Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-10-02 | Allow multi-use invite codes | ankonym | |
Introduce a invite_max_uses property to invite codes to allow admins to set a maximum number of uses for invite codes. | |||
2015-09-28 | Add localization labels to signup form and user.en.yml | ankonym | |
Added the necessary labels to allow the localization of the signup form and the labels to users.en.yml for localization | |||
2015-09-28 | Make invite code configurable | ankonym | |
Through the config param 'invite_required', providers can decide whether users need to provide an invite code upon signup. The default setting is false. | |||
2015-09-28 | Cleaned up code in invite_code_validator.rb | ankonym | |
2015-09-28 | Fixed the signup bug that wrongly consumes the invite code. | Aya Jaff | |
2015-09-28 | Fixes for the invite code validator | ankonym | |
Validation should only happen for new records User invite code was nil for invalid invite codes Adding missing tests | |||
2015-09-28 | Make sure codes can only be used once, fix validations | ankonym | |
We introduced a count on invite codes to make sure that (at the moment) codes can only be used once. (The code will also allow multi-use codes in the future.) Also, some of our validations weren't validating against the correct data, which is now fixed. | |||
2015-09-28 | assign random invite code when creating new invite codes | ankonym | |
2015-09-28 | Changed invite code query to look for invite_code string instead of id | ankonym | |
2015-09-28 | Add validation of invite code in user object based on codes in couch db | ankonym | |
2015-09-28 | Add invite code model | ankonym | |
2015-09-28 | Update submodule srp to 9e1a41733 | kaeff | |
2015-09-28 | Move account form info from srp_js into leap_web | kaeff | |
2015-09-28 | Adding invite code field to signup with validation for hardcoded invite code | ankonym | |
2015-08-07 | do not include random cruft in the common name of smtp client certificates | elijah | |
2015-08-04 | Made the default front-page welcome text translatable. | elijah | |
2015-08-03 | make the footer less comically huge when there is only one language configured | elijah | |
2015-07-23 | make the default vanilla leap_web include a masthead on the home page. | elijah | |
2015-07-14 | fix i18n tests | elijah | |
2015-07-14 | fix footer css when the locale links are visible | elijah | |
2015-06-15 | added CommonLanguages gem | elijah | |
2015-04-30 | added support for email notifications of ticket changes | elijah | |
2015-03-17 | Better error message when a database is missing (very useful for nagios tests) | elijah | |
2015-03-17 | add support for rotating tokens and sessions databases, and for a special ↵ | elijah | |
tmp db for test users. | |||
2015-01-28 | client certificates: allow for time units to be specified in ↵ | elijah | |
client_cert_lifespan config option. | |||
2014-12-23 | bugfix: ensure both user and identity documents are destroyed if there is a ↵ | elijah | |
problem creating the account. | |||
2014-12-17 | css - remove @extend .label-default (that class does not exist) | elijah | |
2014-12-15 | bugfix: allow deletion of user's identities via api when user is deleted. ↵ | elijah | |
closes #6550 | |||
2014-11-11 | Merge branch 'test/feature-for-service-endpoint' of ↵ | elijah | |
https://github.com/azul/leap_web into develop | |||
2014-11-11 | Merge branch 'feature/error-tweaks' of https://github.com/azul/leap_web into ↵ | elijah | |
develop | |||
2014-11-10 | added destroy user to api | elijah | |
2014-09-04 | fixed typo on configs_controller.rb | elijah | |
2014-07-31 | features for anonymous use and service endpoint | Azul | |
Also moved the location of the config files into a configuration setting. | |||
2014-07-31 | use ApiController#anonymous_access_allowed? | Azul | |
There are some places where we only want to require login unless you can use EIP anonymously. So far we had an anonymous_certs_allowed? method in all these controllers. Now it's replaced with ApiController#anonymous_access_allowed?. The naming better reflects that there might be other services that allow anonymous use at some point. This also fixed a typo name -> @filename that broke the ConfigsController. | |||
2014-07-31 | respond with 404 and 500 when rendering custom error pages | Azul | |
includes test | |||
2014-07-18 | Allow fetching configs if anonymous EIP access is allowed | Azul | |
2014-07-17 | some cleanup of the messages api and cuke feature | Azul | |
2014-07-17 | clean up error assertions in tests | Azul | |
We're not testing the redirects anymore. But the error messages should be pretty clear already. We can start testing redirects again once we redirect to different places for different actions. | |||
2014-07-14 | fix controller refactor and features | Azul | |
Also save debug log on failing features | |||
2014-07-14 | move fetch_user into module so it can be mixed in | Azul | |
We have an ApiController that wants to call #fetch_user. Since we can only inherit from one class i moved fetch_user into an extension. | |||
2014-07-14 | send config files from ConfigsController | Azul | |
2014-07-14 | ApiController with API style auth | Azul | |
require_login is require_token for the api controller It also skips the verify_authenticity_token before filter. So all Subclasses of the ApiController will only support token auth. Also made the V1::UsersController a bit more strict. Now way for admins to alter other users through the api. We don't support that yet so let's not allow it either. | |||
2014-07-14 | clean up and simplify error responses and test code | Azul | |
2014-07-14 | send static list of configs for now | Azul | |
Also added authentication steps to cucumber | |||
2014-07-14 | use cucumber; initial ConfigsController | Azul | |
2014-07-14 | render valid json error if provider file not found | Azul | |
2014-07-14 | SessionsController#unauthenticated for 401s | Azul | |
Warden will catch all 401 responses at the rack level and call the app for failures. By default that is SessionsController#unauthenticated. I'm sticking with this. If we ever have other rack endpoints they can just send a 401 and the webapp will take care of the message. Other options would have been to tell warden not to take care of 401 either during initialization or by calling custom_failure! in the login_required method. We probably want a response that has a unique identifier for the error to process by the client and a translated message later on. For now i think the 401 suffices to identify the issue at hand. | |||
2014-07-14 | separate login_required from access denied response | Azul | |
They are very different. Let's handle them in different methods. | |||
2014-07-14 | Moved check for allow_registration into filter. | Folker Bernitt | |
2014-07-12 | allow querying for the expiry of a particular fingerprint | Azul | |