Skip to content

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also .

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also .
Commits on May 01, 2012
Julian Bäume add password management feature
This is a first version of the feature.
@johnyb johnyb add feature and step definitions for user creation
Integration tests for user creation. This needs a working connection to
the LDAP server and should run without problems, one day.
@johnyb johnyb write debug using logger instead of puts
puts writes to stdout, and logger writes to the logfile (which might be
configured as stdout). This is more clean and doesn’t spam the cucumber
output any longer
@johnyb johnyb add class-attribute to flash elements
This can be used to style errors and alerts accordingly
@johnyb johnyb activate registerable-option from devise
We want our users to register an account.
@johnyb johnyb re-phrase forgot password link in feature
this now matches the string used by devise. Makes implementation more
easy, now :)
@johnyb johnyb add password recover links
Activate forgot password links, makes less tests fail :)
@johnyb johnyb add specs for information stored in ldap
This is a step towards having a few more password styles in the ldap
directory and testing the currently implemented things. It’s useful for
the VPN provided by passe0815 for the freifunk lübeck project to store
smb account information.
@johnyb johnyb store ntlm hashes of users password in ldap
This makes a few more tests pass and it can be used to authenticate at
the VPN provided by passe0815 for freifunk lübeck.
@johnyb johnyb make it more easy to alter the ldap config
rename the config file to end with .template and add the actual config
file to .gitignore. This prevents git from detecting changes to the
config file itsel, while still providing some example configuration for
other users.
Julian Bäume implement step definitions for forget password
brings more cucumber coverage
Julian Bäume add encoding hint to db schema
this wis added after running the migrations on a ruby 1.9 setup
@johnyb johnyb include email_spec gem
this makes it really easy to test e-mail functions within the
@johnyb johnyb do less initialization on each cucumber run
move more static things into the pre block
@johnyb johnyb add default_url_option[:host] for mailer in tests
otherwise devise can’t generate a mail to confirm password reset
@johnyb johnyb refactor test-code
ldap stuff is now in it’s own file and can be moved around quite easy
@johnyb johnyb use correct paths for password links
these paths are generated by devise, we just use them
@johnyb johnyb implement request password reset scenario
we can now request a password reset
@johnyb johnyb make sure there is no user in the db
not only the ldap should be clean, but also the local test db
@johnyb johnyb fix route for passwort reset
devise_for needs to be called before the edit action is defined. This is
needed to make sure /users/password/edit works fine.
@johnyb johnyb implement reset password scenario
now it’s checked, that the password is changed in the database
@johnyb johnyb update all password hashes in ldap on pw reset
before it wasn’t possible to update all our password hashes in the ldap,
when the user resets a password. This commits adds tests to verify the
NT and LM hashes are updated and that the ssha1 password is still not
empty (better checks needed, there)
@johnyb johnyb refactor register action for userscontroller
this action now uses an internal method to share more code with the
password reset action
@johnyb johnyb refactor users_controller actions
be more DRY with ldap initialisation
@johnyb johnyb fix access to ldap_config variable
make ldap_config a method that takes a key and returns the config value
@johnyb johnyb enable reset_password action to reset old accounts
The first version of anduin created only a few needed attributes in the
ldap directory. For the VPN we need a few more attributes and so it’s
now possible to reset the password and have the new attributes written
during that action.
@johnyb johnyb fix spec_helper so spork works better again
obviously the rails-env needs to be initialized on every run, or else
changes on the code won’t be recognized during runs and old code will be
@johnyb johnyb change mailer sender for devise
example addresses are not good on production systems ;)
@johnyb johnyb provide a better errors if reset password fails
users should be informed if their reset password token can’t be found in
the database.
@johnyb johnyb fix problems with ruby 1.8 and utf-8
String in ruby 1.8 doesn’t have an encode-method, use Iconv instead.
Encoding doesn’t exist in ruby 1.8, so just silently ignore it.
Some files need hints, that they contain utf-8 encoded content.
@johnyb johnyb force passwords to be utf-8 encoded
fixes problems with some charecters in passwords
@johnyb johnyb add more routes for user model
expose all actions for user model, since it should be possible to update
the model
@johnyb johnyb assign user in edit action
this is needed to present a form for the specific user
@johnyb johnyb add form to update users email
this email field is used to send reset password information
@johnyb johnyb pluralise git_configs resource
for this resource, plural should be used to allow rails to do all its
@johnyb johnyb add scenario about setting user’s email
The email is needed to allow password recovery. Instructions are sent to
the user by mail, so the password_reset process can be started without
being logged in.
@johnyb johnyb add div around form fields
results in better styling and better structure of the resulting html.
Makes it better styleable
@johnyb johnyb add update action to users_controller
users can no be updated. Authorisation is still missing!
@johnyb johnyb trailing_whitespace-- cdded8f
@johnyb johnyb install cancan gem
We need some kind of authorisation framework and cancan provides the
base for this.
@johnyb johnyb add authorisation to users_controller
Adds some straight forward authorisation for users_controller. Fixes the
problem, that everybody was able to set other users password by changing
their e-mail address.
@johnyb johnyb remove create action for git_configs
It’s not needed. GitConfig instances will be created on creation of a
user instance and be bound to it.
@johnyb johnyb add authorisation for git_configs_controller
user can manage own git config, not other’s. Also using cancan gem
removes some controller code—less code to maintain.
@johnyb johnyb fix user menu scenario
provide a real user to setup complete environment. fixes the scenario.
also remove the @wip tag
@johnyb johnyb only render form if user is available
under some conditions @user might be nil. (when rendered from device
views) and so just check for it. fixes a few scenarios
@johnyb johnyb remove @wip tag from set e-mail address scenario
scenario is now passing fine
@johnyb johnyb Merge pull request #11 from MetaMeute/authorisation
Authorisation and password management
Something went wrong with that request. Please try again.