leap_web.git - [leap

Age	Commit message (Collapse)	Author
2016-05-03	use APP_CONFIG[config_file_paths] for provider.json	Azul
	This avoids overwriting the PROVIDER_JSON constant in the StaticConfigController and thus fixes test warnings. Also moved away from using instance variables in the ControllerExtension::JsonFile - instead querying the corresponding functions now - less sideeffects and easier stubbing.
2016-05-03	fix failing unit and functional tests	Azul

2016-05-02	upgrade: {File,Dir}.exists? -> exist?	Azul
	exists? is deprecated in ruby 2.1
2016-03-30	api: return proper 404 for GET /1/identities/:id.json	elijah

2016-03-28	api: added get(:show) to identities and users, allow monitors to ↵	elijah
	create/delete test & tmp users.
2016-03-28	api: added allow ability to limit what IPs can access api using a static ↵	elijah
	configured auth token.
2016-03-28	api tokens - clarify terms: "monitors" are admins that authenticated via api ↵	elijah
	token, "tmp" users are users that exist only in tmp db, "test" users are either tmp users or users named "test_user_x"
2016-03-28	api tokens: allow for special api tokens that work like session tokens but ↵	elijah
	are configured in the static config, to be used for infrastructure monitoring.
2015-04-30	added support for email notifications of ticket changes	elijah

2014-07-17	some cleanup of the messages api and cuke feature	Azul

2014-07-14	fix controller refactor and features	Azul
	Also save debug log on failing features
2014-07-14	move fetch_user into module so it can be mixed in	Azul
	We have an ApiController that wants to call #fetch_user. Since we can only inherit from one class i moved fetch_user into an extension.
2014-07-14	send config files from ConfigsController	Azul

2014-07-14	clean up and simplify error responses and test code	Azul

2014-07-14	separate login_required from access denied response	Azul
	They are very different. Let's handle them in different methods.
2014-05-29	html5: <br> instead of <br/>	Azul

2014-05-26	flash_for with_errors option displays error messages	Azul

2014-05-26	Controller#flash_for instead of FlashResponder	Azul
	FlashResponder added a flash before responding. However at the point of responding objects have already been saved. So there is no way to test if they were changed. Now instead we can call flash_for resource before resource.save and it will add the flash messages only if the resource was actually changed.
2014-05-26	hash token with sha512 against timing attacs #3398	Azul

2014-04-18	change service level configuration strategy	Azul
	The changes to the configuration required some non minor changes to the platform and also added some flexibility we don't require yet - and thus some new possibilities for errors. So instead we still use the allow_..._certs and ..._cert_prefix options. They basically provide the framework in which service levels can operate. The service level configuration will not include the cert prefix anymore. It only states if the service level is rate limited or not. This avoids conflicts between the two configuration options. I also removed the anonymous service level entirely. It was also turning a boolean decision (do we provide anonymous eip or not) into something way more complex. Instead I added the AnonymousServiceLevel class to handle the corner cases for people who are not logged in. Furthermore i renamed the UnauthenticatedUser to AnonymousUser so it matches the Anonymous Service Level nicely. It's also shorter and more intuitive.
2014-04-17	UnauthenticatedUser as current_user	Azul
	this still allows us to do current_user.service_level. Have not gone through the rest of the code yet. Only made sure logged_in? now tests for is_a? User instead of !!current_user
2014-04-08	moving users: app and test files	Azul