Age | Commit message (Collapse) | Author |
|
Plain bugfix release for 0.9:
* prevent token conflicts
* custom: fix stylesheet customization
* fix: set token in forms correctly
|
|
This release features a great contribution from the Rails Girls Summer of Code:
The landing page of the webapp can now include a twitter feed to display
news from the provider.
Other than that this is a maintainance and transition release.
* Twitter feed on main page (thanks theaamanda and lilaluca).
* upgrade to rails 4.2
* upgrade to bootstrap 3
Upgrading:
* We now use rails 4's `secret_key_base`. Please make sure to supply it
in config/config.yml for production environments. If you are using the
leap platform that will already take care of it.
Deprecations:
* We have not seen any active use of the **billing** functionality.
So we deprecate it and will probably drop it in one of the next releases.
* We will replace the user facing **help desk** functionality with a single
sign on mechanism to integrate with other help desk systems.
We will maintain the endpoint to submit tickets and the ticket management
in the admin interface. That way it should also be easy to create your own
ticket submission form.
* We deprecate the ability to **signup and login** directly through the webapp.
We will remove it in the future for security reasons. Signup and Login should
only happen through bitmask to prevent password phishing and js injections.
|
|
update all the dependencies.
minitest now wants assert_nil instead of assert_equal nil, ...
braintree now uses update_attributes rather than save.
|
|
We'll only use the master branch for development from now on.
|
|
|
|
* upgrade to rails 3.2.22.4
* fix ticket url issue
|
|
|
|
|
|
|
|
They led to some install issues. No need to pick a server for dev env.
|
|
Uses the latest couchrest and couchrest_model.
Also fixes issues with ruby 2.1
|
|
environment.rb
boot.rb
application.rb
-> adopted according to http://railsdiff.org/3.2.22.2/4.2.6
Also dropped quite_assets - not sure if this is still needed with
rails 4.2. If it is we can bring it back.
|
|
respond_with is discouraged.
|
|
0.4.0 has not been released yet. But travis needs it to run.
So i vendor it for now. Will remove it again when the build is getting stable.
|
|
The latter supports Active Model >= 4.1
|
|
We can move to rails 4.2 with client_side_validations 4.2,
simple_form 3.2 and bootstrap 3
Now we only need to migrate to these new dependencies. ;)
|
|
Display home even if couch is down.
|
|
11.x will complain a lot about rails 3.2 code. We can upgrade when
we upgrade rails itself.
|
|
It includes a bunch of security fixes
|
|
old bundler)
|
|
force install the lastest one.
|
|
github.
|
|
|
|
https://github.com/Alster-Hamburgers/leap_web into remove_couponcode
# Conflicts:
# lib/tasks/invite_code.rake
|
|
Id is set = invite code to make it easier to delete the invite codes that get created during the leap platform tests (because this avoids having to look up ttheir id each time).
|
|
|
|
|
|
|
|
|
|
|
|
valid user for the tests again
|
|
This used to return the first record! :scream:
This [commit](https://github.com/couchrest/couchrest_model/commit/2c5b76823e94caed4d8cbfbf18cb9e0d58789789) is essential for say User.find_by_login(nil) to NOT return
the first record in the database.
|
|
therubracer 0.10.2 has problems with compiling libv8 on OSX[1]. Updating the dependency resolves the issue.
[1]: https://stackoverflow.com/questions/19630154/gem-install-therubyracer-v-0-10-2-on-osx-mavericks-not-installing
|
|
|
|
|
|
tmp db for test users.
|
|
bootswatch-rails, haml, and json.
|
|
develop
|
|
|
|
We now allow admins to unblock handles of users who deleted their
accounts. The admin interface also received some bugfixes. On the API
side of things we support validation of SMTP certs and added an endpoint
that requires authentication for retrieving the configuration files.
