summaryrefslogtreecommitdiff
path: root/test
AgeCommit message (Collapse)Author
2017-03-21fix: 404 on key request with non html content-typeAzul
2017-03-20fix: 404 for missing pages template - fixes #9Azul
2017-03-20test: 404 response for missing keyAzul
enable testing error responses on the full rack stack.
2017-03-20bugfix: format: html for home rootsAzul
That's the only thing the controller handles meaningful. Before the route would also catch anything that started with a . interpreting it as a format string. This lead to lots of false positives in our security scanner.
2017-03-10Validates recovery code as hexadecimal data.Thais Siqueira
Related with https://github.com/pixelated/pixelated-user-agent/issues/924 With @aarni
2017-03-10Adds recovery code to user accountThais Siqueira
Related with https://github.com/pixelated/pixelated-user-agent/issues/924 With @aarni
2017-03-02Fix keys route to accept usernames with dotsTulio Casagrande
2016-11-17bugfix: only send login errors onceAzul
If a login was invalid as a username but also for the identity we used to have duplicate error messages. Let's avoid that. Also added a test to make sure invite_code errors are properly displayed no matter what other fields are set or missing. Pixelated will rely on this to test invite codes
2016-08-19respond_to on a per controller basisAzul
If you inherit respond to and call it again in your controller it will not overwrite the previous but add to it. Since we always have some exceptions from the rules it's probably easiest to be explicit in the controllers that require it themselves.
2016-08-17bugfix: send 406 if an unexpected format is asked forAzul
It used to run the action and then trigger a 500 because the template was not found. fixes !3 .
2016-08-15[ci] move configs into config dirAzul
2016-08-15[ci] use default db prefix on gitlab and travisAzul
This makes writing the tests for database names easier as they should be the same strings on gitlab, travis and locally.
2016-08-12[db] def database on users instead of use_databaseAzul
use_database affects all uses of prepare_database - so also the one in tmp_database. In order to avoid that we do not use_database but just overwrite the database method itself.
2016-08-08[ci] setup couch for gitlabAzul
Couch docker image will be available on the host called couchdb. So we use curl to check for it and display the version string. And then we move a couchdb.yml config file into place so the right host will be used.
2016-07-14[feature] restrict is_admin in the user api, to only allow queryingNavaL
for him/herself So that it we do not expose the is_admin property to anyone else including other admins.
2016-07-14Merge branch 'develop' of https://github.com/leapcode/leap_web into ↵NavaL
feature/expose_admin_in_api
2016-07-05fix email unit test - need to require nowAzul
2016-06-22[feature] expose is_admin in the user apiNavaL
So that whoever consumes the API can use this attribute to determine if admin functionalities should be made available to the current user.
2016-05-23fix config check in submit_signupAzul
with_config is not mean to test the current config. It will set the config. So instead we need to look into APP_CONFIG.
2016-05-23move signup from users to account_controllerAzul
There was a lot of special case handling going on in the users_controller for this. Lot simpler this way.
2016-05-21tests: reset I18n.locale after locale_path_testAzul
Otherwise this will mess up other tests.
2016-05-20include engine tests in default testAzul
2016-05-20api: set defaults for version in routesAzul
This way we do not need to specify it all the times. In the functional tests defaults do not get added automatically. Introduced api_{get,put,post,delete} to add format and version default. One to two functional tests failing, everything else passes.
2016-05-18api: allow version bumping - bump to 2Azul
2016-05-09test: make identity test locale independentAzul
It somehow managed to fail for a certain test order. Seems rather rare though - have not been able to reproduce it in 5 runs. Failed with --seed 60219.
2016-05-09minor: cleanup debug message in testAzul
2016-05-03use APP_CONFIG[config_file_paths] for provider.jsonAzul
This avoids overwriting the PROVIDER_JSON constant in the StaticConfigController and thus fixes test warnings. Also moved away from using instance variables in the ControllerExtension::JsonFile - instead querying the corresponding functions now - less sideeffects and easier stubbing.
2016-05-03fix type mismatch TokenAuthTestAzul
rails 4 mixes model, controller and integration tests. So lets give this one a better name
2016-05-02tests: Validator.new has optional options hashAzul
but you may not hand it a nil
2016-05-02test: use assert_error_response in functional testAzul
This way the changed flash hash still is recognized. Also changed the generic 'no_such_thing' i18n key to more specific 'no_such_user'. The former is very hard to translate as the gender of thing may affect the translation of the 'no such' part.
2016-05-02upgrade: use bootstrap3 variable names in leap.scssAzul
2016-05-02upgrade: test cases now have #nameAzul
2016-05-02test: flash now has string keysAzul
2016-05-02test: response is blank - not = ' 'Azul
2016-05-02upgrade: default_wait_time -> default_max_wait_timeAzul
2016-05-02upgrade: unique test namesAzul
Rails 4.2 runs all tests mixed together. So unit tests and integration tests may not have conflicting names.
2016-05-02split up integration account testAzul
AccountLivecycleTest -> CRUD accounts SecurityTest -> security specific tests AdminTest -> admin specific tests
2016-05-02fix browser_integration_testAzul
we need to require 'capybara/rails' so that Capybara::DSL is available. ActionController::RecordIdentifier was moved to ActionView
2016-04-11allow monitor auth to create users even if invites are normally required.elijah
2016-04-01api: added super simple motd, closes #7866elijah
2016-03-30api: return proper 404 for GET /1/identities/:id.jsonelijah
2016-03-28api: added get(:show) to identities and users, allow monitors to ↵elijah
create/delete test & tmp users.
2016-03-28api: added allow ability to limit what IPs can access api using a static ↵elijah
configured auth token.
2016-03-28api tokens - clarify terms: "monitors" are admins that authenticated via api ↵elijah
token, "tmp" users are users that exist only in tmp db, "test" users are either tmp users or users named "test_user_x"
2016-03-28api tokens: allow for special api tokens that work like session tokens but ↵elijah
are configured in the static config, to be used for infrastructure monitoring.
2016-02-10allow user accounts to be re-enabled, and for associated identities to also ↵elijah
get re-enabled.
2016-01-31remove cert fingerprints for disabled users, so that they cannot send email ↵elijah
anymore. closes #7690
2015-10-19Merge pull request #198 from claucece/developazul
Braintree_implementation
2015-10-19Merge pull request #196 from EvyW/developazul
Admin - Ability to enable/disable user
2015-10-06Integrated feedback on multi-invite codesankonym
Removing some superfluous code, mostly, and structuring tests better.