| Age | Commit message (Collapse) | Author |
|---|
|
feat: allow unauthenticated access to list of configs
Closes #8800
See merge request leap/webapp!45
|
|
fixes #8801
Includes a test reproducing 500 on lynx
We now make use of ActionController::Parameters require and permit
methods.
|
|
This simplifies returning the user while still working
on it a lot. Much cleaner than all these return user statements.
There's a lot more to refactor here. For example delegating methods
to user etc. ... but for now this should suffice. Don't want to
break this in a bugfix release.
|
|
fixes #8807
|
|
They used to be sorted by the code which was not helpful
fixes #8806
requires deploy of new design docs to the platform
|
|
Production instances are getting cluttered with invites from
test accounts. Instead of marking them as used we will now completely
remove them.
refers to #8804
refers to #8807\
|
|
On a failed login the warden failure app gets called.
Some of the params are changed accordingly but controller
and action remain.
set_locale would detect there was no locale in the path
and thus attempt to redirect. However the params still
belong to the previous request which was a POST to
Api::SessionsController.
This route does not respond to get requests and so it
would trigger a 404 in production and a 500 in development.
This commit prevents set_locale to act upon warden failure
app controller calls by adding /new to the list of
`NON_LOCALE_PATHS`. (The path is updated by warden to the
name of the action called in the failure app).
A test is included in this commit that tries to login
with an invalid username, password combination and a german
locale set.
fixes #8805
|
|
This should simplify client code significantly according to
platform#8849
|
|
|
|
fixes #8794
Reported the underlying issue here:
https://github.com/rails/sass-rails/issues/406
Basically `@import` works like this:
* look for the file relative to the current file
* look for the file as an absolute path following the priorities in the
* asset load_paths
If the file can be imported as a relative path that will take
precedence.
So in order to pick up the head and tails inside customization rather
than in app/assets there are three possibilities:
1) use an absolute path. This is not as easy as it seems. There is no
way of indicating a path is meant to be absolute so we would have to
ensure it does not resolve to a relative path.
2) have a application.scss file inside the customization folder. Since
this is the main file it will be used instead of the app/assets one. In
there relative paths will now also default to the customization folder
rather than app/assets. Once we are in an app/assets file though it will
not go back to picking up customization with relative paths
3) use //= require instead of import. rails-sass advices against this as
each required file would be compiled on it's own and variables could not
be shared.
Going with option 1 here:
```scss
// application.scss:
@import "custom/head_import";
```
```scss
// custom/head_import.scss:
@import "head";
```
As long as there is no custom/head.scss in app/assets it will import
head as an absolute path and thus prefer config/custom over app/assets.
This seems like the best option for now as it does not require changes
to the deployments.
|
|
We now use the hash of the token for comparison and as the id.
In order to use it you need the original token though. So forms and
thus the session should have token.to_s rather than token.id.
|
|
|
|
|
|
only use the <pre> tag if the response was a text message i.e. during dev errors.
Use the alert-danger class of bootstrap 3 rather than alert-error.
|
|
|
|
span10 now is .col-??-10.
ul.unstyled now is ul.list-unstyled
also leave out unnecessary li if billing is disabled.
|
|
* reran the simple form initializer.
* wrapped submit buttons are now broken and need a fix.
* disabled confirmation validation in client side validations as the
error message always is attached to the wrong field.
|
|
|
|
Sometimes the dev environment will send back a plain text response.
This causes the json parser to raise an exception and used to cause
the browser not to display any error message.
Now we dumpt the whole server response - which happes to also include the
backtrace. A lot more useful than doing nothing.
In production this should never happen as 500s get handled by the
ExceptionApplication / our ErrorsController there.
|
|
subrepo:
subdir: "app/assets/javascripts/srp"
merged: "9e1a417"
upstream:
origin: "https://leap.se/git/srp_js"
branch: "master"
commit: "9e1a417"
git-subrepo:
version: "0.3.1"
origin: "https://github.com/ingydotnet/git-subrepo"
commit: "a7ee886"
|
|
fix: keep ticket submit button clickable
See merge request !27
|
|
It was marked as submitted even when client side validations interfered.
fixes github issue #227
|
|
our special error handler for json requests would turn all exceptions
into 500s - removed it. now the rescue_responses can do their thing
again.
|
|
|
|
|
|
make the rescue in account creation less broad
See merge request !15
|
|
Related with https://github.com/pixelated/pixelated-user-agent/issues/924
With @aarni
|
|
Related with https://github.com/pixelated/pixelated-user-agent/issues/924
With @aarni
|
|
It was catching errors that should have led to 500s
|
|
If a login was invalid as a username but also for the identity we used to have duplicate error messages. Let's avoid that.
Also added a test to make sure invite_code errors are properly displayed no matter what other fields are set or missing. Pixelated will rely on this to test invite codes
|
|
We'll only use the master branch for development from now on.
|
|
|
|
|
|
method included to set number of tweets which should be displayed
|
|
The content.html.haml was modified to pick the layout based on wether tweets
are enabled or not. We need to display the provider message in both cases.
|
|
|
|
|
|
|
|
RTs and @ are displayed
|
|
error response messages; added 'config/customization/images' + link in 'config/initializer/customization.rb'
|
|
|
|
|
|
twitter feature is set enabled == true
|
|
in header; fixed erb escaping characters problem without letting evil code pass; setting customized image file 'Avatar_Pic.png' in config/custo../assets to get loaded instead of default twitter-logo
|
|
We used to replace all of home/content - so we missed the twitter feed
on the providers.
Instead one should now customize home/provider_message only.
|
|
added info that the account has to be public in Twitter-Doc
|
|
for fourth value in array. there will always be an empty array that view (text and each - method) does not break. if empty array in view the error-message is shown. (its WIP)
|
|
Change in code for caching
|
|
|
|
Deleting not necessary files from offical PR
|
