leap_web.git - [leap

Age	Commit message (Collapse)	Author
2013-09-18	user.account shortcut to Account.new(user)	Azul

2013-09-04	use /login instead of /sessions/new and test successful login	Azul

2013-09-03	Merge pull request #73 from azul/bugfix/3623-teardown-test-data-properly	jessib
	Bugfix/3623 teardown test data properly
2013-09-03	Merge pull request #75 from azul/feature/token-expiry	jessib
	Token expiry
2013-09-03	Merge pull request #76 from azul/feature/3600-visual-feedback-on-failed-signup	jessib
	Ensure json requests get json error response on failure
2013-09-03	Cleanup sessions controller - webapp logs in through the api.	Azul
	So the #create and #update actions were not needed anymore. Also removed the tests
2013-09-03	Account: Composition to handle User and its identities	Azul
	We have a lot of things that act upon a user record and one or more of it's identities at the same time: * Sing up: Create a user and it's initial identity * Rename: Change the username and create a new identity, turn old into an alias * Cancel Account: Remove user and all their identities. In order to keep the User and Identity behaviour isolated but still have a this logic represented in a sinle place the Account model deals with all these things. We could have overwritten the User#create, User#update and User#destroy methods instead. But then we would always create identities, even if we only need a user (for example in tests).
2013-09-03	cleanup records after running user integration tests	Azul

2013-09-03	simplify users_controller_test	Azul

2013-09-03	don't leave id records behind when unit testing	Azul

2013-09-03	expire token according to config setting auth:token_expires_after	Azul

2013-09-03	use Token#authenticate for authentication	Azul
	This will return the user. But we can add timestamp validations and updates here.
2013-09-03	integration test for displaying internal server error during signup	Azul

2013-08-30	there's no need for User#find_by_param. clean it up	Azul

2013-08-27	refactor: Changing the py test to use less globals and session only locally.	Azul

2013-08-27	use token to update user password	Azul

2013-08-27	separate different tests for showing non existant user	Azul
	This way the failed stubbing errors were more telling
2013-08-27	token.user will get you the right user	Azul
	This way we can stub the token to return the user directly. Stubbing User.find_by_param is not a good idea as it will make all calls to User#find_by_param with a different id fail.
2013-08-27	make sure find_record still works with real records	Azul

2013-08-27	clear token on logout with test	Azul

2013-08-27	basic testing for token based auth in tests	Azul

2013-08-27	first steps towards enabling token based auth	Azul

2013-08-27	minor: remove puts line	Azul

2013-08-22	Merge pull request #69 from azul/bugfix/update_user_password_through_api	jessib
	Test updating user password through api
2013-08-21	use the same login validations on sessions and users	Azul
	The session ones were outdated so valid usernames could not login if they contained a '.' Refactored so both models use the same module for this validation to ensure consistency.
2013-08-21	also test updating the user password in python against dev.bm	Azul

2013-08-21	integration test updating users password	Azul

2013-08-08	Merge pull request #64 from azul/feature/identity-rewrite	jessib
	Feature/identity rewrite
2013-08-08	close srp vulnerability and report error in webapp	Azul

2013-08-07	integration test exploiting srp vulnerability	Azul

2013-07-24	also destroy the identity for a test user during teardown	Azul

2013-07-24	keeping the pgp_key accessors for User so views still work	Azul

2013-07-24	separate signup and settings service objects for user	Azul

2013-07-24	setter for keys for dirty tracking, more robust tests	Azul
	Just altering identity.keys did not mark identities as changed. Also we now have a sane default for keys.
2013-07-24	test user validates uniqueness of login amongst aliases	Azul

2013-07-24	support deprecated API to set users main identity pgp key	Azul
	We'll want to get rid of the #public_key and #public_key= functions but they are still used from the users controller. We'll probably have an identity controller instead at some point.
2013-07-24	remove email aliases test - we'll move them to identities	Azul

2013-07-24	add keys to identity	Azul

2013-07-24	allow available and unique forwards only	Azul

2013-07-24	validations of email format and local domain moved over	Azul

2013-07-24	local email adds domain if needed	Azul

2013-07-24	testing all versions of emial identities, emails are now strings	Azul

2013-07-24	move identity creation into user class	Azul
	It's always based on a user and most default values are based on user properties.
2013-07-24	first take on identity model - still broken	Azul

2013-07-16	adapt srp account_flow test for the api to new ruby_srp API	Azul

2013-07-16	ensure the page has been reloaded before testing current_path	Azul
	This test would fail sometimes on assert_equal '/', current_path I believe it was a timing issue. page.has_content? will wait for the content to show up. So afterwards the current_path should always be correct.
2013-07-15	require test_helper from account test so it can be run in isolation	Azul

2013-07-14	make sure capybara runs the whole rack app	Azul
	We use port 3003 for the integration test server. This test takes a few seconds (~8) now. Most of this is startup time of the server. A second run still takes 2 seconds like before.
2013-07-14	we do not expose M2 in srp.js anymore.	Azul
	So there is no way to print it. This message used to be correct but there are also other things that can cause this to fail now. So let's just remove it.
2013-07-14	js integration test for signup, login, logout	Azul