|
|
|
|
We create an identity alongside each user. Make sure the identity
is valid when creating the user. This also ensures that the login
picked is available because otherwise the identities address would
not be available anymore.
|
|
|
|
|
|
Also translates the first arg if it's a symbol and adds more btn- classes if given as html_options[:type]
|
|
|
|
|
|
Just in case some translation keys are not present things should still work and make sense.
So translation keys should be picked in a meaningful way and scoped rather than prefixed.
For example overview.account will turn into "Account" if no translation is present while "overview_account" will turn into "Overview Account". We usually want the former.
|
|
|
|
|
|
|
|
FlashResponder added a flash before responding. However at the point of responding objects have already been saved. So there is no way to test if they were changed.
Now instead we can call
flash_for resource
before
resource.save
and it will add the flash messages only if the resource was actually changed.
|
|
close and open actions for plain opening and closing the tickets
respond_with so fields are not cleared on invalid update
the custom actions are not strictly restful. But adding a subresource felt like too much overhead and is conceptually hard to grasp (so we destroy the openess of the ticket to close it?).
|
|
|
|
|
|
|
|
This controller does too much - so the tests are also getting large and hard to keep track of
|
|
This will print missing translation keys at the end of the tests
|
|
hash token with sha512 against timing attacs #3398
|
|
Feature/cert fingerprints
|
|
|
|
|
|
We create them. let's reflect that in the verb.
|
|
better detection if price link should be shown in the footer
|
|
Feature/3295 custom error pages
|
|
|
|
Only storing the date as that should suffice for normal expiry and is less useful for identifying users by timestamps
|
|
|
|
|
|
|
|
Email.new(nil) now returns an invalid email rather than crashing.
|
|
|
|
stelfox.net/blog/2014/04/calculating-rsa-key-fingerprints-in-ruby/
|
|
|
|
|
|
|
|
|
|
|
|
Changes since 0.5.0
* Message API
* Payment reminder messages
* Messages to Warn after expiring trial period
* cleanup and refactoring of messages code
* require token authentication for API
* rename security related functions to be clear
* nagios test for webapp login
* nagios test for soledad sync
* prevent crash when destroying tokens (#5382)
* redirect home when logged in visits /signup (#5446)
* large refactoring of engine and directory layout
* move users engine into main
* move certs engine into main
* update documentation for new engine layout
* move remaining engines into engines directory
* rename help engine to support
* refactor nagios tests with support classes
* nagios test for registering new users
* enable nagios tests to work with older versions of requests lib
* API endpoint for requesting the current service_level
* null pattern refactoring for current_user as UnauthenticatedUser
* rename UnauthenticatedUser to AnonymousUser
* change service level configuration strategy
* bringing back empty cert prefixes
* adopt service_level config to platform settings
* add signup and login info on the forms
* cleanup homepage
* unify wording for destroying accounts
* recover from invalid tickets (#5552)
* remove cert link in development
* display notice that client signup is prefered (#5549)
* capitalize Loading... indicator (#5542)
* use simple_form for all forms
* ensure buttons are properly loading and reset
* open close toggle in ticket header
* translate signup and login buttons
* basic password validation (#5557)
* reduce client_side_validations dependency (to be removed)
* simplify download button
* remove OS specific download buttons
* adopt pricing view to current service_level format
* upgrade debugger to work with latest ruby 1.9.3 patch release
* hide srp forms when js is disabled (#5548)
* allow for usernames with dots
* fix ticket form submission and validation (#5657)
* stop email autofil for ticket forms (#5664)
* User#email returns email addresses only if service provided
* move User Control Panel heading out of masthead (#5658)
* open/close toggle and fields in different forms (#5659)
* upgrade rails to 3.2.18 for security fixes
|
|
Conflicts:
app/assets/javascripts/srp
test/nagios/soledad_sync.py
test/nagios/webapp_login.py
|
|
make download button wide enough for helvetica #5039
|
