summaryrefslogtreecommitdiff
path: root/users/test/unit
AgeCommit message (Collapse)Author
2014-04-08moving users: app and test filesAzul
2014-04-045382 - prevent crash when destroying tokensAzul
An expired token was removed (probably by automatic cleanup) while processing it. So the webapp crashed due to a couch 404. We're preventing that by rescueing from a 404 on Token.delete by default.
2014-02-10rename authorize to require_loginAzul
authorize_admin -> require_admin also add require_token which will ensure token has been used for auth.
2014-01-14ensure auto_update_design_docs is falseAzul
2013-11-12Merge pull request #110 from azul/feature/cleanup-expired-tokensjessib
Feature/cleanup expired tokens
2013-11-08fix cornercase of non expiring tokensAzul
2013-11-08Token.destroy_all_expired to cleanup expired tokens (#4411)Azul
2013-11-07only check number of disabled identities to make test more robustAzul
2013-11-05Identity.destroy_all_disabled will clean up disabled identitiesAzul
This is mostly for cleaning up after tests so far. But we might expand this to destroy all identities disabled before a certain date.
2013-11-05disabled identities to block handles after a user was deletedAzul
2013-10-17blacklist system logins for aliases and loginsAzul
We blacklist based on three things: * blacklist in APP_CONFIG[:handle_blacklist] * emails in RFC 2142 * usernames in /etc/passwd The latter two can be allowed by explicitly whitelisting them in APP_CONFIG[:handle_whitelist]. We stick to blocking names that have been configured as both blacklisted and whitelisted - better be save than sorry.
2013-09-26Since local part of email is case sensitive, want to allow remote email ↵jessib
addresses with uppercase letters in local part.
2013-09-23This ensures that email addresses contain only lowercase letters, and that ↵jessib
an identity's destination is a valid Email.
2013-09-19Merge branch 'develop' into feature/only_lower_case_aliasesjessib
2013-09-18user.account shortcut to Account.new(user)Azul
2013-09-05For moment, have identity's address handle aliased from login so we can use ↵jessib
LoginFormatValidation. However, this is not how we will want it eventually. One issue is that the errors messages are set on login, rather than the appropriate field.
2013-09-05Test of failing to add non-local email address as an identity's address.jessib
2013-09-03Merge pull request #73 from azul/bugfix/3623-teardown-test-data-properlyjessib
Bugfix/3623 teardown test data properly
2013-09-03Account: Composition to handle User and its identitiesAzul
We have a lot of things that act upon a user record and one or more of it's identities at the same time: * Sing up: Create a user and it's initial identity * Rename: Change the username and create a new identity, turn old into an alias * Cancel Account: Remove user and all their identities. In order to keep the User and Identity behaviour isolated but still have a this logic represented in a sinle place the Account model deals with all these things. We could have overwritten the User#create, User#update and User#destroy methods instead. But then we would always create identities, even if we only need a user (for example in tests).
2013-09-03don't leave id records behind when unit testingAzul
2013-09-03expire token according to config setting auth:token_expires_afterAzul
2013-08-30there's no need for User#find_by_param. clean it upAzul
2013-07-24keeping the pgp_key accessors for User so views still workAzul
2013-07-24separate signup and settings service objects for userAzul
2013-07-24setter for keys for dirty tracking, more robust testsAzul
Just altering identity.keys did not mark identities as changed. Also we now have a sane default for keys.
2013-07-24test user validates uniqueness of login amongst aliasesAzul
2013-07-24support deprecated API to set users main identity pgp keyAzul
We'll want to get rid of the #public_key and #public_key= functions but they are still used from the users controller. We'll probably have an identity controller instead at some point.
2013-07-24remove email aliases test - we'll move them to identitiesAzul
2013-07-24add keys to identityAzul
2013-07-24allow available and unique forwards onlyAzul
2013-07-24validations of email format and local domain moved overAzul
2013-07-24local email adds domain if neededAzul
2013-07-24testing all versions of emial identities, emails are now stringsAzul
2013-07-24move identity creation into user classAzul
It's always based on a user and most default values are based on user properties.
2013-07-24first take on identity model - still brokenAzul
2013-04-25Merge pull request #40 from azul/feature/token-authjessib
Token auth with a database of it's own
2013-04-24added test for pgp key viewAzul
2013-04-09let's use safe ids instead of the default couch onesAzul
Couch uses partly random partly sequential ids by default. We could change that in couch config to be all random. But this is probably more safe.
2013-04-09initial token model and unit testAzul
2013-02-06we don't add srp stuff to user class anymoreAzul
warden srp strategy in lib has it all.
2013-01-24Removing aliases from webfinger as the link wouldn't work anyway, and don't ↵jessib
want to leak ID information.
2013-01-23added a small test for HostMetaPresenter and using links hash in xml viewAzul
2013-01-23added unit tests for user presenterAzul
changed the way the presenter works. Will need functional testing
2013-01-17unit tests passingAzul
2013-01-14got users controller test to pass - tickets controller test next.Azul
2012-12-20fixed tests, testing corner cases, fixed theseAzul
2012-12-18only destroy user that has been persisted in teardownAzul
2012-12-18refactored email_alias creation and validationAzul
using CouchRests user.email_aliases.build so the casted_by method is set in the alias Used this to move the validations into the alias itself. This is where they belong and allows us to render the errors inline along the email field they belong to.
2012-12-13Merge branch 'master' into developAzul
Conflicts: users/test/unit/user_test.rb
2012-12-13refactor: changed add_email to add_email_aliasAzul
that's what it does. Changed all tests to use it instead of the attributes method