Age | Commit message (Collapse) | Author | |
---|---|---|---|
2013-11-05 | disabled identities to block handles after a user was deleted | Azul | |
2013-11-05 | refactor: Identity.disable_all_for(user) on user destruction | Azul | |
This way the identity model defines how identities should be disabled. We currently still destroy them. But it will be easy and nicely isolated to change this next. | |||
2013-10-17 | blacklist system logins for aliases and logins | Azul | |
We blacklist based on three things: * blacklist in APP_CONFIG[:handle_blacklist] * emails in RFC 2142 * usernames in /etc/passwd The latter two can be allowed by explicitly whitelisting them in APP_CONFIG[:handle_whitelist]. We stick to blocking names that have been configured as both blacklisted and whitelisted - better be save than sorry. | |||
2013-09-26 | Since local part of email is case sensitive, want to allow remote email ↵ | jessib | |
addresses with uppercase letters in local part. | |||
2013-09-23 | This ensures that email addresses contain only lowercase letters, and that ↵ | jessib | |
an identity's destination is a valid Email. | |||
2013-09-19 | Merge branch 'develop' into feature/only_lower_case_aliases | jessib | |
2013-09-18 | user.account shortcut to Account.new(user) | Azul | |
2013-09-05 | For moment, have identity's address handle aliased from login so we can use ↵ | jessib | |
LoginFormatValidation. However, this is not how we will want it eventually. One issue is that the errors messages are set on login, rather than the appropriate field. | |||
2013-09-05 | Ensure that address in identity really is a LocalEmail. | jessib | |
2013-09-05 | Move handle method to Email model and have it work for local and non-local ↵ | jessib | |
emails. | |||
2013-09-03 | Merge pull request #73 from azul/bugfix/3623-teardown-test-data-properly | jessib | |
Bugfix/3623 teardown test data properly | |||
2013-09-03 | Account: Composition to handle User and its identities | Azul | |
We have a lot of things that act upon a user record and one or more of it's identities at the same time: * Sing up: Create a user and it's initial identity * Rename: Change the username and create a new identity, turn old into an alias * Cancel Account: Remove user and all their identities. In order to keep the User and Identity behaviour isolated but still have a this logic represented in a sinle place the Account model deals with all these things. We could have overwritten the User#create, User#update and User#destroy methods instead. But then we would always create identities, even if we only need a user (for example in tests). | |||
2013-09-03 | expire token according to config setting auth:token_expires_after | Azul | |
2013-08-30 | there's no need for User#find_by_param. clean it up | Azul | |
2013-08-27 | token.user will get you the right user | Azul | |
This way we can stub the token to return the user directly. Stubbing User.find_by_param is not a good idea as it will make all calls to User#find_by_param with a different id fail. | |||
2013-08-21 | use the same login validations on sessions and users | Azul | |
The session ones were outdated so valid usernames could not login if they contained a '.' Refactored so both models use the same module for this validation to ensure consistency. | |||
2013-08-20 | Tweak to parameters to fix wrong-number-of-arguments error blocking other work. | jessib | |
2013-07-24 | keeping the pgp_key accessors for User so views still work | Azul | |
2013-07-24 | separate signup and settings service objects for user | Azul | |
2013-07-24 | setter for keys for dirty tracking, more robust tests | Azul | |
Just altering identity.keys did not mark identities as changed. Also we now have a sane default for keys. | |||
2013-07-24 | no need for a remote email class | Azul | |
2013-07-24 | support deprecated API to set users main identity pgp key | Azul | |
We'll want to get rid of the #public_key and #public_key= functions but they are still used from the users controller. We'll probably have an identity controller instead at some point. | |||
2013-07-24 | add keys to identity | Azul | |
2013-07-24 | remove the remainders of email aliases and forward from user | Azul | |
2013-07-24 | allow available and unique forwards only | Azul | |
2013-07-24 | validations of email format and local domain moved over | Azul | |
2013-07-24 | local email adds domain if needed | Azul | |
2013-07-24 | testing all versions of emial identities, emails are now strings | Azul | |
2013-07-24 | move identity creation into user class | Azul | |
It's always based on a user and most default values are based on user properties. | |||
2013-07-24 | first take on identity model - still broken | Azul | |
2013-07-16 | prevent _ prefixes for couchDB document ids | Azul | |
2013-07-08 | Merge branch 'master' into feature/disable_account | jessib | |
Conflicts: users/app/controllers/users_controller.rb users/app/helpers/users_helper.rb users/app/views/users/edit.html.haml users/app/views/users/show.html.haml users/config/locales/en.yml | |||
2013-07-04 | allow forms with blank email forward. | elijah | |
2013-07-03 | Accounts can be enabled or not. Admins can edit this property. | jessib | |
2013-04-25 | Merge pull request #40 from azul/feature/token-auth | jessib | |
Token auth with a database of it's own | |||
2013-04-24 | renamed and fixed pgp_key view | Azul | |
2013-04-09 | let's use safe ids instead of the default couch ones | Azul | |
Couch uses partly random partly sequential ids by default. We could change that in couch config to be all random. But this is probably more safe. | |||
2013-04-09 | initial token model and unit test | Azul | |
2013-04-03 | make sure user tests also run when run from users subdir | Azul | |
* The APP_CONFIG needs to be initialized in core so that is required from other engines * paths for load_views need to be relative to the model - not to rails root. | |||
2013-02-28 | Have specific error messages for usernames with incorrect formats. | jessib | |
Signed-off-by: jessib <jessib@leap.se> | |||
2013-02-26 | Changes to valid format for usernames. | jessib | |
2013-02-06 | using ruby-srp 0.1.5 SRP::Client to wrap user in session | Azul | |
2013-01-22 | Rough way to allow user to paste in their key, but certainly we will want ↵ | jessib | |
different display. | |||
2013-01-22 | some basic webfinger routes, controller, presenters, views | Azul | |
2013-01-18 | more flexible email partial | Azul | |
2013-01-18 | Merge remote-tracking branch 'origin/master' into feature/fixed-email-address | Azul | |
Conflicts: users/app/views/emails/_email.html.haml | |||
2013-01-17 | minor fixes to validation workflow | Azul | |
2013-01-17 | unit tests passing | Azul | |
2013-01-16 | incomplete initial changes to make email address just login@domain.tld | Azul | |
This involves a number of other changes like making sure the comparison between aliases and emails still works. Will do that by removing the @domain.tld from aliases as well. | |||
2013-01-14 | Use partials for displaying details shown when viewing a user. Some of these ↵ | jessib | |
partials have specific CSS for another use, so we will likely want to tweak this. |