Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-04-08 | moving users: app and test files | Azul | |
2014-04-04 | Merge branch 'bugfix/5382-rescue-token-destruction' into develop | elijah | |
2014-04-04 | redirect home when logged in visits /signup (#5446) | Azul | |
2014-04-04 | 5382 - prevent crash when destroying tokens | Azul | |
An expired token was removed (probably by automatic cleanup) while processing it. So the webapp crashed due to a couch 404. We're preventing that by rescueing from a 404 on Token.delete by default. | |||
2014-02-10 | require token when logging out via API | Azul | |
2014-02-10 | require token when updating user via API | Azul | |
2014-02-10 | split up and expand account integration test | Azul | |
2014-02-10 | refactor tests to ease the testing of token only auth | Azul | |
2014-02-10 | rename authorize to require_login | Azul | |
authorize_admin -> require_admin also add require_token which will ensure token has been used for auth. | |||
2014-02-10 | Merge pull request #134 from jessib/feature/messages_api | azul | |
Feature/messages api | |||
2014-02-06 | integration test with en-EN language | Azul | |
Tests fail on machines that default to other available languages. Also move setting capybara driver to be javascript driver into the BrowserIntegrationTest. | |||
2014-01-27 | Merge branch 'develop' into feature/messages_api | jessib | |
Conflicts: users/config/locales/en.yml | |||
2014-01-23 | added a customizable 'bye' page for when a user leaves | elijah | |
2014-01-21 | Merge branch 'develop' into feature/messages_api | jessib | |
2014-01-14 | ensure auto_update_design_docs is false | Azul | |
2014-01-07 | Some refactoring, to simplify user model, optimize, and allow messages to be ↵ | jessib | |
sorted by date (although are not now.) Also, rather than use whenever gem, will have cron job created to call task. | |||
2013-12-31 | Add authentication to API, but not sure it is best way. | jessib | |
2013-12-31 | Cleanup of code for messages API and cron job for 1 month payment warning. ↵ | jessib | |
Authentication still remaining piece. | |||
2013-12-30 | Change structure to be more no-sql-y, rather than relational. | jessib | |
2013-12-24 | Catching some corner cases & new tests. | jessib | |
2013-12-24 | Add API tests and some refactoring of messages so we can get a user's ↵ | jessib | |
messages within the webapp. | |||
2013-12-22 | locale prefix support: | elijah | |
* set locale based on request header * enforce locale path prefix when current locale is not the default * note: don't use root_path anymore, instead use home_path | |||
2013-12-20 | make sure overview link is active on Users#show | Azul | |
2013-12-16 | Add test. | jessib | |
2013-12-13 | make the possible actions for users and admins configurable | Azul | |
with tests | |||
2013-12-09 | Update tests to reflect using plaintext key. | jessib | |
2013-11-27 | minor: rename test to what it actually tests | Azul | |
[skip ci] | |||
2013-11-26 | simple validation for pgp key format | Azul | |
2013-11-26 | ignore attempts to empty public_key, refactor | Azul | |
refactor: prepare validations of the uploaded pgp keys | |||
2013-11-25 | Give 404 error if one goes to /key/user for non-existing user. | jessib | |
2013-11-21 | Refactoring of code, and tests. | jessib | |
2013-11-12 | Merge pull request #110 from azul/feature/cleanup-expired-tokens | jessib | |
Feature/cleanup expired tokens | |||
2013-11-08 | fix cornercase of non expiring tokens | Azul | |
2013-11-08 | Token.destroy_all_expired to cleanup expired tokens (#4411) | Azul | |
2013-11-07 | only check number of disabled identities to make test more robust | Azul | |
2013-11-06 | use the account lifecycle from UsersController#destroy | Azul | |
2013-11-06 | integration test for blocking handles after account destroyed | Azul | |
has not been run yet. | |||
2013-11-06 | refactor: extract method on account test | Azul | |
also test one can't login anymore after destroying the account. | |||
2013-11-05 | Identity.destroy_all_disabled will clean up disabled identities | Azul | |
This is mostly for cleaning up after tests so far. But we might expand this to destroy all identities disabled before a certain date. | |||
2013-11-05 | disabled identities to block handles after a user was deleted | Azul | |
2013-10-30 | test helper to expect_logout. | Azul | |
Currently it expects both the session and the token to be cleared. This might change. But we'll always have a definition of what it means to logout we can test this way. | |||
2013-10-30 | notify user their account was successfully deleted (refs #4216) | Azul | |
Also fixes a cornercase when admins deleted their own account. So far they would be redirected to the users list - which then refused access. Now they'll be redirected to the home landing page as well. | |||
2013-10-28 | no need to create a user for testing failed login attempt | Azul | |
2013-10-28 | reset button loading... state on error (#4231) | Azul | |
including test refactored error display some | |||
2013-10-18 | test logging in through the API using python with umlauts | Azul | |
2013-10-17 | blacklist system logins for aliases and logins | Azul | |
We blacklist based on three things: * blacklist in APP_CONFIG[:handle_blacklist] * emails in RFC 2142 * usernames in /etc/passwd The latter two can be allowed by explicitly whitelisting them in APP_CONFIG[:handle_whitelist]. We stick to blocking names that have been configured as both blacklisted and whitelisted - better be save than sorry. | |||
2013-09-26 | Since local part of email is case sensitive, want to allow remote email ↵ | jessib | |
addresses with uppercase letters in local part. | |||
2013-09-25 | visual feedback when submitting forms (#3164) | Azul | |
This also helps with the failing integration test. We needed a way to tell the ajax request was back. Observing the button state now works for that. | |||
2013-09-24 | use token auth when accessing the api from webapp | Azul | |
One failing integration test still needs to be fixed | |||
2013-09-23 | This ensures that email addresses contain only lowercase letters, and that ↵ | jessib | |
an identity's destination is a valid Email. |