leap_web.git - [leap

Age	Commit message (Collapse)	Author
2014-04-04	5382 - prevent crash when destroying tokens	Azul
	An expired token was removed (probably by automatic cleanup) while processing it. So the webapp crashed due to a couch 404. We're preventing that by rescueing from a 404 on Token.delete by default.
2014-02-10	fix unread_by? to check user_ids_to_show, remove TODO	Azul
	uniq! is probably not any faster than just checking include?
2014-02-10	minor: move some logic from message controller into model	Azul

2014-01-21	Small optimization to saving message when sending one month warnings.	jessib

2014-01-09	Some more cleanup, but still want to make sure ↵	jessib
	by_user_ids_to_show_and_created_at view is right before issuing pull request.
2014-01-07	Some refactoring, to simplify user model, optimize, and allow messages to be ↵	jessib
	sorted by date (although are not now.) Also, rather than use whenever gem, will have cron job created to call task.
2014-01-07	Merge branch 'develop' into feature/messages_api	jessib

2014-01-07	only emit pgp keys if they are actually set	Azul
	if doc.keys has not been set doc.keys[pgp] will raise an error. We always upload the key after signup - but this might fail and there is some time in between. Not checking for this condition lead to errors in the couch logs.
2013-12-31	Removing join-model we are no longer using.	jessib

2013-12-31	Cleanup of code for messages API and cron job for 1 month payment warning. ↵	jessib
	Authentication still remaining piece.
2013-12-30	Fixes to initial go at job to send one month warnings.	jessib

2013-12-30	Merge branch 'feature/messages_api' into feature/messages_cron	jessib

2013-12-30	Change structure to be more no-sql-y, rather than relational.	jessib

2013-12-30	Not actually how we want to do this, but at least finish outlined part, that ↵	jessib
	will later be replaced.
2013-12-26	Very very rough start to having messages for payment automatically created.	jessib

2013-12-24	Add API tests and some refactoring of messages so we can get a user's ↵	jessib
	messages within the webapp.
2013-12-24	API method to mark a user's message as read (will refactor)	jessib

2013-12-24	Initial start to messages API.	jessib

2013-12-03	Some simplification of code.	jessib

2013-12-03	Add ServiceLevel class to wrap config and give accessors. Has some hacky ↵	jessib
	parts, but seems like okay generic start for now.
2013-12-02	Merge branch 'develop' into feature/service_level	jessib

2013-11-26	simple validation for pgp key format	Azul

2013-11-26	ignore attempts to empty public_key, refactor	Azul
	refactor: prepare validations of the uploaded pgp keys
2013-11-18	Start of service level code, which will be tweaked	jessib
	* stores desired & effective service level * whenever desired level is changed, effective level will be updated * allows user to set their desired service level * allow admin to update desired & effective service level
2013-11-12	Merge pull request #110 from azul/feature/cleanup-expired-tokens	jessib
	Feature/cleanup expired tokens
2013-11-08	fix cornercase of non expiring tokens	Azul

2013-11-08	Token.destroy_all_expired to cleanup expired tokens (#4411)	Azul

2013-11-06	destroy all tickets created by a user when account is destroyed	Azul
	In order to keep the users engine independent of the tickets engine i added a generic load hook to the account model. The tickets engine then monkeypatches the account destruction and destroys all tickets before the user is destroyed. The tickets are destroyed first so that even if things break there should never be tickets with an outdated user id. I would have prefered to use super over using an alias_method_chain but I have not been able to figure out a way to make account a superclass of the account extension and still refer to Account from the users engine.
2013-11-05	Identity.destroy_all_disabled will clean up disabled identities	Azul
	This is mostly for cleaning up after tests so far. But we might expand this to destroy all identities disabled before a certain date.
2013-11-05	disabled identities to block handles after a user was deleted	Azul

2013-11-05	refactor: Identity.disable_all_for(user) on user destruction	Azul
	This way the identity model defines how identities should be disabled. We currently still destroy them. But it will be easy and nicely isolated to change this next.
2013-10-17	blacklist system logins for aliases and logins	Azul
	We blacklist based on three things: * blacklist in APP_CONFIG[:handle_blacklist] * emails in RFC 2142 * usernames in /etc/passwd The latter two can be allowed by explicitly whitelisting them in APP_CONFIG[:handle_whitelist]. We stick to blocking names that have been configured as both blacklisted and whitelisted - better be save than sorry.
2013-09-26	Since local part of email is case sensitive, want to allow remote email ↵	jessib
	addresses with uppercase letters in local part.
2013-09-23	This ensures that email addresses contain only lowercase letters, and that ↵	jessib
	an identity's destination is a valid Email.
2013-09-19	Merge branch 'develop' into feature/only_lower_case_aliases	jessib

2013-09-18	user.account shortcut to Account.new(user)	Azul

2013-09-05	For moment, have identity's address handle aliased from login so we can use ↵	jessib
	LoginFormatValidation. However, this is not how we will want it eventually. One issue is that the errors messages are set on login, rather than the appropriate field.
2013-09-05	Ensure that address in identity really is a LocalEmail.	jessib

2013-09-05	Move handle method to Email model and have it work for local and non-local ↵	jessib
	emails.
2013-09-03	Merge pull request #73 from azul/bugfix/3623-teardown-test-data-properly	jessib
	Bugfix/3623 teardown test data properly
2013-09-03	Account: Composition to handle User and its identities	Azul
	We have a lot of things that act upon a user record and one or more of it's identities at the same time: * Sing up: Create a user and it's initial identity * Rename: Change the username and create a new identity, turn old into an alias * Cancel Account: Remove user and all their identities. In order to keep the User and Identity behaviour isolated but still have a this logic represented in a sinle place the Account model deals with all these things. We could have overwritten the User#create, User#update and User#destroy methods instead. But then we would always create identities, even if we only need a user (for example in tests).
2013-09-03	expire token according to config setting auth:token_expires_after	Azul

2013-08-30	there's no need for User#find_by_param. clean it up	Azul

2013-08-27	token.user will get you the right user	Azul
	This way we can stub the token to return the user directly. Stubbing User.find_by_param is not a good idea as it will make all calls to User#find_by_param with a different id fail.
2013-08-21	use the same login validations on sessions and users	Azul
	The session ones were outdated so valid usernames could not login if they contained a '.' Refactored so both models use the same module for this validation to ensure consistency.
2013-08-20	Tweak to parameters to fix wrong-number-of-arguments error blocking other work.	jessib

2013-07-24	keeping the pgp_key accessors for User so views still work	Azul

2013-07-24	separate signup and settings service objects for user	Azul

2013-07-24	setter for keys for dirty tracking, more robust tests	Azul
	Just altering identity.keys did not mark identities as changed. Also we now have a sane default for keys.
2013-07-24	no need for a remote email class	Azul