| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2017-12-08 | upgrade: factory_girl -> factory_bot | Azul | |
| 2017-11-16 | fix: respond with error on invalid pgp key | Azul | |
| We used to just ignore the key. Also separated the code for handling key updates from other user updates. This should eventually be moved to a different route. Mixing the two makes the implementation really hard. | |||
| 2017-10-24 | fix: sanity checks on user params | Azul | |
| fixes #8801 Includes a test reproducing 500 on lynx We now make use of ActionController::Parameters require and permit methods. | |||
| 2017-08-15 | use i18n for login test | elijah | |
| 2017-03-23 | bugfix: handle couch 404s | Azul | |
| our special error handler for json requests would turn all exceptions into 500s - removed it. now the rescue_responses can do their thing again. | |||
| 2017-03-10 | Adds recovery code to user account | Thais Siqueira | |
| Related with https://github.com/pixelated/pixelated-user-agent/issues/924 With @aarni | |||
| 2016-08-19 | respond_to on a per controller basis | Azul | |
| If you inherit respond to and call it again in your controller it will not overwrite the previous but add to it. Since we always have some exceptions from the rules it's probably easiest to be explicit in the controllers that require it themselves. | |||
| 2016-07-14 | [feature] restrict is_admin in the user api, to only allow querying | NavaL | |
| for him/herself So that it we do not expose the is_admin property to anyone else including other admins. | |||
| 2016-07-14 | Merge branch 'develop' of https://github.com/leapcode/leap_web into ↵ | NavaL | |
| feature/expose_admin_in_api | |||
| 2016-06-22 | [feature] expose is_admin in the user api | NavaL | |
| So that whoever consumes the API can use this attribute to determine if admin functionalities should be made available to the current user. | |||
| 2016-05-18 | api: allow version bumping - bump to 2 | Azul | |
| 2016-05-02 | upgrade: unique test names | Azul | |
| Rails 4.2 runs all tests mixed together. So unit tests and integration tests may not have conflicting names. | |||
| 2016-03-28 | api: added get(:show) to identities and users, allow monitors to ↵ | elijah | |
| create/delete test & tmp users. | |||
| 2016-03-28 | api tokens - clarify terms: "monitors" are admins that authenticated via api ↵ | elijah | |
| token, "tmp" users are users that exist only in tmp db, "test" users are either tmp users or users named "test_user_x" | |||
| 2016-03-28 | api tokens: allow for special api tokens that work like session tokens but ↵ | elijah | |
| are configured in the static config, to be used for infrastructure monitoring. | |||
| 2015-09-28 | Fix the remaining failures/errors in our tests | ankonym | |
| Handing freshly generated invite codes to Factory Girl to make the tests pass | |||
| 2015-09-28 | Added an 'invite code' to all the tests for the sign-up form so we have a ↵ | Aya Jaff | |
| valid user for the tests again | |||
| 2015-03-17 | Better error message when a database is missing (very useful for nagios tests) | elijah | |
| 2015-03-17 | add support for rotating tokens and sessions databases, and for a special ↵ | elijah | |
| tmp db for test users. | |||
| 2015-01-28 | client certificates: allow for time units to be specified in ↵ | elijah | |
| client_cert_lifespan config option. | |||
| 2014-07-17 | clean up error assertions in tests | Azul | |
| We're not testing the redirects anymore. But the error messages should be pretty clear already. We can start testing redirects again once we redirect to different places for different actions. | |||
| 2014-07-14 | clean up and simplify error responses and test code | Azul | |
| 2014-07-12 | fix tests and simplify time calculations | Azul | |
| 2014-05-29 | clearify identity validations | Azul | |
| Identity.new.valid? should not crash. So validate presence where needed and skip the other validations if the value is absent. | |||
| 2014-05-26 | Merge pull request #163 from azul/feature/3398-save-hashed-token | azul | |
| hash token with sha512 against timing attacs #3398 | |||
| 2014-05-26 | hash token with sha512 against timing attacs #3398 | Azul | |
| 2014-05-26 | change from GET to POST for certs | Azul | |
| We create them. let's reflect that in the verb. | |||
| 2014-05-19 | store fingerprints with timestamp | Azul | |
| Only storing the date as that should suffice for normal expiry and is less useful for identifying users by timestamps | |||
| 2014-05-19 | store cert fingerprint with main user identity | Azul | |
| 2014-05-19 | SmtpCertsController, routes and tests | Azul | |
| 2014-05-19 | basic integration test for cert API | Azul | |
| 2014-04-11 | move include AssertResponses into test itself | Azul | |
| it may not have been required before the RackTest support class. | |||
| 2014-04-08 | moving users: app and test files | Azul | |
 |
index : leap_web.git | |
| [leap_web] | git repository hosting |
| summaryrefslogtreecommitdiff |