Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-07-14 | [feature] restrict is_admin in the user api, to only allow querying | NavaL | |
for him/herself So that it we do not expose the is_admin property to anyone else including other admins. | |||
2016-07-14 | Merge branch 'develop' of https://github.com/leapcode/leap_web into ↵ | NavaL | |
feature/expose_admin_in_api | |||
2016-06-22 | [feature] expose is_admin in the user api | NavaL | |
So that whoever consumes the API can use this attribute to determine if admin functionalities should be made available to the current user. | |||
2016-05-18 | api: allow version bumping - bump to 2 | Azul | |
2016-05-02 | upgrade: unique test names | Azul | |
Rails 4.2 runs all tests mixed together. So unit tests and integration tests may not have conflicting names. | |||
2016-03-28 | api: added get(:show) to identities and users, allow monitors to ↵ | elijah | |
create/delete test & tmp users. | |||
2016-03-28 | api tokens - clarify terms: "monitors" are admins that authenticated via api ↵ | elijah | |
token, "tmp" users are users that exist only in tmp db, "test" users are either tmp users or users named "test_user_x" | |||
2016-03-28 | api tokens: allow for special api tokens that work like session tokens but ↵ | elijah | |
are configured in the static config, to be used for infrastructure monitoring. | |||
2015-09-28 | Fix the remaining failures/errors in our tests | ankonym | |
Handing freshly generated invite codes to Factory Girl to make the tests pass | |||
2015-09-28 | Added an 'invite code' to all the tests for the sign-up form so we have a ↵ | Aya Jaff | |
valid user for the tests again | |||
2015-03-17 | Better error message when a database is missing (very useful for nagios tests) | elijah | |
2015-03-17 | add support for rotating tokens and sessions databases, and for a special ↵ | elijah | |
tmp db for test users. | |||
2015-01-28 | client certificates: allow for time units to be specified in ↵ | elijah | |
client_cert_lifespan config option. | |||
2014-07-17 | clean up error assertions in tests | Azul | |
We're not testing the redirects anymore. But the error messages should be pretty clear already. We can start testing redirects again once we redirect to different places for different actions. | |||
2014-07-14 | clean up and simplify error responses and test code | Azul | |
2014-07-12 | fix tests and simplify time calculations | Azul | |
2014-05-29 | clearify identity validations | Azul | |
Identity.new.valid? should not crash. So validate presence where needed and skip the other validations if the value is absent. | |||
2014-05-26 | Merge pull request #163 from azul/feature/3398-save-hashed-token | azul | |
hash token with sha512 against timing attacs #3398 | |||
2014-05-26 | hash token with sha512 against timing attacs #3398 | Azul | |
2014-05-26 | change from GET to POST for certs | Azul | |
We create them. let's reflect that in the verb. | |||
2014-05-19 | store fingerprints with timestamp | Azul | |
Only storing the date as that should suffice for normal expiry and is less useful for identifying users by timestamps | |||
2014-05-19 | store cert fingerprint with main user identity | Azul | |
2014-05-19 | SmtpCertsController, routes and tests | Azul | |
2014-05-19 | basic integration test for cert API | Azul | |
2014-04-11 | move include AssertResponses into test itself | Azul | |
it may not have been required before the RackTest support class. | |||
2014-04-08 | moving users: app and test files | Azul | |