leap_web.git - [leap

Age	Commit message (Collapse)	Author
2013-11-08	fix cornercase of non expiring tokens	Azul

2013-11-08	Token.destroy_all_expired to cleanup expired tokens (#4411)	Azul

2013-11-07	only check number of disabled identities to make test more robust	Azul

2013-11-06	use the account lifecycle from UsersController#destroy	Azul

2013-11-06	destroy all tickets created by a user when account is destroyed	Azul
	In order to keep the users engine independent of the tickets engine i added a generic load hook to the account model. The tickets engine then monkeypatches the account destruction and destroys all tickets before the user is destroyed. The tickets are destroyed first so that even if things break there should never be tickets with an outdated user id. I would have prefered to use super over using an alias_method_chain but I have not been able to figure out a way to make account a superclass of the account extension and still refer to Account from the users engine.
2013-11-06	Ticket.destroy_all_from(user) - remove all tickets created by a user	Azul
	We'll use this to clean up after user destruction
2013-11-06	refactor: split up and cleaned up ticket validation tests	Azul

2013-11-06	integration test for blocking handles after account destroyed	Azul
	has not been run yet.
2013-11-06	refactor: extract method on account test	Azul
	also test one can't login anymore after destroying the account.
2013-11-05	Identity.destroy_all_disabled will clean up disabled identities	Azul
	This is mostly for cleaning up after tests so far. But we might expand this to destroy all identities disabled before a certain date.
2013-11-05	disabled identities to block handles after a user was deleted	Azul

2013-11-05	refactor: Identity.disable_all_for(user) on user destruction	Azul
	This way the identity model defines how identities should be disabled. We currently still destroy them. But it will be easy and nicely isolated to change this next.
2013-11-04	Merge pull request #108 from azul/feature/proper-user-deletion	jessib
	notify user their account was successfully deleted (refs #4216)
2013-11-04	Version 0.2.60.2.6	Azul
	* reset button state from 'loading...' after failed login attempt (#4231) * use https sources in Gemfiles and documentation(#4109) * include Gemfile.lock to prevent unintended updates (#4174) * fixed download urls to get latest versions for mac, android and windows * test api login with umlauts in password
2013-10-30	test helper to expect_logout.	Azul
	Currently it expects both the session and the token to be cleared. This might change. But we'll always have a definition of what it means to logout we can test this way.
2013-10-30	notify user their account was successfully deleted (refs #4216)	Azul
	Also fixes a cornercase when admins deleted their own account. So far they would be redirected to the users list - which then refused access. Now they'll be redirected to the home landing page as well.
2013-10-28	Fix button to enable account: https://leap.se/code/issues/4246	jessib

2013-10-28	Merge pull request #107 from azul/feature/reenable-submit-button	jessib
	reset button loading... state on error (#4231)
2013-10-28	no need to create a user for testing failed login attempt	Azul

2013-10-28	reset button loading... state on error (#4231)	Azul
	including test refactored error display some
2013-10-28	Merge branch 'feature/4109-https-sources' into develop	Azul

2013-10-28	Merge remote-tracking branch 'origin/master' into develop	Azul

2013-10-21	the class for the html tag is linux32 - not just linux	Azul

2013-10-21	Merge pull request #104 from azul/test/api-login-with-umlauts-in-password	jessib
	test login through the API using python with umlauts
2013-10-21	adopt css to mac-> osx change	Azul

2013-10-21	use osx not mac as an identifier for the os.	Azul

2013-10-21	remove duplicate source line that was using http	Azul
	I don't think we need to list the sources again in common_dependencies.rb
2013-10-21	fix download urls for mac, android and windows	Azul
	They did not point directly to the download.
2013-10-18	include Gemfile.lock to prevent unintended updates (#4174)	Azul
	We had a broken production server lately because it had upgraded the couchrest model dependency to one that had a different naming scheme for a function we overwrite. So that broke production. Let's prevent that by including the Gemfile.lock in our repositories.
2013-10-18	use https sources in Gemfiles and also in the documentation (#4109)	Azul

2013-10-18	test logging in through the API using python with umlauts	Azul

2013-10-18	Version 0.2.50.2.5	Azul
	* detect os in browser and show proper download link (#4173) * billing: admin can see past due subscriptions * passwords with umlauts work when logging in after signing up with the * client (#4002) * blacklisting common system email addresses listed in RFC 2142 (#3602) * blacklisting all usernames on the server (#3602) * configurable blocking of logins in the configuration (#3602) * require aliases to be all lower-case * Only allow braintree one-off payments when unauthenticated, & call them 'donations'. (#3796)
2013-10-18	Merge pull request #103 from azul/feature/configurable-download-urls	azul
	Make download links configurable
2013-10-18	Make download links configurable	Azul
	This way we won't have to redeploy once the new links to the windows and the android version are there. Also this obviously offers more flexibility for providers.
2013-10-18	Merge pull request #98 from jessib/feature/billing-past-due-subscriptions	azul
	Feature/billing past due subscriptions
2013-10-17	Some cleanup of code to deal with past due subscriptions.	jessib

2013-10-17	Merge pull request #102 from azul/feature/3602-email-blacklist	jessib
	blacklist system logins for aliases and logins
2013-10-17	Merge pull request #101 from azul/bugfix/4002-utf8-encode-srp-password	jessib
	use latest version of srp_js to fix #4002
2013-10-17	Merge pull request #100 from azul/feature/os-detection	jessib
	remove leftover from testing os specific sections
2013-10-17	blacklist system logins for aliases and logins	Azul
	We blacklist based on three things: * blacklist in APP_CONFIG[:handle_blacklist] * emails in RFC 2142 * usernames in /etc/passwd The latter two can be allowed by explicitly whitelisting them in APP_CONFIG[:handle_whitelist]. We stick to blocking names that have been configured as both blacklisted and whitelisted - better be save than sorry.
2013-10-17	use latest version of srp_js to fix #4002	Azul
	We were not encoding the srp password properly before. So umlauts in the password would cause the login procedure to fail.
2013-10-16	remove leftover from testing os specific sections	Azul

2013-10-15	Add permissions to subscriptions index, and fix test to stub the ↵	jessib
	subscription's balance.
2013-10-15	Merge pull request #99 from azul/feature/os-detection	jessib
	detect os in browser and show proper download link
2013-10-15	detect os in browser and show proper download link	Azul
	We add a class to the html element based on the detected os and use that to pick which download link should be visible. If we detect an os that is not supported we display a deactivated download link instead with all alternatives.
2013-10-10	Admins can cancel pastdue subscriptions, but users cannot cancel their own ↵	jessib
	pastdue subscription, as then admins won't be able to search for them.
2013-10-10	Merge branch 'develop' into feature/billing-past-due-subscriptions	jessib

2013-10-10	Merge pull request #96 from azul/release/0.2.4	jessib
	Release/0.2.4
2013-10-10	Version 0.2.40.2.4	Azul

2013-10-10	Merge remote-tracking branch 'leap/develop'	Azul