Age | Commit message (Collapse) | Author | |
---|---|---|---|
2013-09-19 | Merge pull request #82 from azul/feature/sessions-expire | jessib | |
Feature/sessions expire | |||
2013-09-18 | user.account shortcut to Account.new(user) | Azul | |
2013-09-17 | integration tests for session expiry | Azul | |
2013-09-04 | use /login instead of /sessions/new and test successful login | Azul | |
2013-09-03 | Merge pull request #73 from azul/bugfix/3623-teardown-test-data-properly | jessib | |
Bugfix/3623 teardown test data properly | |||
2013-09-03 | Merge pull request #75 from azul/feature/token-expiry | jessib | |
Token expiry | |||
2013-09-03 | Merge pull request #76 from azul/feature/3600-visual-feedback-on-failed-signup | jessib | |
Ensure json requests get json error response on failure | |||
2013-09-03 | Cleanup sessions controller - webapp logs in through the api. | Azul | |
So the #create and #update actions were not needed anymore. Also removed the tests | |||
2013-09-03 | Account: Composition to handle User and its identities | Azul | |
We have a lot of things that act upon a user record and one or more of it's identities at the same time: * Sing up: Create a user and it's initial identity * Rename: Change the username and create a new identity, turn old into an alias * Cancel Account: Remove user and all their identities. In order to keep the User and Identity behaviour isolated but still have a this logic represented in a sinle place the Account model deals with all these things. We could have overwritten the User#create, User#update and User#destroy methods instead. But then we would always create identities, even if we only need a user (for example in tests). | |||
2013-09-03 | cleanup records after running user integration tests | Azul | |
2013-09-03 | simplify users_controller_test | Azul | |
2013-09-03 | don't leave id records behind when unit testing | Azul | |
2013-09-03 | expire token according to config setting auth:token_expires_after | Azul | |
2013-09-03 | use Token#authenticate for authentication | Azul | |
This will return the user. But we can add timestamp validations and updates here. | |||
2013-09-03 | integration test for displaying internal server error during signup | Azul | |
2013-08-30 | there's no need for User#find_by_param. clean it up | Azul | |
2013-08-27 | refactor: Changing the py test to use less globals and session only locally. | Azul | |
2013-08-27 | use token to update user password | Azul | |
2013-08-27 | separate different tests for showing non existant user | Azul | |
This way the failed stubbing errors were more telling | |||
2013-08-27 | token.user will get you the right user | Azul | |
This way we can stub the token to return the user directly. Stubbing User.find_by_param is not a good idea as it will make all calls to User#find_by_param with a different id fail. | |||
2013-08-27 | make sure find_record still works with real records | Azul | |
2013-08-27 | clear token on logout with test | Azul | |
2013-08-27 | basic testing for token based auth in tests | Azul | |
2013-08-27 | first steps towards enabling token based auth | Azul | |
2013-08-27 | minor: remove puts line | Azul | |
2013-08-22 | Merge pull request #69 from azul/bugfix/update_user_password_through_api | jessib | |
Test updating user password through api | |||
2013-08-21 | use the same login validations on sessions and users | Azul | |
The session ones were outdated so valid usernames could not login if they contained a '.' Refactored so both models use the same module for this validation to ensure consistency. | |||
2013-08-21 | also test updating the user password in python against dev.bm | Azul | |
2013-08-21 | integration test updating users password | Azul | |
2013-08-08 | Merge pull request #64 from azul/feature/identity-rewrite | jessib | |
Feature/identity rewrite | |||
2013-08-08 | close srp vulnerability and report error in webapp | Azul | |
2013-08-07 | integration test exploiting srp vulnerability | Azul | |
2013-07-24 | also destroy the identity for a test user during teardown | Azul | |
2013-07-24 | keeping the pgp_key accessors for User so views still work | Azul | |
2013-07-24 | separate signup and settings service objects for user | Azul | |
2013-07-24 | setter for keys for dirty tracking, more robust tests | Azul | |
Just altering identity.keys did not mark identities as changed. Also we now have a sane default for keys. | |||
2013-07-24 | test user validates uniqueness of login amongst aliases | Azul | |
2013-07-24 | support deprecated API to set users main identity pgp key | Azul | |
We'll want to get rid of the #public_key and #public_key= functions but they are still used from the users controller. We'll probably have an identity controller instead at some point. | |||
2013-07-24 | remove email aliases test - we'll move them to identities | Azul | |
2013-07-24 | add keys to identity | Azul | |
2013-07-24 | allow available and unique forwards only | Azul | |
2013-07-24 | validations of email format and local domain moved over | Azul | |
2013-07-24 | local email adds domain if needed | Azul | |
2013-07-24 | testing all versions of emial identities, emails are now strings | Azul | |
2013-07-24 | move identity creation into user class | Azul | |
It's always based on a user and most default values are based on user properties. | |||
2013-07-24 | first take on identity model - still broken | Azul | |
2013-07-16 | adapt srp account_flow test for the api to new ruby_srp API | Azul | |
2013-07-16 | ensure the page has been reloaded before testing current_path | Azul | |
This test would fail sometimes on assert_equal '/', current_path I believe it was a timing issue. page.has_content? will wait for the content to show up. So afterwards the current_path should always be correct. | |||
2013-07-15 | require test_helper from account test so it can be run in isolation | Azul | |
2013-07-14 | make sure capybara runs the whole rack app | Azul | |
We use port 3003 for the integration test server. This test takes a few seconds (~8) now. Most of this is startup time of the server. A second run still takes 2 seconds like before. |