leap_web.git - [leap

Age	Commit message (Collapse)	Author
2013-11-21	Refactoring of code, and tests.	jessib

2013-11-18	Need to cleanup some, but start to show public key for /key/username	jessib

2013-10-30	notify user their account was successfully deleted (refs #4216)	Azul
	Also fixes a cornercase when admins deleted their own account. So far they would be redirected to the users list - which then refused access. Now they'll be redirected to the home landing page as well.
2013-09-03	use the login logout named route instead of sessions resource	Azul
	The main part of the sessions resource now lives in the API. the two named routes are just fine for what is left.
2013-09-02	Remove references to email_settings controller, which has been removed. An ↵	jessib
	identities controller will replace it.
2013-08-27	first steps towards enabling token based auth	Azul

2013-08-19	Change JS warning message per https://leap.se/code/issues/3492	jessib
	Key must end in _html so the html doesn't get escaped.
2013-08-08	close srp vulnerability and report error in webapp	Azul

2013-07-09	Cleanup to show enable/deactivate account functionality in new UI.	jessib

2013-07-08	Merge branch 'master' into feature/disable_account	jessib
	Conflicts: users/app/controllers/users_controller.rb users/app/helpers/users_helper.rb users/app/views/users/edit.html.haml users/app/views/users/show.html.haml users/config/locales/en.yml
2013-07-04	user tests -- user update has been moved entirely to api controller, so fix ↵	elijah
	tests to reflect this.
2013-07-04	users - make a nice overview page (well, nice enough) and better users ↵	elijah
	index/search.
2013-07-04	fix user typeahead	elijah

2013-07-04	users engine changes - rewrite of the views, separate email settings to a ↵	elijah
	separate controller, make users_controller html only and v1/users_controller json only.
2013-07-04	new ui - initial user changes	elijah

2013-07-03	Accounts can be enabled or not. Admins can edit this property.	jessib

2013-06-20	For removing account, redirect to root path, and ask confirmation message:	jessib
	https://leap.se/code/issues/2923
2013-06-13	Quick way to give warnings if javascript and/or cookies are not enabled. ↵	jessib
	Will want to tweak so the code isn't redundant, and ideally so check for cookies doesn't rely on javascript. And we'll want to expand the texts.
2013-04-18	remove 'api' subdomain restriction	elijah

2013-04-02	send more meaningful error message on completely failed login attempt	Azul

2013-03-05	Merge branch 'master' into feature/limit_user_leak	Azul
	Conflicts: users/lib/warden/strategies/secure_remote_password.rb
2013-03-04	Update tests and documentation to reflect changed error messages with ↵	jessib
	incorrect username or password on login attempt.
2013-03-01	Merge pull request #32 from azul/feature/api-version-1-fixes	azul
	Feature: API version 1 fixes
2013-02-28	When attempting to login, the error messages should not leak information ↵	jessib
	about whether a username is valid. This also means the error message is more appropriate if somebody tries to login with somebody else's username and their password.
2013-02-26	Change to language for when updating username/password.	jessib

2013-02-26	api for sessions fixed	Azul
	* now we return the user id on login * allow a destroy request for logging out * added test for api sessions controller
2013-02-25	Admins cannot update a user. Eventually we will want to allow admins to ↵	jessib
	update some user fields.
2013-02-25	Add hint that password change is optional	jessib

2013-02-19	Needs some cleanup, but this has one form where user can change username and ↵	jessib
	password (they can leave either the same if they just want to change one, but we should make this clearer.)
2013-01-29	Allow PUT API to update user.	jessib

2013-01-22	Rough way to allow user to paste in their key, but certainly we will want ↵	jessib
	different display.
2013-01-22	some basic webfinger routes, controller, presenters, views	Azul

2013-01-17	Merge pull request #16 from leapcode/feature/fixing-routes-with-api	azul
	Fixing routes with api
2013-01-16	using subdomain for api requests properly	Azul

2013-01-15	Show different ticket characteristics when viewing the users versus when ↵	jessib
	listing the tickets. Give a message if a user has no tickets.
2013-01-15	minor: put emails in unstyled ul and simplify	Azul
	Just found out that render(@collection) returns nil for emtpy collections. So that is usefull for putting messages about the emtpy collection in an or clause.
2013-01-10	moved api routes into their own namespace	Azul
	In case we need them at some point - now it's new_api_user_path instead of new_user_path for example. This way they should not conflict with the normal route generation
2012-12-17	enabled destroying email aliases - no ajax yet.	Azul

2012-12-10	actually allow adding email aliases	Azul

2012-12-09	basic form added to user settings, simple model created	Azul

2012-12-08	serve api version 1 in /1/	Azul
	Just a very simple start for now. Do we want to use the api for the secure remote password auth from js?
2012-12-07	adding a bunch of translation	Azul

2012-11-26	added admin menu and user index action	Azul

2012-11-22	basic user edit form and actions	Azul

2012-11-22	beautify login workflow	Azul
	* translating error messages * not caching login and password in js anymore * catching non responses
2012-11-09	seperated the warden classes from the initializer	Azul
	also commented the sessions controller test a bit and fixed it
2012-11-09	got integration test and login flow to work	Azul

2012-11-04	Merge branch 'develop' into feature-warden-srp	Azul
	Conflicts: Gemfile.lock users/app/controllers/application_controller.rb users/leap_web_users.gemspec
2012-10-31	using controller extensions for application controller by hand	Azul

2012-10-30	sending proper error messages from warden.	Azul
	still need to translate these