leap_web.git - [leap

Age	Commit message (Collapse)	Author
2013-09-03	Merge pull request #76 from azul/feature/3600-visual-feedback-on-failed-signup	jessib
	Ensure json requests get json error response on failure
2013-09-03	clearify usage of V1::UsersController#index for autocomplete	Azul
	[skip ci]
2013-09-03	use the login logout named route instead of sessions resource	Azul
	The main part of the sessions resource now lives in the API. the two named routes are just fine for what is left.
2013-09-03	remove email aliases controller - we don't use it anymore	Azul

2013-09-03	Cleanup sessions controller - webapp logs in through the api.	Azul
	So the #create and #update actions were not needed anymore. Also removed the tests
2013-09-03	integration test for displaying internal server error during signup	Azul

2013-09-02	Remove references to email_settings controller, which has been removed. An ↵	jessib
	identities controller will replace it.
2013-08-30	there's no need for User#find_by_param. clean it up	Azul

2013-08-27	Not ideal way to do it, but was proving complicated to have a config file ↵	jessib
	specify which gems for which environments. Here, we have the billing gem included for the development and test environments only, hardcoded in the Gemfile. Then we show the links to billing based on a config file setting. The setting itself could be used to specify different types of billing, but isn't yet.
2013-08-27	Merge branch 'master' into billing_with_tests	jessib

2013-08-27	refactor: Changing the py test to use less globals and session only locally.	Azul

2013-08-27	use token to update user password	Azul

2013-08-27	separate different tests for showing non existant user	Azul
	This way the failed stubbing errors were more telling
2013-08-27	token.user will get you the right user	Azul
	This way we can stub the token to return the user directly. Stubbing User.find_by_param is not a good idea as it will make all calls to User#find_by_param with a different id fail.
2013-08-27	do not redirect if no token present	Azul
	So far we allow two mechanisms of authentication: * session based * token based If token fails session will be atempted in most cases. So we can't just redirect here or we get a double render error.
2013-08-27	make sure find_record still works with real records	Azul

2013-08-27	clear token on logout with test	Azul

2013-08-27	basic testing for token based auth in tests	Azul

2013-08-27	first steps towards enabling token based auth	Azul

2013-08-27	sort authentication controller extension	Azul

2013-08-27	minor: remove puts line	Azul

2013-08-22	Merge pull request #69 from azul/bugfix/update_user_password_through_api	jessib
	Test updating user password through api
2013-08-22	Merge pull request #70 from azul/bugfix/validate_login_like_signup	jessib
	use the same login validations on sessions and users
2013-08-21	Merge remote-tracking branch 'jessib/js_warning'	Azul

2013-08-21	return 204 NO CONTENT on API logout	Azul
	That's the only meaningful response.
2013-08-21	use the same login validations on sessions and users	Azul
	The session ones were outdated so valid usernames could not login if they contained a '.' Refactored so both models use the same module for this validation to ensure consistency.
2013-08-21	also test updating the user password in python against dev.bm	Azul

2013-08-21	integration test updating users password	Azul

2013-08-20	Tweak to parameters to fix wrong-number-of-arguments error blocking other work.	jessib

2013-08-19	Change JS warning message per https://leap.se/code/issues/3492	jessib
	Key must end in _html so the html doesn't get escaped.
2013-08-13	Option to disable billing engine and hide billing related links. To actual ↵	jessib
	disable, must remove billing engine from Gemfile (and re-bundle)
2013-08-08	Merge pull request #64 from azul/feature/identity-rewrite	jessib
	Feature/identity rewrite
2013-08-08	close srp vulnerability and report error in webapp	Azul

2013-08-07	integration test exploiting srp vulnerability	Azul

2013-07-25	Have navigation link to new customer form if user is not already a braintree ↵	jessib
	customer.
2013-07-24	also destroy the identity for a test user during teardown	Azul

2013-07-24	keeping the pgp_key accessors for User so views still work	Azul

2013-07-24	separate signup and settings service objects for user	Azul

2013-07-24	removed email settings controller and views	Azul
	PGP setting has been moved into account settings. It's using the API now issueing an Ajax request without any visual feedback. This obviously is not what we want but it hopefully suffices for uploading gpg keys for testing purposes before the Identity UI is in place.
2013-07-24	setter for keys for dirty tracking, more robust tests	Azul
	Just altering identity.keys did not mark identities as changed. Also we now have a sane default for keys.
2013-07-24	test user validates uniqueness of login amongst aliases	Azul

2013-07-24	no need for a remote email class	Azul

2013-07-24	support deprecated API to set users main identity pgp key	Azul
	We'll want to get rid of the #public_key and #public_key= functions but they are still used from the users controller. We'll probably have an identity controller instead at some point.
2013-07-24	remove email aliases test - we'll move them to identities	Azul

2013-07-24	add keys to identity	Azul

2013-07-24	remove the remainders of email aliases and forward from user	Azul

2013-07-24	allow available and unique forwards only	Azul

2013-07-24	validations of email format and local domain moved over	Azul

2013-07-24	local email adds domain if needed	Azul

2013-07-24	testing all versions of emial identities, emails are now strings	Azul