summaryrefslogtreecommitdiff
path: root/users/app/controllers
AgeCommit message (Collapse)Author
2014-02-10require_token now checks for token and loginAzul
2014-02-10require token in messages controllerAzul
2014-02-10require token when logging out via APIAzul
2014-02-10require token when updating user via APIAzul
2014-02-10rename authorize to require_loginAzul
authorize_admin -> require_admin also add require_token which will ensure token has been used for auth.
2014-02-10minor: refactor token auth a bitAzul
2014-01-27Merge branch 'develop' into feature/messages_apijessib
Conflicts: users/config/locales/en.yml
2014-01-23added a customizable 'bye' page for when a user leaveselijah
2014-01-09Some more cleanup, but still want to make sure ↵jessib
by_user_ids_to_show_and_created_at view is right before issuing pull request.
2014-01-07Some refactoring, to simplify user model, optimize, and allow messages to be ↵jessib
sorted by date (although are not now.) Also, rather than use whenever gem, will have cron job created to call task.
2013-12-31Add authentication to API, but not sure it is best way.jessib
2013-12-31Cleanup of code for messages API and cron job for 1 month payment warning. ↵jessib
Authentication still remaining piece.
2013-12-30Change structure to be more no-sql-y, rather than relational.jessib
2013-12-24Catching some corner cases & new tests.jessib
2013-12-24Add API tests and some refactoring of messages so we can get a user's ↵jessib
messages within the webapp.
2013-12-24API method to mark a user's message as read (will refactor)jessib
2013-12-24Initial start to messages API.jessib
2013-12-22locale prefix support:elijah
* set locale based on request header * enforce locale path prefix when current locale is not the default * note: don't use root_path anymore, instead use home_path
2013-12-16Fix issue 4756: /login should not crash if one goes there when logged in.jessib
2013-12-13refactor: remove Overview controller - we can use Users#showAzul
we were only using Users#show to redirect to the edit action. So I replaced that with the overview and we have no more use for the extra controller. This also simplifies linking to the users in question a lot.
2013-12-09Merge pull request #119 from jessib/feature/service_levelazul
Feature/service level
2013-12-06make sure key responses are plain textelijah
2013-12-02Merge branch 'develop' into feature/service_leveljessib
2013-11-25Give 404 error if one goes to /key/user for non-existing user.jessib
2013-11-21Refactoring of code, and tests.jessib
2013-11-18Need to cleanup some, but start to show public key for /key/usernamejessib
2013-11-18Start of service level code, which will be tweakedjessib
* stores desired & effective service level * whenever desired level is changed, effective level will be updated * allows user to set their desired service level * allow admin to update desired & effective service level
2013-11-06use the account lifecycle from UsersController#destroyAzul
2013-10-30notify user their account was successfully deleted (refs #4216)Azul
Also fixes a cornercase when admins deleted their own account. So far they would be redirected to the users list - which then refused access. Now they'll be redirected to the home landing page as well.
2013-09-24use token auth when accessing the api from webappAzul
One failing integration test still needs to be fixed
2013-09-18user.account shortcut to Account.new(user)Azul
2013-09-03Merge pull request #73 from azul/bugfix/3623-teardown-test-data-properlyjessib
Bugfix/3623 teardown test data properly
2013-09-03Merge pull request #75 from azul/feature/token-expiryjessib
Token expiry
2013-09-03clearify usage of V1::UsersController#index for autocompleteAzul
[skip ci]
2013-09-03remove email aliases controller - we don't use it anymoreAzul
2013-09-03Cleanup sessions controller - webapp logs in through the api.Azul
So the #create and #update actions were not needed anymore. Also removed the tests
2013-09-03Account: Composition to handle User and its identitiesAzul
We have a lot of things that act upon a user record and one or more of it's identities at the same time: * Sing up: Create a user and it's initial identity * Rename: Change the username and create a new identity, turn old into an alias * Cancel Account: Remove user and all their identities. In order to keep the User and Identity behaviour isolated but still have a this logic represented in a sinle place the Account model deals with all these things. We could have overwritten the User#create, User#update and User#destroy methods instead. But then we would always create identities, even if we only need a user (for example in tests).
2013-09-03use Token#authenticate for authenticationAzul
This will return the user. But we can add timestamp validations and updates here.
2013-09-02Remove references to email_settings controller, which has been removed. An ↵jessib
identities controller will replace it.
2013-08-30there's no need for User#find_by_param. clean it upAzul
2013-08-27Merge branch 'master' into billing_with_testsjessib
2013-08-27token.user will get you the right userAzul
This way we can stub the token to return the user directly. Stubbing User.find_by_param is not a good idea as it will make all calls to User#find_by_param with a different id fail.
2013-08-27do not redirect if no token presentAzul
So far we allow two mechanisms of authentication: * session based * token based If token fails session will be atempted in most cases. So we can't just redirect here or we get a double render error.
2013-08-27clear token on logout with testAzul
2013-08-27basic testing for token based auth in testsAzul
2013-08-27first steps towards enabling token based authAzul
2013-08-27sort authentication controller extensionAzul
2013-08-21return 204 NO CONTENT on API logoutAzul
That's the only meaningful response.
2013-07-24separate signup and settings service objects for userAzul
2013-07-24removed email settings controller and viewsAzul
PGP setting has been moved into account settings. It's using the API now issueing an Ajax request without any visual feedback. This obviously is not what we want but it hopefully suffices for uploading gpg keys for testing purposes before the Identity UI is in place.