summaryrefslogtreecommitdiff
path: root/users/test
AgeCommit message (Collapse)Author
2013-08-08close srp vulnerability and report error in webappAzul
2013-08-07integration test exploiting srp vulnerabilityAzul
2013-07-16adapt srp account_flow test for the api to new ruby_srp APIAzul
2013-07-16ensure the page has been reloaded before testing current_pathAzul
This test would fail sometimes on assert_equal '/', current_path I believe it was a timing issue. page.has_content? will wait for the content to show up. So afterwards the current_path should always be correct.
2013-07-15require test_helper from account test so it can be run in isolationAzul
2013-07-14make sure capybara runs the whole rack appAzul
We use port 3003 for the integration test server. This test takes a few seconds (~8) now. Most of this is startup time of the server. A second run still takes 2 seconds like before.
2013-07-14we do not expose M2 in srp.js anymore.Azul
So there is no way to print it. This message used to be correct but there are also other things that can cause this to fail now. So let's just remove it.
2013-07-14js integration test for signup, login, logoutAzul
2013-07-12remove test for duplicate login - we'll prevent that on the client sideAzul
SRP happens in two steps: * handshake * validation During the validation we delete the handshake data from the session. So a second validation does not really work. It could build upon the first one but it would not be able to send M2 to the client. So instead of trying to do sth. usefull when two validation requests are send we require the client to only send one.
2013-07-11fix failing testselijah
2013-07-08Merge branch 'master' into feature/disable_accountjessib
Conflicts: users/app/controllers/users_controller.rb users/app/helpers/users_helper.rb users/app/views/users/edit.html.haml users/app/views/users/show.html.haml users/config/locales/en.yml
2013-07-04Add tests for enabling/deactivating.jessib
2013-07-04fix ticket tests, get :admin_user factory to work.elijah
2013-07-04user tests -- user update has been moved entirely to api controller, so fix ↵elijah
tests to reflect this.
2013-07-04test - we allow updating of username via api nowelijah
2013-07-01redirect to root_path after canceling accountAzul
login makes little sense. This change was applied already... just updated the test
2013-04-25Merge pull request #40 from azul/feature/token-authjessib
Token auth with a database of it's own
2013-04-24added test for pgp key viewAzul
2013-04-09adopting tests to new behaviorAzul
2013-04-09return token on successful login via apiAzul
2013-04-09let's use safe ids instead of the default couch onesAzul
Couch uses partly random partly sequential ids by default. We could change that in couch config to be all random. But this is probably more safe.
2013-04-09initial token model and unit testAzul
2013-04-03make sure user tests also run when run from users subdirAzul
* The APP_CONFIG needs to be initialized in core so that is required from other engines * paths for load_views need to be relative to the model - not to rails root.
2013-04-03fixed tests to use setup and teardown blocksAzul
2013-04-02send more meaningful error message on completely failed login attemptAzul
2013-04-02send salt on Session#create without srp ephemeral AAzul
2013-03-05Merge branch 'master' into feature/limit_user_leakAzul
Conflicts: users/lib/warden/strategies/secure_remote_password.rb
2013-03-04Update tests and documentation to reflect changed error messages with ↵jessib
incorrect username or password on login attempt.
2013-03-04make api test script work with bitmask and print logAzul
2013-03-01Merge pull request #32 from azul/feature/api-version-1-fixesazul
Feature: API version 1 fixes
2013-02-26api for sessions fixedAzul
* now we return the user id on login * allow a destroy request for logging out * added test for api sessions controller
2013-02-25Admins cannot update a user. Eventually we will want to allow admins to ↵jessib
update some user fields.
2013-02-06we don't add srp stuff to user class anymoreAzul
warden srp strategy in lib has it all.
2013-02-06using ruby-srp 0.1.5 SRP::Client to wrap user in sessionAzul
2013-01-31Remove public key if the key is passed as nil, but not otherwise.jessib
There was a weird case with reloading the user in the test if the public key had been unset.
2013-01-29A user's public_key is the only attribute they should be able to update via API.jessib
2013-01-29Allow PUT API to update user.jessib
2013-01-24Removing aliases from webfinger as the link wouldn't work anyway, and don't ↵jessib
want to leak ID information.
2013-01-23functional test for webfingerAzul
2013-01-23added a small test for HostMetaPresenter and using links hash in xml viewAzul
2013-01-23added unit tests for user presenterAzul
changed the way the presenter works. Will need functional testing
2013-01-18Merge remote-tracking branch 'origin/master' into feature/fixed-email-addressAzul
Conflicts: users/app/views/emails/_email.html.haml
2013-01-17Merge pull request #17 from leapcode/feature/tickets_controllers_simplificationazul
Refactoring of tickets controller to fetch the ticket in a before filter...
2013-01-17Merge pull request #16 from leapcode/feature/fixing-routes-with-apiazul
Fixing routes with api
2013-01-18minor: smalles fix ever - is_admin? has a questionmarkAzul
2013-01-17Should be able to create a user when not logged in.jessib
This isn't ready to merge, as there is an issue with logging in as an admin in the test.
2013-01-17unit tests passingAzul
2013-01-16incomplete initial changes to make email address just login@domain.tldAzul
This involves a number of other changes like making sure the comparison between aliases and emails still works. Will do that by removing the @domain.tld from aliases as well.
2013-01-16using subdomain for api requests properlyAzul
2013-01-14Merge branch 'master' into feature/show_user. Added new tests.jessib
Conflicts: users/test/functional/users_controller_test.rb