Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-03-30 | api: return proper 404 for GET /1/identities/:id.json | elijah | |
2016-03-28 | api: added get(:show) to identities and users, allow monitors to ↵ | elijah | |
create/delete test & tmp users. | |||
2016-03-28 | api: added allow ability to limit what IPs can access api using a static ↵ | elijah | |
configured auth token. | |||
2016-03-28 | api tokens - clarify terms: "monitors" are admins that authenticated via api ↵ | elijah | |
token, "tmp" users are users that exist only in tmp db, "test" users are either tmp users or users named "test_user_x" | |||
2016-03-28 | api tokens: allow for special api tokens that work like session tokens but ↵ | elijah | |
are configured in the static config, to be used for infrastructure monitoring. | |||
2016-02-10 | allow user accounts to be re-enabled, and for associated identities to also ↵ | elijah | |
get re-enabled. | |||
2016-01-31 | remove cert fingerprints for disabled users, so that they cannot send email ↵ | elijah | |
anymore. closes #7690 | |||
2016-01-16 | retain locale in URL when logging in and signing up, and ajax actions in ↵ | elijah | |
general. | |||
2016-01-14 | added UI for invite codes | elijah | |
2015-09-20 | adding ability to disable/enable users by admin | Evelyn | |
2015-08-07 | do not include random cruft in the common name of smtp client certificates | elijah | |
2015-07-14 | fix i18n tests | elijah | |
2015-06-15 | added CommonLanguages gem | elijah | |
2015-04-30 | added support for email notifications of ticket changes | elijah | |
2015-03-17 | Better error message when a database is missing (very useful for nagios tests) | elijah | |
2014-12-15 | bugfix: allow deletion of user's identities via api when user is deleted. ↵ | elijah | |
closes #6550 | |||
2014-11-11 | Merge branch 'test/feature-for-service-endpoint' of ↵ | elijah | |
https://github.com/azul/leap_web into develop | |||
2014-11-11 | Merge branch 'feature/error-tweaks' of https://github.com/azul/leap_web into ↵ | elijah | |
develop | |||
2014-11-10 | added destroy user to api | elijah | |
2014-09-04 | fixed typo on configs_controller.rb | elijah | |
2014-07-31 | features for anonymous use and service endpoint | Azul | |
Also moved the location of the config files into a configuration setting. | |||
2014-07-31 | use ApiController#anonymous_access_allowed? | Azul | |
There are some places where we only want to require login unless you can use EIP anonymously. So far we had an anonymous_certs_allowed? method in all these controllers. Now it's replaced with ApiController#anonymous_access_allowed?. The naming better reflects that there might be other services that allow anonymous use at some point. This also fixed a typo name -> @filename that broke the ConfigsController. | |||
2014-07-31 | respond with 404 and 500 when rendering custom error pages | Azul | |
includes test | |||
2014-07-18 | Allow fetching configs if anonymous EIP access is allowed | Azul | |
2014-07-17 | some cleanup of the messages api and cuke feature | Azul | |
2014-07-17 | clean up error assertions in tests | Azul | |
We're not testing the redirects anymore. But the error messages should be pretty clear already. We can start testing redirects again once we redirect to different places for different actions. | |||
2014-07-14 | fix controller refactor and features | Azul | |
Also save debug log on failing features | |||
2014-07-14 | move fetch_user into module so it can be mixed in | Azul | |
We have an ApiController that wants to call #fetch_user. Since we can only inherit from one class i moved fetch_user into an extension. | |||
2014-07-14 | send config files from ConfigsController | Azul | |
2014-07-14 | ApiController with API style auth | Azul | |
require_login is require_token for the api controller It also skips the verify_authenticity_token before filter. So all Subclasses of the ApiController will only support token auth. Also made the V1::UsersController a bit more strict. Now way for admins to alter other users through the api. We don't support that yet so let's not allow it either. | |||
2014-07-14 | clean up and simplify error responses and test code | Azul | |
2014-07-14 | send static list of configs for now | Azul | |
Also added authentication steps to cucumber | |||
2014-07-14 | use cucumber; initial ConfigsController | Azul | |
2014-07-14 | render valid json error if provider file not found | Azul | |
2014-07-14 | SessionsController#unauthenticated for 401s | Azul | |
Warden will catch all 401 responses at the rack level and call the app for failures. By default that is SessionsController#unauthenticated. I'm sticking with this. If we ever have other rack endpoints they can just send a 401 and the webapp will take care of the message. Other options would have been to tell warden not to take care of 401 either during initialization or by calling custom_failure! in the login_required method. We probably want a response that has a unique identifier for the error to process by the client and a translated message later on. For now i think the 401 suffices to identify the issue at hand. | |||
2014-07-14 | separate login_required from access denied response | Azul | |
They are very different. Let's handle them in different methods. | |||
2014-07-14 | Moved check for allow_registration into filter. | Folker Bernitt | |
2014-07-11 | Added allow_registration toggle. | Folker Bernitt | |
- default is true - See issue #5217 - See companion change in leap_platform. | |||
2014-07-09 | list identities based on search only | Azul | |
2014-07-05 | Enable unblocking handles in identities tab | Azul | |
There's an identities tab now for admins that will allow unblocking blocked handles. It should be easy to expand for aliases and forwards and other types of actions such as editing. | |||
2014-05-29 | html5: <br> instead of <br/> | Azul | |
2014-05-26 | flash_for with_errors option displays error messages | Azul | |
2014-05-26 | remove unused bold helper and instead sanitize flash | Azul | |
2014-05-26 | Controller#flash_for instead of FlashResponder | Azul | |
FlashResponder added a flash before responding. However at the point of responding objects have already been saved. So there is no way to test if they were changed. Now instead we can call flash_for resource before resource.save and it will add the flash messages only if the resource was actually changed. | |||
2014-05-26 | Merge pull request #163 from azul/feature/3398-save-hashed-token | azul | |
hash token with sha512 against timing attacs #3398 | |||
2014-05-26 | Merge pull request #165 from azul/feature/cert-fingerprints | azul | |
Feature/cert fingerprints | |||
2014-05-26 | hash token with sha512 against timing attacs #3398 | Azul | |
2014-05-26 | change from GET to POST for certs | Azul | |
We create them. let's reflect that in the verb. | |||
2014-05-19 | store fingerprints with timestamp | Azul | |
Only storing the date as that should suffice for normal expiry and is less useful for identifying users by timestamps | |||
2014-05-19 | minor: fix tests | Azul | |