leap_web.git - [leap

Age	Commit message (Collapse)	Author
2013-09-26	Since local part of email is case sensitive, want to allow remote email ↵	jessib
	addresses with uppercase letters in local part.
2013-09-25	visual feedback when submitting forms (#3164)	Azul
	This also helps with the failing integration test. We needed a way to tell the ajax request was back. Observing the button state now works for that.
2013-09-24	use token auth when accessing the api from webapp	Azul
	One failing integration test still needs to be fixed
2013-09-23	This ensures that email addresses contain only lowercase letters, and that ↵	jessib
	an identity's destination is a valid Email.
2013-09-19	Merge branch 'develop' into feature/only_lower_case_aliases	jessib

2013-09-19	Merge pull request #82 from azul/feature/sessions-expire	jessib
	Feature/sessions expire
2013-09-18	user.account shortcut to Account.new(user)	Azul

2013-09-17	integration tests for session expiry	Azul

2013-09-09	Merge branch 'develop' into feature/only_lower_case_aliases	jessib

2013-09-05	For moment, have identity's address handle aliased from login so we can use ↵	jessib
	LoginFormatValidation. However, this is not how we will want it eventually. One issue is that the errors messages are set on login, rather than the appropriate field.
2013-09-05	Test of failing to add non-local email address as an identity's address.	jessib

2013-09-04	use /login instead of /sessions/new and test successful login	Azul

2013-09-03	Merge pull request #73 from azul/bugfix/3623-teardown-test-data-properly	jessib
	Bugfix/3623 teardown test data properly
2013-09-03	Merge pull request #75 from azul/feature/token-expiry	jessib
	Token expiry
2013-09-03	Merge pull request #76 from azul/feature/3600-visual-feedback-on-failed-signup	jessib
	Ensure json requests get json error response on failure
2013-09-03	Cleanup sessions controller - webapp logs in through the api.	Azul
	So the #create and #update actions were not needed anymore. Also removed the tests
2013-09-03	Account: Composition to handle User and its identities	Azul
	We have a lot of things that act upon a user record and one or more of it's identities at the same time: * Sing up: Create a user and it's initial identity * Rename: Change the username and create a new identity, turn old into an alias * Cancel Account: Remove user and all their identities. In order to keep the User and Identity behaviour isolated but still have a this logic represented in a sinle place the Account model deals with all these things. We could have overwritten the User#create, User#update and User#destroy methods instead. But then we would always create identities, even if we only need a user (for example in tests).
2013-09-03	cleanup records after running user integration tests	Azul

2013-09-03	simplify users_controller_test	Azul

2013-09-03	don't leave id records behind when unit testing	Azul

2013-09-03	expire token according to config setting auth:token_expires_after	Azul

2013-09-03	use Token#authenticate for authentication	Azul
	This will return the user. But we can add timestamp validations and updates here.
2013-09-03	integration test for displaying internal server error during signup	Azul

2013-08-30	there's no need for User#find_by_param. clean it up	Azul

2013-08-27	refactor: Changing the py test to use less globals and session only locally.	Azul

2013-08-27	use token to update user password	Azul

2013-08-27	separate different tests for showing non existant user	Azul
	This way the failed stubbing errors were more telling
2013-08-27	token.user will get you the right user	Azul
	This way we can stub the token to return the user directly. Stubbing User.find_by_param is not a good idea as it will make all calls to User#find_by_param with a different id fail.
2013-08-27	make sure find_record still works with real records	Azul

2013-08-27	clear token on logout with test	Azul

2013-08-27	basic testing for token based auth in tests	Azul

2013-08-27	first steps towards enabling token based auth	Azul

2013-08-27	minor: remove puts line	Azul

2013-08-22	Merge pull request #69 from azul/bugfix/update_user_password_through_api	jessib
	Test updating user password through api
2013-08-21	use the same login validations on sessions and users	Azul
	The session ones were outdated so valid usernames could not login if they contained a '.' Refactored so both models use the same module for this validation to ensure consistency.
2013-08-21	also test updating the user password in python against dev.bm	Azul

2013-08-21	integration test updating users password	Azul

2013-08-08	Merge pull request #64 from azul/feature/identity-rewrite	jessib
	Feature/identity rewrite
2013-08-08	close srp vulnerability and report error in webapp	Azul

2013-08-07	integration test exploiting srp vulnerability	Azul

2013-07-24	also destroy the identity for a test user during teardown	Azul

2013-07-24	keeping the pgp_key accessors for User so views still work	Azul

2013-07-24	separate signup and settings service objects for user	Azul

2013-07-24	setter for keys for dirty tracking, more robust tests	Azul
	Just altering identity.keys did not mark identities as changed. Also we now have a sane default for keys.
2013-07-24	test user validates uniqueness of login amongst aliases	Azul

2013-07-24	support deprecated API to set users main identity pgp key	Azul
	We'll want to get rid of the #public_key and #public_key= functions but they are still used from the users controller. We'll probably have an identity controller instead at some point.
2013-07-24	remove email aliases test - we'll move them to identities	Azul

2013-07-24	add keys to identity	Azul

2013-07-24	allow available and unique forwards only	Azul

2013-07-24	validations of email format and local domain moved over	Azul