summaryrefslogtreecommitdiff
path: root/app
AgeCommit message (Collapse)Author
2015-10-01Identing first lineEvyW
2015-09-28with out identingEvyW
2015-09-28changes style sheets EvyW
removed the three last lines
2015-09-22index changesEvyW
2015-09-22commit user hamlEvyW
2015-09-22Update leap.scssEvyW
2015-09-20adding ability to disable/enable users by adminEvelyn
2015-08-07do not include random cruft in the common name of smtp client certificateselijah
2015-08-04Made the default front-page welcome text translatable.elijah
2015-08-03make the footer less comically huge when there is only one language configuredelijah
2015-07-23make the default vanilla leap_web include a masthead on the home page.elijah
2015-07-14fix i18n testselijah
2015-07-14fix footer css when the locale links are visibleelijah
2015-06-15added CommonLanguages gemelijah
2015-04-30added support for email notifications of ticket changeselijah
2015-03-17Better error message when a database is missing (very useful for nagios tests)elijah
2015-03-17add support for rotating tokens and sessions databases, and for a special ↵elijah
tmp db for test users.
2015-01-28client certificates: allow for time units to be specified in ↵elijah
client_cert_lifespan config option.
2014-12-23bugfix: ensure both user and identity documents are destroyed if there is a ↵elijah
problem creating the account.
2014-12-17css - remove @extend .label-default (that class does not exist)elijah
2014-12-15bugfix: allow deletion of user's identities via api when user is deleted. ↵elijah
closes #6550
2014-11-11Merge branch 'test/feature-for-service-endpoint' of ↵elijah
https://github.com/azul/leap_web into develop
2014-11-11Merge branch 'feature/error-tweaks' of https://github.com/azul/leap_web into ↵elijah
develop
2014-11-10added destroy user to apielijah
2014-09-04fixed typo on configs_controller.rbelijah
2014-07-31features for anonymous use and service endpointAzul
Also moved the location of the config files into a configuration setting.
2014-07-31use ApiController#anonymous_access_allowed?Azul
There are some places where we only want to require login unless you can use EIP anonymously. So far we had an anonymous_certs_allowed? method in all these controllers. Now it's replaced with ApiController#anonymous_access_allowed?. The naming better reflects that there might be other services that allow anonymous use at some point. This also fixed a typo name -> @filename that broke the ConfigsController.
2014-07-31respond with 404 and 500 when rendering custom error pagesAzul
includes test
2014-07-18Allow fetching configs if anonymous EIP access is allowedAzul
2014-07-17some cleanup of the messages api and cuke featureAzul
2014-07-17clean up error assertions in testsAzul
We're not testing the redirects anymore. But the error messages should be pretty clear already. We can start testing redirects again once we redirect to different places for different actions.
2014-07-14fix controller refactor and featuresAzul
Also save debug log on failing features
2014-07-14move fetch_user into module so it can be mixed inAzul
We have an ApiController that wants to call #fetch_user. Since we can only inherit from one class i moved fetch_user into an extension.
2014-07-14send config files from ConfigsControllerAzul
2014-07-14ApiController with API style authAzul
require_login is require_token for the api controller It also skips the verify_authenticity_token before filter. So all Subclasses of the ApiController will only support token auth. Also made the V1::UsersController a bit more strict. Now way for admins to alter other users through the api. We don't support that yet so let's not allow it either.
2014-07-14clean up and simplify error responses and test codeAzul
2014-07-14send static list of configs for nowAzul
Also added authentication steps to cucumber
2014-07-14use cucumber; initial ConfigsControllerAzul
2014-07-14render valid json error if provider file not foundAzul
2014-07-14SessionsController#unauthenticated for 401sAzul
Warden will catch all 401 responses at the rack level and call the app for failures. By default that is SessionsController#unauthenticated. I'm sticking with this. If we ever have other rack endpoints they can just send a 401 and the webapp will take care of the message. Other options would have been to tell warden not to take care of 401 either during initialization or by calling custom_failure! in the login_required method. We probably want a response that has a unique identifier for the error to process by the client and a translated message later on. For now i think the 401 suffices to identify the issue at hand.
2014-07-14separate login_required from access denied responseAzul
They are very different. Let's handle them in different methods.
2014-07-14Moved check for allow_registration into filter.Folker Bernitt
2014-07-12allow querying for the expiry of a particular fingerprintAzul
2014-07-12fix tests and simplify time calculationsAzul
2014-07-12Identity view cert_fingerprints_by_expiryAzul
Also move complex identity views into js designs. Includes test. Here's how you would query it from outside rails: ``` $ curl 'localhost:5984/identities/_design/Identity/_view/cert_fingerprints_by_expiry?startkey="2014-07-05"' {"total_rows":4,"offset":1,"rows":[ {"id":"6c9091d4f13eaeaa6062c9d0528fd34d","key":"2014-07-05","value":"fingerprint"}, {"id":"6f3aa93828b4f6978d551f2623b9d103","key":"2014-07-05","value":"fingerprint"}, {"id":"b6cafacfa65042679691cd5065fb19e3","key":"2014-07-07","value":"fp"} ]} ``` Note that the expiry will be used as the key. So you should use the current data (or yesterday) as the startkey to get all fingerprints that have not expired yet. The fingerprint itself is in the value. No need to include docs.
2014-07-12store expiry with cert fingerprintsAzul
We used to store the creation date but this way it's easier to query for non expired certs
2014-07-11Added allow_registration toggle.Folker Bernitt
- default is true - See issue #5217 - See companion change in leap_platform.
2014-07-09minor: cleanup some linksAzul
only submit the params that differ from the defaults
2014-07-09Merge pull request #173 from azul/feature/unblock-handlesazul
Allow admins to unblock handles
2014-07-09list identities based on search onlyAzul