| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2013-11-12 | Merge pull request #110 from azul/feature/cleanup-expired-tokens | jessib | |
| Feature/cleanup expired tokens | |||
| 2013-11-08 | fix cornercase of non expiring tokens | Azul | |
| 2013-11-08 | Token.destroy_all_expired to cleanup expired tokens (#4411) | Azul | |
| 2013-11-06 | destroy all tickets created by a user when account is destroyed | Azul | |
| In order to keep the users engine independent of the tickets engine i added a generic load hook to the account model. The tickets engine then monkeypatches the account destruction and destroys all tickets before the user is destroyed. The tickets are destroyed first so that even if things break there should never be tickets with an outdated user id. I would have prefered to use super over using an alias_method_chain but I have not been able to figure out a way to make account a superclass of the account extension and still refer to Account from the users engine. | |||
| 2013-11-05 | Identity.destroy_all_disabled will clean up disabled identities | Azul | |
| This is mostly for cleaning up after tests so far. But we might expand this to destroy all identities disabled before a certain date. | |||
| 2013-11-05 | disabled identities to block handles after a user was deleted | Azul | |
| 2013-11-05 | refactor: Identity.disable_all_for(user) on user destruction | Azul | |
| This way the identity model defines how identities should be disabled. We currently still destroy them. But it will be easy and nicely isolated to change this next. | |||
| 2013-10-17 | blacklist system logins for aliases and logins | Azul | |
| We blacklist based on three things: * blacklist in APP_CONFIG[:handle_blacklist] * emails in RFC 2142 * usernames in /etc/passwd The latter two can be allowed by explicitly whitelisting them in APP_CONFIG[:handle_whitelist]. We stick to blocking names that have been configured as both blacklisted and whitelisted - better be save than sorry. | |||
| 2013-09-26 | Since local part of email is case sensitive, want to allow remote email ↵ | jessib | |
| addresses with uppercase letters in local part. | |||
| 2013-09-23 | This ensures that email addresses contain only lowercase letters, and that ↵ | jessib | |
| an identity's destination is a valid Email. | |||
| 2013-09-19 | Merge branch 'develop' into feature/only_lower_case_aliases | jessib | |
| 2013-09-18 | user.account shortcut to Account.new(user) | Azul | |
| 2013-09-05 | For moment, have identity's address handle aliased from login so we can use ↵ | jessib | |
| LoginFormatValidation. However, this is not how we will want it eventually. One issue is that the errors messages are set on login, rather than the appropriate field. | |||
| 2013-09-05 | Ensure that address in identity really is a LocalEmail. | jessib | |
| 2013-09-05 | Move handle method to Email model and have it work for local and non-local ↵ | jessib | |
| emails. | |||
| 2013-09-03 | Merge pull request #73 from azul/bugfix/3623-teardown-test-data-properly | jessib | |
| Bugfix/3623 teardown test data properly | |||
| 2013-09-03 | Account: Composition to handle User and its identities | Azul | |
| We have a lot of things that act upon a user record and one or more of it's identities at the same time: * Sing up: Create a user and it's initial identity * Rename: Change the username and create a new identity, turn old into an alias * Cancel Account: Remove user and all their identities. In order to keep the User and Identity behaviour isolated but still have a this logic represented in a sinle place the Account model deals with all these things. We could have overwritten the User#create, User#update and User#destroy methods instead. But then we would always create identities, even if we only need a user (for example in tests). | |||
| 2013-09-03 | expire token according to config setting auth:token_expires_after | Azul | |
| 2013-08-30 | there's no need for User#find_by_param. clean it up | Azul | |
| 2013-08-27 | token.user will get you the right user | Azul | |
| This way we can stub the token to return the user directly. Stubbing User.find_by_param is not a good idea as it will make all calls to User#find_by_param with a different id fail. | |||
| 2013-08-21 | use the same login validations on sessions and users | Azul | |
| The session ones were outdated so valid usernames could not login if they contained a '.' Refactored so both models use the same module for this validation to ensure consistency. | |||
| 2013-08-20 | Tweak to parameters to fix wrong-number-of-arguments error blocking other work. | jessib | |
| 2013-07-24 | keeping the pgp_key accessors for User so views still work | Azul | |
| 2013-07-24 | separate signup and settings service objects for user | Azul | |
| 2013-07-24 | setter for keys for dirty tracking, more robust tests | Azul | |
| Just altering identity.keys did not mark identities as changed. Also we now have a sane default for keys. | |||
| 2013-07-24 | no need for a remote email class | Azul | |
| 2013-07-24 | support deprecated API to set users main identity pgp key | Azul | |
| We'll want to get rid of the #public_key and #public_key= functions but they are still used from the users controller. We'll probably have an identity controller instead at some point. | |||
| 2013-07-24 | add keys to identity | Azul | |
| 2013-07-24 | remove the remainders of email aliases and forward from user | Azul | |
| 2013-07-24 | allow available and unique forwards only | Azul | |
| 2013-07-24 | validations of email format and local domain moved over | Azul | |
| 2013-07-24 | local email adds domain if needed | Azul | |
| 2013-07-24 | testing all versions of emial identities, emails are now strings | Azul | |
| 2013-07-24 | move identity creation into user class | Azul | |
| It's always based on a user and most default values are based on user properties. | |||
| 2013-07-24 | first take on identity model - still broken | Azul | |
| 2013-07-16 | prevent _ prefixes for couchDB document ids | Azul | |
| 2013-07-08 | Merge branch 'master' into feature/disable_account | jessib | |
| Conflicts: users/app/controllers/users_controller.rb users/app/helpers/users_helper.rb users/app/views/users/edit.html.haml users/app/views/users/show.html.haml users/config/locales/en.yml | |||
| 2013-07-04 | allow forms with blank email forward. | elijah | |
| 2013-07-03 | Accounts can be enabled or not. Admins can edit this property. | jessib | |
| 2013-04-25 | Merge pull request #40 from azul/feature/token-auth | jessib | |
| Token auth with a database of it's own | |||
| 2013-04-24 | renamed and fixed pgp_key view | Azul | |
| 2013-04-09 | let's use safe ids instead of the default couch ones | Azul | |
| Couch uses partly random partly sequential ids by default. We could change that in couch config to be all random. But this is probably more safe. | |||
| 2013-04-09 | initial token model and unit test | Azul | |
| 2013-04-03 | make sure user tests also run when run from users subdir | Azul | |
| * The APP_CONFIG needs to be initialized in core so that is required from other engines * paths for load_views need to be relative to the model - not to rails root. | |||
| 2013-02-28 | Have specific error messages for usernames with incorrect formats. | jessib | |
| Signed-off-by: jessib <jessib@leap.se> | |||
| 2013-02-26 | Changes to valid format for usernames. | jessib | |
| 2013-02-06 | using ruby-srp 0.1.5 SRP::Client to wrap user in session | Azul | |
| 2013-01-22 | Rough way to allow user to paste in their key, but certainly we will want ↵ | jessib | |
| different display. | |||
| 2013-01-22 | some basic webfinger routes, controller, presenters, views | Azul | |
| 2013-01-18 | more flexible email partial | Azul | |
 |
index : leap_web.git | |
| [leap_web] | git repository hosting |
| summaryrefslogtreecommitdiff |