Here's the list of changes:
Pull request #181 from azul/feature/allow_anonymous_config_access
* Allow fetching configs if anonymous EIP access is allowed
Pull request #180 from azul/feature/messages-api
* fix messages feature to match latest response format
* add translation and fix tests
* some cleanup of the messages api and cuke feature
Pull request #176 from azul/feature/api-authenticated-configs
* cuke: drop jsonpath, use simple keys instead
* make sure i18n key can be found (cascade)
* clean up error assertions in tests
* fix controller refactor and features
* move fetch_user into module so it can be mixed in
* send config files from ConfigsController
* ApiController with API style auth
* clean up and simplify error responses and test code
* move unauthenticated api endpoints into separate feature
* send static list of configs for now
* use cucumber; initial ConfigsController
* render valid json error if provider file not found
* SessionsController#unauthenticated for 401s
* separate login_required from access denied response
* rename warden extension to patch the original
Pull request #179 from fbernitt/issue_5217_addendum
* Moved check for allow_registration into filter.
Pull request #175 from azul/feature/view-for-valid-certs
* allow querying for the expiry of a particular fingerprint
* fix tests and simplify time calculations
* Identity view cert_fingerprints_by_expiry
* store expiry with cert fingerprints
Pull request #178 from fbernitt/issue_5217_allow_registration
* Added allow_registration toggle.
Pull request #174 from azul/bugfix/admin-navigates-all-tickets
* adopt ticket list test to new behaviour
* only use user ticket(s) path for real users
* stay on all tickets view when sorting (#5879)
Pull request #173 from azul/feature/unblock-handles
* list identities based on search only
* make link_to_navigation more generic and reuse it
* Enable unblocking handles in identities tab
* backport bootstraps 3.2s list-inline
* move braintree initilializer into core
* remove dummy app
* create client certificates with generous not_before (fixes #5884)
|
|
Also fixed the test for login_required
|
|
|
|
|
|
Hotfix since 0.5.2 release candiate:
* tickets: fix bug that allow index of other users
Pull request #167 from azul/feature/i18n-for-ticket-system:
* fix flash for creating anonymous tickets
* adopt tests to new translations
* destroy_btn helper method
* move users key into layouts scope so it does not conflict with users
scope
* add btn helper for link_to with .btn
* remove icon_color variable - yagni
* sorting translation keys some
* navigation works with empty locale selected
* tickets: structure i18n
* flash_for with_errors option displays error messages
* remove unused bold helper and instead sanitize flash
* Controller#flash_for instead of FlashResponder
* split up and refactor TicketController#update
* separate tests for the ticket list from main controller test
* splitting up long functional test case
* move comment related tests out of TicketControllerTest
* use i18n.missing_translations
Pull request #168 from azul/bugfix/fix-login-validations:
* clearify identity validations
* ensure User#reload returns self
* hand on errors from Email to Identity to User
* catch corner cases of account creation
* adopt tests to new error messages for identities
* allow changing the user_id on an identity
* ensure identity is cleared on user.reload - fixes test
* use Identity for testing login availability
Pull request #163 from azul/feature/3398-save-hashed-token
* hash token with sha512 against timing attacs #3398
Pull request #165 from azul/feature/cert-fingerprints
* change from GET to POST for certs
* store fingerprints with timestamp
* store cert fingerprint with main user identity
* SmtpCertsController, routes and tests
* fix Email so User.new.valid? does not crash
* basic integration test for cert API
* calculate cert fingerprints to store for leap_mx
Pull request #166 from elijh/feature/footer
* better detection if price link should be shown in the footer
Pull request #162 from azul/feature/3295-custom-error-pages
* little bit of documentation
* i18n for error pages
* custom error pages for 404 and 500 errors
|
|
This will print missing translation keys at the end of the tests
|
|
|
|
|
|
|
|
Also renamed help to support so it's harder to confuse it with documentation
|
|
cleaned up all the engine stuff that was never really used.
Afterwards there is not that much left that makes it into the toplevel.
|