| Age | Commit message (Collapse) | Author |
|---|
|
ci: logs and debug files as artifacts
See merge request !38
|
|
|
|
fix: set token in forms correctly
Closes #8784
See merge request !37
|
|
We now use the hash of the token for comparison and as the id.
In order to use it you need the original token though. So forms and
thus the session should have token.to_s rather than token.id.
|
|
This release features a great contribution from the Rails Girls Summer of Code:
The landing page of the webapp can now include a twitter feed to display
news from the provider.
Other than that this is a maintainance and transition release.
* Twitter feed on main page (thanks theaamanda and lilaluca).
* upgrade to rails 4.2
* upgrade to bootstrap 3
Upgrading:
* We now use rails 4's `secret_key_base`. Please make sure to supply it
in config/config.yml for production environments. If you are using the
leap platform that will already take care of it.
Deprecations:
* We have not seen any active use of the **billing** functionality.
So we deprecate it and will probably drop it in one of the next releases.
* We will replace the user facing **help desk** functionality with a single
sign on mechanism to integrate with other help desk systems.
We will maintain the endpoint to submit tickets and the ticket management
in the admin interface. That way it should also be easy to create your own
ticket submission form.
* We deprecate the ability to **signup and login** directly through the webapp.
We will remove it in the future for security reasons. Signup and Login should
only happen through bitmask to prevent password phishing and js injections.
|
|
|
|
fix: icons that were using the bootstrap 2 syntax
Closes #27
See merge request !35
|
|
|
|
feature: delete user clearing username
Closes #26
See merge request !34
|
|
|
|
Fix error display
See merge request !33
|
|
only use the <pre> tag if the response was a text message i.e. during dev errors.
Use the alert-danger class of bootstrap 3 rather than alert-error.
|
|
|
|
fix: bootstrap 3 style of menus
Closes #24
See merge request !32
|
|
span10 now is .col-??-10.
ul.unstyled now is ul.list-unstyled
also leave out unnecessary li if billing is disabled.
|
|
Fix/bootstrap 3
See merge request !31
|
|
* reran the simple form initializer.
* wrapped submit buttons are now broken and need a fix.
* disabled confirmation validation in client side validations as the
error message always is attached to the wrong field.
|
|
|
|
The Active::Model modules of client side validations only get included
in CouchRest::Model::Base if the gems are loaded in the right order:
* activemodel is required first so the modules to extend are present
* client_side_validations is required next so its modules get included
* couchrest_model is required last so it includes the enhanced modules.
\
|
|
fix: display error js responses in dev environment
See merge request !30
github issue #231
|
|
Sometimes the dev environment will send back a plain text response.
This causes the json parser to raise an exception and used to cause
the browser not to display any error message.
Now we dumpt the whole server response - which happes to also include the
backtrace. A lot more useful than doing nothing.
In production this should never happen as 500s get handled by the
ExceptionApplication / our ErrorsController there.
|
|
cleanup: no more submodules
See merge request !29
|
|
|
|
Install/subrepos
See merge request !28
Fixes github issue #238
|
|
subrepo:
subdir: "app/assets/javascripts/srp"
merged: "9e1a417"
upstream:
origin: "https://leap.se/git/srp_js"
branch: "master"
commit: "9e1a417"
git-subrepo:
version: "0.3.1"
origin: "https://github.com/ingydotnet/git-subrepo"
commit: "a7ee886"
|
|
|
|
fix: keep ticket submit button clickable
See merge request !27
|
|
It was marked as submitted even when client side validations interfered.
fixes github issue #227
|
|
bugfix: handle couch 404s
See merge request !26
|
|
our special error handler for json requests would turn all exceptions
into 500s - removed it. now the rescue_responses can do their thing
again.
|
|
upgrade: use rails4s 'secret_key_base'
Closes #23
See merge request !24
|
|
test: also test ruby 2.3
Closes #21
See merge request !25
|
|
This will get us encrypted cookies but also requires changes to the platform.
fixes #23
|
|
|
|
bugfixing for generating token script
|
|
upgrade: bundle
Closes #13
See merge request !23
|
|
update all the dependencies.
minitest now wants assert_nil instead of assert_equal nil, ...
braintree now uses update_attributes rather than save.
|
|
upgrade: rails4.2 deprecated deliver -> deliver now
Closes #16
See merge request !22
|
|
fixes #16
|
|
test: admin user api always green
Closes #17
See merge request !21
|
|
Used to fail because the record already existed in the database
fixes #17
|
|
fix: 404 on key request with non html content-type
Closes #8
See merge request !20
|
|
|
|
fix: 404 for missing pages template - fixes #9
Closes #9
See merge request !19
|
|
|
|
test: 404 response for missing key
See merge request !18
|
|
enable testing error responses on the full rack stack.
|
|
bugfix: format: html for home roots
See merge request !17
|
|
That's the only thing the controller handles meaningful.
Before the route would also catch anything that started with a . interpreting
it as a format string. This lead to lots of false positives in our security
scanner.
|
|
make the rescue in account creation less broad
See merge request !15
|
