summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-04-15fix bug that prevented couchrest_session_store from being used.0.7.0version/0.7elijah
2015-04-15only include uglifier gem in production mode (to compile assets)elijah
2015-03-31fix travis: use couchdb.admin.yml and pin travis ruby version to one that is ↵elijah
installed on travis-ci.org
2015-03-17remove bundle group assets, since we don't precompile anywayelijah
2015-03-17Better error message when a database is missing (very useful for nagios tests)elijah
2015-03-17add support for rotating tokens and sessions databases, and for a special ↵elijah
tmp db for test users.
2015-02-27added a .ruby-version file for rbenv that matches what is actually used on ↵elijah
the leap webapp nodes currently.
2015-01-28do not require a database when running `rake assets:precompile`elijah
2015-01-28tests: add_teardown_hook no longer exists in minitest. replaced with teardown().elijah
2015-01-28client certificates: allow for time units to be specified in ↵elijah
client_cert_lifespan config option.
2014-12-23bugfix: ensure both user and identity documents are destroyed if there is a ↵elijah
problem creating the account.
2014-12-19attempt to fix travis configurationelijah
2014-12-19updated README to include rake couchrest:migrateelijah
2014-12-19gemfile: move things around, but same gems. added debug group to travis ↵elijah
doesn't try to install debugger.
2014-12-19gemfile: rails to 3.2.21, haml-rails to 0.4, disable coffee-rails, ↵elijah
bootswatch-rails, haml, and json.
2014-12-17css - remove @extend .label-default (that class does not exist)elijah
2014-12-15bugfix: allow deletion of user's identities via api when user is deleted. ↵elijah
closes #6550
2014-12-10silently ignore 404 errors when trying to delete all user tickets: the ↵elijah
tickets db might not yet be initialized.
2014-11-11Merge branch 'test/feature-for-service-endpoint' of ↵elijah
https://github.com/azul/leap_web into develop
2014-11-11Merge branch 'feature/error-tweaks' of https://github.com/azul/leap_web into ↵elijah
develop
2014-11-10added destroy user to apielijah
2014-10-20updated i18n:bundle task so that transifex can pull in strings automatically ↵elijah
from a stable url.
2014-10-09added a rake task i18n:bundle in order to support uploading strings to transifexelijah
2014-09-04fixed typo on configs_controller.rbelijah
2014-07-31update debugger to work with latest rubyAzul
2014-07-31features for anonymous use and service endpointAzul
Also moved the location of the config files into a configuration setting.
2014-07-31use ApiController#anonymous_access_allowed?Azul
There are some places where we only want to require login unless you can use EIP anonymously. So far we had an anonymous_certs_allowed? method in all these controllers. Now it's replaced with ApiController#anonymous_access_allowed?. The naming better reflects that there might be other services that allow anonymous use at some point. This also fixed a typo name -> @filename that broke the ConfigsController.
2014-07-31update debugger to work with latest rubyAzul
2014-07-31respond with 404 and 500 when rendering custom error pagesAzul
includes test
2014-07-31filter out 404 error tracesAzul
They add very little value and clutter the production logs when bots scan.
2014-07-29changed the development mode admin user from 'admin' to 'staff', since admin ↵elijah
is a reserved username that can't be registered.
2014-07-21Version 0.6.00.6.0Azul
We now allow admins to unblock handles of users who deleted their accounts. The admin interface also received some bugfixes. On the API side of things we support validation of SMTP certs and added an endpoint that requires authentication for retrieving the configuration files. Here's the list of changes: Pull request #181 from azul/feature/allow_anonymous_config_access * Allow fetching configs if anonymous EIP access is allowed Pull request #180 from azul/feature/messages-api * fix messages feature to match latest response format * add translation and fix tests * some cleanup of the messages api and cuke feature Pull request #176 from azul/feature/api-authenticated-configs * cuke: drop jsonpath, use simple keys instead * make sure i18n key can be found (cascade) * clean up error assertions in tests * fix controller refactor and features * move fetch_user into module so it can be mixed in * send config files from ConfigsController * ApiController with API style auth * clean up and simplify error responses and test code * move unauthenticated api endpoints into separate feature * send static list of configs for now * use cucumber; initial ConfigsController * render valid json error if provider file not found * SessionsController#unauthenticated for 401s * separate login_required from access denied response * rename warden extension to patch the original Pull request #179 from fbernitt/issue_5217_addendum * Moved check for allow_registration into filter. Pull request #175 from azul/feature/view-for-valid-certs * allow querying for the expiry of a particular fingerprint * fix tests and simplify time calculations * Identity view cert_fingerprints_by_expiry * store expiry with cert fingerprints Pull request #178 from fbernitt/issue_5217_allow_registration * Added allow_registration toggle. Pull request #174 from azul/bugfix/admin-navigates-all-tickets * adopt ticket list test to new behaviour * only use user ticket(s) path for real users * stay on all tickets view when sorting (#5879) Pull request #173 from azul/feature/unblock-handles * list identities based on search only * make link_to_navigation more generic and reuse it * Enable unblocking handles in identities tab * backport bootstraps 3.2s list-inline * move braintree initilializer into core * remove dummy app * create client certificates with generous not_before (fixes #5884)
2014-07-21Merge pull request #181 from azul/feature/allow_anonymous_config_accessazul
Allow fetching configs if anonymous EIP access is allowed
2014-07-18Allow fetching configs if anonymous EIP access is allowedAzul
2014-07-18Merge pull request #180 from azul/feature/messages-apiazul
Feature/messages api
2014-07-17fix messages feature to match latest response formatAzul
2014-07-17add translation and fix testsAzul
2014-07-17some cleanup of the messages api and cuke featureAzul
2014-07-17Merge pull request #176 from azul/feature/api-authenticated-configsazul
API: Authenticated access to config settings
2014-07-17cuke: drop jsonpath, use simple keys insteadAzul
Also fixed the test for login_required
2014-07-17make sure i18n key can be found (cascade)Azul
Also reformated long haml lines some. You can add a linebreak after a comma.
2014-07-17clean up error assertions in testsAzul
We're not testing the redirects anymore. But the error messages should be pretty clear already. We can start testing redirects again once we redirect to different places for different actions.
2014-07-16minor: add missing i18n translation for overviewAzul
2014-07-15rename warden extension to patch the originalAzul
the Warden::SessionSerializer was not getting loaded at all because we had a file by the same name. We want it to get loaded and be patched instead.
2014-07-14fix controller refactor and featuresAzul
Also save debug log on failing features
2014-07-14minor: remove @s added by search and replaceAzul
meant to move id -> @id, also turned identity in the test titles into @identity.
2014-07-14move fetch_user into module so it can be mixed inAzul
We have an ApiController that wants to call #fetch_user. Since we can only inherit from one class i moved fetch_user into an extension.
2014-07-14send config files from ConfigsControllerAzul
2014-07-14ApiController with API style authAzul
require_login is require_token for the api controller It also skips the verify_authenticity_token before filter. So all Subclasses of the ApiController will only support token auth. Also made the V1::UsersController a bit more strict. Now way for admins to alter other users through the api. We don't support that yet so let's not allow it either.
2014-07-14minor: fix identity test for storing certsAzul
we compare the cert that expires last to the one we just saved. So we need to make sure the one we saved is the one that expires last.