Age | Commit message (Collapse) | Author |
|
We used to just ignore the key.
Also separated the code for handling key updates from other
user updates. This should eventually be moved to a different
route. Mixing the two makes the implementation really hard.
|
|
fixes #8801
Includes a test reproducing 500 on lynx
We now make use of ActionController::Parameters require and permit
methods.
|
|
|
|
our special error handler for json requests would turn all exceptions
into 500s - removed it. now the rescue_responses can do their thing
again.
|
|
Related with https://github.com/pixelated/pixelated-user-agent/issues/924
With @aarni
|
|
If you inherit respond to and call it again in your controller
it will not overwrite the previous but add to it.
Since we always have some exceptions from the rules it's probably
easiest to be explicit in the controllers that require it themselves.
|
|
for him/herself
So that it we do not expose the is_admin property to anyone else
including other admins.
|
|
feature/expose_admin_in_api
|
|
So that whoever consumes the API can use this attribute to
determine if admin functionalities should be made available to
the current user.
|
|
|
|
Rails 4.2 runs all tests mixed together. So unit tests and integration tests
may not have conflicting names.
|
|
create/delete test & tmp users.
|
|
token, "tmp" users are users that exist only in tmp db, "test" users are either tmp users or users named "test_user_x"
|
|
are configured in the static config, to be used for infrastructure monitoring.
|
|
Handing freshly generated invite codes to Factory Girl to make the tests pass
|
|
valid user for the tests again
|
|
|
|
tmp db for test users.
|
|
client_cert_lifespan config option.
|
|
We're not testing the redirects anymore. But the error messages should be pretty clear already. We can start testing redirects again once we redirect to different places for different actions.
|
|
|
|
|
|
Identity.new.valid? should not crash. So validate presence where needed and
skip the other validations if the value is absent.
|
|
hash token with sha512 against timing attacs #3398
|
|
|
|
We create them. let's reflect that in the verb.
|
|
Only storing the date as that should suffice for normal expiry and is less useful for identifying users by timestamps
|
|
|
|
|
|
|
|
it may not have been required before the RackTest support class.
|
|
|