Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-09-28 | Changed invite code query to look for invite_code string instead of id | ankonym | |
2015-09-28 | Add validation of invite code in user object based on codes in couch db | ankonym | |
2015-09-28 | Add invite code model | ankonym | |
2015-09-28 | Update submodule srp to 9e1a41733 | kaeff | |
2015-09-28 | Move account form info from srp_js into leap_web | kaeff | |
2015-09-28 | Adding invite code field to signup with validation for hardcoded invite code | ankonym | |
2015-08-07 | do not include random cruft in the common name of smtp client certificates | elijah | |
2015-08-04 | Made the default front-page welcome text translatable. | elijah | |
2015-08-03 | make the footer less comically huge when there is only one language configured | elijah | |
2015-07-23 | make the default vanilla leap_web include a masthead on the home page. | elijah | |
2015-07-14 | fix i18n tests | elijah | |
2015-07-14 | fix footer css when the locale links are visible | elijah | |
2015-06-15 | added CommonLanguages gem | elijah | |
2015-04-30 | added support for email notifications of ticket changes | elijah | |
2015-03-17 | Better error message when a database is missing (very useful for nagios tests) | elijah | |
2015-03-17 | add support for rotating tokens and sessions databases, and for a special ↵ | elijah | |
tmp db for test users. | |||
2015-01-28 | client certificates: allow for time units to be specified in ↵ | elijah | |
client_cert_lifespan config option. | |||
2014-12-23 | bugfix: ensure both user and identity documents are destroyed if there is a ↵ | elijah | |
problem creating the account. | |||
2014-12-17 | css - remove @extend .label-default (that class does not exist) | elijah | |
2014-12-15 | bugfix: allow deletion of user's identities via api when user is deleted. ↵ | elijah | |
closes #6550 | |||
2014-11-11 | Merge branch 'test/feature-for-service-endpoint' of ↵ | elijah | |
https://github.com/azul/leap_web into develop | |||
2014-11-11 | Merge branch 'feature/error-tweaks' of https://github.com/azul/leap_web into ↵ | elijah | |
develop | |||
2014-11-10 | added destroy user to api | elijah | |
2014-09-04 | fixed typo on configs_controller.rb | elijah | |
2014-07-31 | features for anonymous use and service endpoint | Azul | |
Also moved the location of the config files into a configuration setting. | |||
2014-07-31 | use ApiController#anonymous_access_allowed? | Azul | |
There are some places where we only want to require login unless you can use EIP anonymously. So far we had an anonymous_certs_allowed? method in all these controllers. Now it's replaced with ApiController#anonymous_access_allowed?. The naming better reflects that there might be other services that allow anonymous use at some point. This also fixed a typo name -> @filename that broke the ConfigsController. | |||
2014-07-31 | respond with 404 and 500 when rendering custom error pages | Azul | |
includes test | |||
2014-07-18 | Allow fetching configs if anonymous EIP access is allowed | Azul | |
2014-07-17 | some cleanup of the messages api and cuke feature | Azul | |
2014-07-17 | clean up error assertions in tests | Azul | |
We're not testing the redirects anymore. But the error messages should be pretty clear already. We can start testing redirects again once we redirect to different places for different actions. | |||
2014-07-14 | fix controller refactor and features | Azul | |
Also save debug log on failing features | |||
2014-07-14 | move fetch_user into module so it can be mixed in | Azul | |
We have an ApiController that wants to call #fetch_user. Since we can only inherit from one class i moved fetch_user into an extension. | |||
2014-07-14 | send config files from ConfigsController | Azul | |
2014-07-14 | ApiController with API style auth | Azul | |
require_login is require_token for the api controller It also skips the verify_authenticity_token before filter. So all Subclasses of the ApiController will only support token auth. Also made the V1::UsersController a bit more strict. Now way for admins to alter other users through the api. We don't support that yet so let's not allow it either. | |||
2014-07-14 | clean up and simplify error responses and test code | Azul | |
2014-07-14 | send static list of configs for now | Azul | |
Also added authentication steps to cucumber | |||
2014-07-14 | use cucumber; initial ConfigsController | Azul | |
2014-07-14 | render valid json error if provider file not found | Azul | |
2014-07-14 | SessionsController#unauthenticated for 401s | Azul | |
Warden will catch all 401 responses at the rack level and call the app for failures. By default that is SessionsController#unauthenticated. I'm sticking with this. If we ever have other rack endpoints they can just send a 401 and the webapp will take care of the message. Other options would have been to tell warden not to take care of 401 either during initialization or by calling custom_failure! in the login_required method. We probably want a response that has a unique identifier for the error to process by the client and a translated message later on. For now i think the 401 suffices to identify the issue at hand. | |||
2014-07-14 | separate login_required from access denied response | Azul | |
They are very different. Let's handle them in different methods. | |||
2014-07-14 | Moved check for allow_registration into filter. | Folker Bernitt | |
2014-07-12 | allow querying for the expiry of a particular fingerprint | Azul | |
2014-07-12 | fix tests and simplify time calculations | Azul | |
2014-07-12 | Identity view cert_fingerprints_by_expiry | Azul | |
Also move complex identity views into js designs. Includes test. Here's how you would query it from outside rails: ``` $ curl 'localhost:5984/identities/_design/Identity/_view/cert_fingerprints_by_expiry?startkey="2014-07-05"' {"total_rows":4,"offset":1,"rows":[ {"id":"6c9091d4f13eaeaa6062c9d0528fd34d","key":"2014-07-05","value":"fingerprint"}, {"id":"6f3aa93828b4f6978d551f2623b9d103","key":"2014-07-05","value":"fingerprint"}, {"id":"b6cafacfa65042679691cd5065fb19e3","key":"2014-07-07","value":"fp"} ]} ``` Note that the expiry will be used as the key. So you should use the current data (or yesterday) as the startkey to get all fingerprints that have not expired yet. The fingerprint itself is in the value. No need to include docs. | |||
2014-07-12 | store expiry with cert fingerprints | Azul | |
We used to store the creation date but this way it's easier to query for non expired certs | |||
2014-07-11 | Added allow_registration toggle. | Folker Bernitt | |
- default is true - See issue #5217 - See companion change in leap_platform. | |||
2014-07-09 | minor: cleanup some links | Azul | |
only submit the params that differ from the defaults | |||
2014-07-09 | Merge pull request #173 from azul/feature/unblock-handles | azul | |
Allow admins to unblock handles | |||
2014-07-09 | list identities based on search only | Azul | |
2014-07-08 | create client certificates with generous not_before (fixes #5884) | elijah | |