summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-10-18use https sources in Gemfiles and also in the documentation (#4109)Azul
2013-10-18Version 0.2.50.2.5Azul
* detect os in browser and show proper download link (#4173) * billing: admin can see past due subscriptions * passwords with umlauts work when logging in after signing up with the * client (#4002) * blacklisting common system email addresses listed in RFC 2142 (#3602) * blacklisting all usernames on the server (#3602) * configurable blocking of logins in the configuration (#3602) * require aliases to be all lower-case * Only allow braintree one-off payments when unauthenticated, & call them 'donations'. (#3796)
2013-10-18Merge pull request #103 from azul/feature/configurable-download-urlsazul
Make download links configurable
2013-10-18Make download links configurableAzul
This way we won't have to redeploy once the new links to the windows and the android version are there. Also this obviously offers more flexibility for providers.
2013-10-18Merge pull request #98 from jessib/feature/billing-past-due-subscriptionsazul
Feature/billing past due subscriptions
2013-10-17Some cleanup of code to deal with past due subscriptions.jessib
2013-10-17Merge pull request #102 from azul/feature/3602-email-blacklistjessib
blacklist system logins for aliases and logins
2013-10-17Merge pull request #101 from azul/bugfix/4002-utf8-encode-srp-passwordjessib
use latest version of srp_js to fix #4002
2013-10-17Merge pull request #100 from azul/feature/os-detectionjessib
remove leftover from testing os specific sections
2013-10-17blacklist system logins for aliases and loginsAzul
We blacklist based on three things: * blacklist in APP_CONFIG[:handle_blacklist] * emails in RFC 2142 * usernames in /etc/passwd The latter two can be allowed by explicitly whitelisting them in APP_CONFIG[:handle_whitelist]. We stick to blocking names that have been configured as both blacklisted and whitelisted - better be save than sorry.
2013-10-17use latest version of srp_js to fix #4002Azul
We were not encoding the srp password properly before. So umlauts in the password would cause the login procedure to fail.
2013-10-16remove leftover from testing os specific sectionsAzul
2013-10-15Add permissions to subscriptions index, and fix test to stub the ↵jessib
subscription's balance.
2013-10-15Merge pull request #99 from azul/feature/os-detectionjessib
detect os in browser and show proper download link
2013-10-15detect os in browser and show proper download linkAzul
We add a class to the html element based on the detected os and use that to pick which download link should be visible. If we detect an os that is not supported we display a deactivated download link instead with all alternatives.
2013-10-10Admins can cancel pastdue subscriptions, but users cannot cancel their own ↵jessib
pastdue subscription, as then admins won't be able to search for them.
2013-10-10Merge branch 'develop' into feature/billing-past-due-subscriptionsjessib
2013-10-10Merge pull request #96 from azul/release/0.2.4jessib
Release/0.2.4
2013-10-10Version 0.2.40.2.4Azul
2013-10-10Merge remote-tracking branch 'leap/develop'Azul
2013-10-09Merge pull request #95 from azul/hotfix/4080-couchrest-model-breaks-bundleazul
Fix couchrest model migrations to work with latest version
2013-10-09Fix couchrest model migrations to work with latest versionAzul
Also we now depend upon couchrest model ~> 2.0.0. The beta2 still has the old naming scheme for CouchRest::Model::Utils::Migrate
2013-10-08Consider pending & past due subscriptions as 'active' in the sense that they ↵jessib
should prevent one from adding a new subscription.
2013-10-08Minor tweaks.jessib
2013-10-07Fix typo in test name.jessib
2013-10-07Updates to billing/README file.jessib
2013-10-03And removing comment..jessib
2013-10-03Some refactoring of displayed of past-due subscriptions.jessib
2013-10-01Allow admins to view past-due subscriptions.jessib
2013-09-27Merge pull request #91 from jessib/feature/rollback_identity_destination_limitsazul
Since local part of email is case sensitive, want to allow remote email ...
2013-09-26Since local part of email is case sensitive, want to allow remote email ↵jessib
addresses with uppercase letters in local part.
2013-09-26Merge pull request #90 from azul/feature/use-token-authjessib
Feature/use token auth
2013-09-25visual feedback when submitting forms (#3164)Azul
This also helps with the failing integration test. We needed a way to tell the ajax request was back. Observing the button state now works for that.
2013-09-24Merge pull request #89 from azul/feature/syslog-logging-againjessib
Feature/syslog logging again
2013-09-24use token auth when accessing the api from webappAzul
One failing integration test still needs to be fixed
2013-09-24Merge pull request #88 from jessib/feature/only_lower_case_aliasesazul
Feature/only lower case aliases
2013-09-24fix syslogger, log_tags are called on requestAzul
log_tags was causing errors that could not be logged or caught. We don't need them yet anyway. config.log_tags accepts a list of methods that respond to request object. This makes it easy to tag log lines with debug information like subdomain and request id — both very helpful in debugging multi-user production applications. http://guides.rubyonrails.org/configuring.html
2013-09-24Merge remote-tracking branch 'origin/master' into feature/syslog-logging-againAzul
2013-09-23This ensures that email addresses contain only lowercase letters, and that ↵jessib
an identity's destination is a valid Email.
2013-09-23Revert "default to syslog in production - #3886"Azul
This reverts commit 073dc636ffa2da07ee7a719c6166a3ca1b593fb3. Conflicts: config/environments/production.rb
2013-09-23Merge branch 'develop' into feature/only_lower_case_aliasesjessib
2013-09-23Merge pull request #87 from azul/feature/srp-without-sessionsjessib
security fix: clear srp data from db asap (#3686)
2013-09-23security fix: clear srp data from db asap (#3686)Azul
This is a quick fix for iSEC issue #13.
2013-09-23hotfix: syslog now uses a different nameAzul
also make sure the gem > 2.0.0 so it actually IS called Syslog::Logger.
2013-09-23hotfix: add syslog logger gem in productionAzul
2013-09-20Merge tag '0.2.3'Azul
2013-09-19Merge branch 'develop' into feature/only_lower_case_aliasesjessib
2013-09-19Merge pull request #84 from azul/test/billing-sessions0.2.3jessib
Test/billing subscriptions
2013-09-19Merge pull request #82 from azul/feature/sessions-expirejessib
Feature/sessions expire
2013-09-19Merge pull request #86 from azul/feature/syslog-default-in-productionjessib
default to syslog in production - #3886