summaryrefslogtreecommitdiff
path: root/app
AgeCommit message (Collapse)Author
2014-07-14SessionsController#unauthenticated for 401sAzul
Warden will catch all 401 responses at the rack level and call the app for failures. By default that is SessionsController#unauthenticated. I'm sticking with this. If we ever have other rack endpoints they can just send a 401 and the webapp will take care of the message. Other options would have been to tell warden not to take care of 401 either during initialization or by calling custom_failure! in the login_required method. We probably want a response that has a unique identifier for the error to process by the client and a translated message later on. For now i think the 401 suffices to identify the issue at hand.
2014-07-14separate login_required from access denied responseAzul
They are very different. Let's handle them in different methods.
2014-07-14Moved check for allow_registration into filter.Folker Bernitt
2014-07-12allow querying for the expiry of a particular fingerprintAzul
2014-07-12fix tests and simplify time calculationsAzul
2014-07-12Identity view cert_fingerprints_by_expiryAzul
Also move complex identity views into js designs. Includes test. Here's how you would query it from outside rails: ``` $ curl 'localhost:5984/identities/_design/Identity/_view/cert_fingerprints_by_expiry?startkey="2014-07-05"' {"total_rows":4,"offset":1,"rows":[ {"id":"6c9091d4f13eaeaa6062c9d0528fd34d","key":"2014-07-05","value":"fingerprint"}, {"id":"6f3aa93828b4f6978d551f2623b9d103","key":"2014-07-05","value":"fingerprint"}, {"id":"b6cafacfa65042679691cd5065fb19e3","key":"2014-07-07","value":"fp"} ]} ``` Note that the expiry will be used as the key. So you should use the current data (or yesterday) as the startkey to get all fingerprints that have not expired yet. The fingerprint itself is in the value. No need to include docs.
2014-07-12store expiry with cert fingerprintsAzul
We used to store the creation date but this way it's easier to query for non expired certs
2014-07-11Added allow_registration toggle.Folker Bernitt
- default is true - See issue #5217 - See companion change in leap_platform.
2014-07-09minor: cleanup some linksAzul
only submit the params that differ from the defaults
2014-07-09Merge pull request #173 from azul/feature/unblock-handlesazul
Allow admins to unblock handles
2014-07-09list identities based on search onlyAzul
2014-07-08create client certificates with generous not_before (fixes #5884)elijah
2014-07-05make link_to_navigation more generic and reuse itAzul
Use link_to_navigation for all important navigation items. It creates a link in a list item for use with bootstrap. It supports an :active flag and an :icon option in the html_options now. It also translates the label. This way it can be used in a lot of places as the generic navigation link.
2014-07-05Enable unblocking handles in identities tabAzul
There's an identities tab now for admins that will allow unblocking blocked handles. It should be easy to expand for aliases and forwards and other types of actions such as editing.
2014-07-05backport bootstraps 3.2s list-inlineAzul
list-unstyled comes for free
2014-06-23Account.create - do a User.new instead of User.create, so that we can report ↵elijah
the errors on the object if not saved.
2014-06-17if identity fails to be created, destroy the user. also, pass through ↵elijah
identity errors to user and add identity class hook.
2014-05-30Merge pull request #167 from azul/feature/i18n-for-ticket-system0.5.2-rcazul
Feature/i18n for ticket system
2014-05-29html5: <br> instead of <br/>Azul
2014-05-29clearify identity validationsAzul
Identity.new.valid? should not crash. So validate presence where needed and skip the other validations if the value is absent.
2014-05-29ensure User#reload returns selfAzul
2014-05-29hand on errors from Email to Identity to UserAzul
errors.each iterates through all errors for all attrbibutes nicely.
2014-05-29catch corner cases of account creationAzul
Users now always check if their identity is valid. We need to make sure this works if the user is a new record and once it has been persisted. While the user is a new record the identity will have no user_id. Old identities that are left to block the login of a user who canceled their account also have a blank user_id. They still should render the new identity invalid so the user can't be saved with a login that has been reserved. Once the user has been persisted we set the user_id on the identity and save it too when creating an Account. This allows us to create a plain user and save it and it will still have an in memory identity only. But the default is to create the user by means of creating an account so an identity will be created as well.
2014-05-28allow changing the user_id on an identityAzul
we set it to nil when we disable it
2014-05-28bring back the alias functionality in IdentitiesAzul
2014-05-28ensure identity is cleared on user.reload - fixes testAzul
2014-05-28minor: beautify handle lookup in etc/passwd someAzul
2014-05-28use Identity for testing login availabilityAzul
We create an identity alongside each user. Make sure the identity is valid when creating the user. This also ensures that the login picked is available because otherwise the identities address would not be available anymore.
2014-05-28destroy_btn helper methodAzul
2014-05-27move users key into layouts scope so it does not conflict with users scopeAzul
2014-05-27add btn helper for link_to with .btnAzul
Also translates the first arg if it's a symbol and adds more btn- classes if given as html_options[:type]
2014-05-27remove icon_color variable - yagniAzul
2014-05-26sorting translation keys someAzul
2014-05-26navigation works with empty locale selectedAzul
Just in case some translation keys are not present things should still work and make sense. So translation keys should be picked in a meaningful way and scoped rather than prefixed. For example overview.account will turn into "Account" if no translation is present while "overview_account" will turn into "Overview Account". We usually want the former.
2014-05-26tickets: structure i18nAzul
2014-05-26flash_for with_errors option displays error messagesAzul
2014-05-26remove unused bold helper and instead sanitize flashAzul
2014-05-26Controller#flash_for instead of FlashResponderAzul
FlashResponder added a flash before responding. However at the point of responding objects have already been saved. So there is no way to test if they were changed. Now instead we can call flash_for resource before resource.save and it will add the flash messages only if the resource was actually changed.
2014-05-26FlashResponder will automagically add flash messagesAzul
2014-05-26Merge pull request #163 from azul/feature/3398-save-hashed-tokenazul
hash token with sha512 against timing attacs #3398
2014-05-26Merge pull request #165 from azul/feature/cert-fingerprintsazul
Feature/cert fingerprints
2014-05-26hash token with sha512 against timing attacs #3398Azul
2014-05-26change from GET to POST for certsAzul
We create them. let's reflect that in the verb.
2014-05-22Merge pull request #166 from elijh/feature/footerazul
better detection if price link should be shown in the footer
2014-05-20better detection if price link should be shown in the footerelijah
2014-05-19store fingerprints with timestampAzul
Only storing the date as that should suffice for normal expiry and is less useful for identifying users by timestamps
2014-05-19minor: fix testsAzul
2014-05-19store cert fingerprint with main user identityAzul
2014-05-19SmtpCertsController, routes and testsAzul
2014-05-19fix Email so User.new.valid? does not crashAzul
Email.new(nil) now returns an invalid email rather than crashing.