summaryrefslogtreecommitdiff
path: root/config
AgeCommit message (Collapse)Author
2017-08-04feat: remove signup link from landing pagefeat/drop-signupAzul
We are deprecating webapp based signup. It leads to an inconsistent state for mail providers and offers no useful interactions for vpn providers either. Instead of trying to deal with the halve way signup through the webapp we require signup through bitmask app which can also create the pgp keys for email and download and use the cert for vpn. In addition this reduces the attack surface for js injection, phishing and other browser based attacks. For now we still keep the signup form in case providers link to it directly. We also keep all the tests based on it. Cleanup will happen right after 0.10.0 release.
2017-07-26Revert "fix: make customization available to sass"Azul
This reverts commit cc95bb27e873dc6140f9a909a57f075a0ef2f387.
2017-07-25fix: make customization available to sassAzul
Somehow sass did not follow the rails assets path order. Therefore the default tail.scss would stay in effect even when there was a different tail.scss in the customization folder. Adding the customization stylesheet folder to the sass load_paths works around this for now. Still need to check if it works in production though.
2017-04-03fix: icons that were using the bootstrap 2 syntaxAzul
2017-04-03feature: delete user clearing usernameAzul
2017-03-27upgrade: simple_form to bootstrap 3Azul
* reran the simple form initializer. * wrapped submit buttons are now broken and need a fix. * disabled confirmation validation in client side validations as the error message always is attached to the wrong field.
2017-03-24bugfix: client_side_validation load orderAzul
The Active::Model modules of client side validations only get included in CouchRest::Model::Base if the gems are loaded in the right order: * activemodel is required first so the modules to extend are present * client_side_validations is required next so its modules get included * couchrest_model is required last so it includes the enhanced modules. \
2017-03-23bugfix: handle couch 404sAzul
our special error handler for json requests would turn all exceptions into 500s - removed it. now the rescue_responses can do their thing again.
2017-03-23upgrade: use rails4s 'secret_key_base'Azul
This will get us encrypted cookies but also requires changes to the platform. fixes #23
2017-03-21fix: 404 on key request with non html content-typeAzul
2017-03-20test: 404 response for missing keyAzul
enable testing error responses on the full rack stack.
2017-03-20bugfix: format: html for home rootsAzul
That's the only thing the controller handles meaningful. Before the route would also catch anything that started with a . interpreting it as a format string. This lead to lots of false positives in our security scanner.
2017-03-02Fix keys route to accept usernames with dotsTulio Casagrande
2017-02-20Delete .gitkeep in config/customization azul
The Readme file in the folder already ensures that it is kept. The .gitkeep was causing diffs in production
2016-09-23Doc updated on how to customize avatar picture in twitter feature; update ↵luca-marie
error response messages; added 'config/customization/images' + link in 'config/initializer/customization.rb'
2016-09-22clean upluca-marie
2016-09-22initializer/twitter.rb file unnecessary; added change in main view only if ↵luca-marie
twitter feature is set enabled == true
2016-09-22included Theas work on error-handling \o/; changed link to twitter-account ↵luca-marie
in header; fixed erb escaping characters problem without letting evil code pass; setting customized image file 'Avatar_Pic.png' in config/custo../assets to get loaded instead of default twitter-logo
2016-09-13reseted config/defaults.yml old statethea
2016-09-05deleted twitter part in config/defaults.yml since there is no usage for it. ↵thea
to use twitter secrets-file has to be created
2016-09-01Changes mainly on CSS 'fine tuning' and shortening the Twitter API credentials,luca-marie
- only bearer token is needed to access Twitter API
2016-09-01Twitter controller now as helper, some more styling in CSS, bug fixluca-marie
2016-09-01Update in configluca-marie
2016-09-01Update with Twitterluca-marie
2016-08-15cleanup: remove outdated travis setupAzul
2016-08-15[ci] move configs into config dirAzul
2016-05-23move signup from users to account_controllerAzul
There was a lot of special case handling going on in the users_controller for this. Lot simpler this way.
2016-05-20api: set defaults for version in routesAzul
This way we do not need to specify it all the times. In the functional tests defaults do not get added automatically. Introduced api_{get,put,post,delete} to add format and version default. One to two functional tests failing, everything else passes.
2016-05-18api: allow version bumping - bump to 2Azul
2016-05-03use APP_CONFIG[config_file_paths] for provider.jsonAzul
This avoids overwriting the PROVIDER_JSON constant in the StaticConfigController and thus fixes test warnings. Also moved away from using instance variables in the ControllerExtension::JsonFile - instead querying the corresponding functions now - less sideeffects and easier stubbing.
2016-05-02upgrade: horizontal forms now need column stylesAzul
2016-05-02upgrade: bootstrap control-group -> form-groupAzul
2016-05-02upgrade: {File,Dir}.exists? -> exist?Azul
exists? is deprecated in ruby 2.1
2016-05-02upgrade: typeahead is not in bootstrap3 anymoreAzul
using twitter/typeahead instead which seems to have similar properties
2016-05-02test: use assert_error_response in functional testAzul
This way the changed flash hash still is recognized. Also changed the generic 'no_such_thing' i18n key to more specific 'no_such_user'. The former is very hard to translate as the gender of thing may affect the translation of the 'no such' part.
2016-05-02upgrade: client_side_validations initializerAzul
2016-05-02upgrade: migrate configAzul
environment.rb boot.rb application.rb -> adopted according to http://railsdiff.org/3.2.22.2/4.2.6 Also dropped quite_assets - not sure if this is still needed with rails 4.2. If it is we can bring it back.
2016-05-02upgrade: environments:productionAzul
Changed according to http://railsdiff.org/3.2.22.2/4.2.6 Includes setting logging to debug. Not sure if we want this. I agree that it's good to have all info available in case something breaks.
2016-05-02upgrade: environments:developmentAzul
Changed according to http://railsdiff.org/3.2.22.2/4.2.6 Also separated settings we added from those that rails has by default.
2016-05-02upgrade: environments/test.rbAzul
Changed according to http://railsdiff.org/3.2.22.2/4.2.6 Should also get rid of some warnings.
2016-05-02upgrade: no more underspecified match routesAzul
2016-05-02upgrade: remove references to RestClientAzul
CouchRest > 1.2 does not use RestClient anymore. So we should not try to catch its errors.
2016-05-02upgrade: drop active_resource in config/applicationAzul
2016-04-01api: added super simple motd, closes #7866elijah
2016-03-30api: added json error pages, allow "." in the :id param of all api routeselijah
2016-03-28api: added allow ability to limit what IPs can access api using a static ↵elijah
configured auth token.
2016-03-28api tokens - clarify terms: "monitors" are admins that authenticated via api ↵elijah
token, "tmp" users are users that exist only in tmp db, "test" users are either tmp users or users named "test_user_x"
2016-03-28api tokens: allow for special api tokens that work like session tokens but ↵elijah
are configured in the static config, to be used for infrastructure monitoring.
2016-01-16change the default of config.assets.debug for development env.elijah
2016-01-14added UI for invite codeselijah