leap_web.git - [leap

Age	Commit message (Collapse)	Author
2017-10-24	fix: sanity checks on user params	Azul
	fixes #8801 Includes a test reproducing 500 on lynx We now make use of ActionController::Parameters require and permit methods.
2017-04-20	fix: set token in forms correctly	Azul
	We now use the hash of the token for comparison and as the id. In order to use it you need the original token though. So forms and thus the session should have token.to_s rather than token.id.
2016-08-19	respond_to on a per controller basis	Azul
	If you inherit respond to and call it again in your controller it will not overwrite the previous but add to it. Since we always have some exceptions from the rules it's probably easiest to be explicit in the controllers that require it themselves.
2016-07-14	[feature] restrict is_admin in the user api, to only allow querying	NavaL
	for him/herself So that it we do not expose the is_admin property to anyone else including other admins.
2016-05-23	rename destroy_identity to release_handles	Azul
	This expresses the intent rather than the implementation. Also replace temp with query refactoring.
2016-05-18	features for API version 2 - keep old ones	Azul
	Now we test both api versions. We want this for backwards compatibility.
2016-05-18	api: allow version bumping - bump to 2	Azul