| Age | Commit message (Collapse) | Author |
|---|
|
fixes #8796
Cleaned up UserController#update earlier but missed that it was
used to change fallback email addresses. Now it is back. This
time including an integration test.
|
|
On a failed login the warden failure app gets called.
Some of the params are changed accordingly but controller
and action remain.
set_locale would detect there was no locale in the path
and thus attempt to redirect. However the params still
belong to the previous request which was a POST to
Api::SessionsController.
This route does not respond to get requests and so it
would trigger a 404 in production and a 500 in development.
This commit prevents set_locale to act upon warden failure
app controller calls by adding /new to the list of
`NON_LOCALE_PATHS`. (The path is updated by warden to the
name of the action called in the failure app).
A test is included in this commit that tries to login
with an invalid username, password combination and a german
locale set.
fixes #8805
|
|
|
|
|
|
We now use the hash of the token for comparison and as the id.
In order to use it you need the original token though. So forms and
thus the session should have token.to_s rather than token.id.
|
|
|
|
* reran the simple form initializer.
* wrapped submit buttons are now broken and need a fix.
* disabled confirmation validation in client side validations as the
error message always is attached to the wrong field.
|
|
There was a lot of special case handling going on in the users_controller
for this. Lot simpler this way.
|
|
|
|
AccountLivecycleTest -> CRUD accounts
SecurityTest -> security specific tests
AdminTest -> admin specific tests
|
|
get re-enabled.
|
|
Through the config param 'invite_required', providers can decide whether users need to provide an invite code upon signup.
The default setting is false.
|
|
|
|
Remove the change password test because the change password functionality is currently unused - however, it breaks with the new invite code field in the signup form.
|
|
|
|
There's an identities tab now for admins that will allow unblocking blocked handles. It should be easy to expand for aliases and forwards and other types of actions such as editing.
|
|
Feature/i18n for ticket system
|
|
|
|
We create an identity alongside each user. Make sure the identity
is valid when creating the user. This also ensures that the login
picked is available because otherwise the identities address would
not be available anymore.
|
|
|
|
preparing for #5664 with some test improvements i ran into this issue
This commit includes a fix and the test improvements. In particular it
adds BrowserIntegrationTest#login - so there is no need to go through the signup procedure everytime you want a user to be logged in.
|
|
Hiding them using two mechanisms in case one fails:
.hidden class - bootstrap hides them then
style='display:none' - so they are hidden even if css load fails
|
|
The client_side_validations gem is not maintained anymore and the validations
were not working lately. So instead of trying to fix it I started working on
independent validations for the password as it can't be validated on the
server due to SRP.
So far these validations are very primitive. They require 8 characters length
and a matching confirmation.
|
|
input or button can be used
|
|
|
