Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

Authorisation and password management #11

Merged
merged 46 commits into from

1 participant

@johnyb
Owner

should be merged into master. seems kind of complete to me. still could use some refactoring but it works fine for now

Julian Bäume and others added some commits
Julian Bäume add password management feature
This is a first version of the feature.
c670c7c
@johnyb johnyb add feature and step definitions for user creation
Integration tests for user creation. This needs a working connection to
the LDAP server and should run without problems, one day.
0f43f03
@johnyb johnyb write debug using logger instead of puts
puts writes to stdout, and logger writes to the logfile (which might be
configured as stdout). This is more clean and doesn’t spam the cucumber
output any longer
5b507f4
@johnyb johnyb add class-attribute to flash elements
This can be used to style errors and alerts accordingly
cdc02a6
@johnyb johnyb activate registerable-option from devise
We want our users to register an account.
eab3429
@johnyb johnyb re-phrase forgot password link in feature
this now matches the string used by devise. Makes implementation more
easy, now :)
f9f8400
@johnyb johnyb add password recover links
Activate forgot password links, makes less tests fail :)
21fbb23
@johnyb johnyb add specs for information stored in ldap
This is a step towards having a few more password styles in the ldap
directory and testing the currently implemented things. It’s useful for
the VPN provided by passe0815 for the freifunk lübeck project to store
smb account information.
e1d967c
@johnyb johnyb store ntlm hashes of users password in ldap
This makes a few more tests pass and it can be used to authenticate at
the VPN provided by passe0815 for freifunk lübeck.
dd8bf26
@johnyb johnyb make it more easy to alter the ldap config
rename the config file to end with .template and add the actual config
file to .gitignore. This prevents git from detecting changes to the
config file itsel, while still providing some example configuration for
other users.
a457bc3
Julian Bäume implement step definitions for forget password
brings more cucumber coverage
4056224
Julian Bäume add encoding hint to db schema
this wis added after running the migrations on a ruby 1.9 setup
338191e
@johnyb johnyb include email_spec gem
this makes it really easy to test e-mail functions within the
application.
7eeb561
@johnyb johnyb do less initialization on each cucumber run
move more static things into the pre block
f9e6ee0
@johnyb johnyb add default_url_option[:host] for mailer in tests
otherwise devise can’t generate a mail to confirm password reset
f8fbe1c
@johnyb johnyb refactor test-code
ldap stuff is now in it’s own file and can be moved around quite easy
74cc4b0
@johnyb johnyb use correct paths for password links
these paths are generated by devise, we just use them
ce3d480
@johnyb johnyb implement request password reset scenario
we can now request a password reset
9dcfaee
@johnyb johnyb make sure there is no user in the db
not only the ldap should be clean, but also the local test db
6cfc3da
@johnyb johnyb fix route for passwort reset
devise_for needs to be called before the edit action is defined. This is
needed to make sure /users/password/edit works fine.
40d4b9e
@johnyb johnyb implement reset password scenario
now it’s checked, that the password is changed in the database
add3b3b
@johnyb johnyb update all password hashes in ldap on pw reset
before it wasn’t possible to update all our password hashes in the ldap,
when the user resets a password. This commits adds tests to verify the
NT and LM hashes are updated and that the ssha1 password is still not
empty (better checks needed, there)
4693236
@johnyb johnyb refactor register action for userscontroller
this action now uses an internal method to share more code with the
password reset action
aa92d22
@johnyb johnyb refactor users_controller actions
be more DRY with ldap initialisation
84c4b90
@johnyb johnyb fix access to ldap_config variable
make ldap_config a method that takes a key and returns the config value
ba3609d
@johnyb johnyb enable reset_password action to reset old accounts
The first version of anduin created only a few needed attributes in the
ldap directory. For the VPN we need a few more attributes and so it’s
now possible to reset the password and have the new attributes written
during that action.
c2212a1
@johnyb johnyb fix spec_helper so spork works better again
obviously the rails-env needs to be initialized on every run, or else
changes on the code won’t be recognized during runs and old code will be
run.
1b62b5f
@johnyb johnyb change mailer sender for devise
example addresses are not good on production systems ;)
1224239
@johnyb johnyb provide a better errors if reset password fails
users should be informed if their reset password token can’t be found in
the database.
90528a9
@johnyb johnyb fix problems with ruby 1.8 and utf-8
String in ruby 1.8 doesn’t have an encode-method, use Iconv instead.
Encoding doesn’t exist in ruby 1.8, so just silently ignore it.
Some files need hints, that they contain utf-8 encoded content.
c8ad444
@johnyb johnyb force passwords to be utf-8 encoded
fixes problems with some charecters in passwords
60b3145
@johnyb johnyb add more routes for user model
expose all actions for user model, since it should be possible to update
the model
5d32e4d
@johnyb johnyb assign user in edit action
this is needed to present a form for the specific user
f5ac41a
@johnyb johnyb add form to update users email
this email field is used to send reset password information
65bc59a
@johnyb johnyb pluralise git_configs resource
for this resource, plural should be used to allow rails to do all its
magic
ba7edff
@johnyb johnyb add scenario about setting user’s email
The email is needed to allow password recovery. Instructions are sent to
the user by mail, so the password_reset process can be started without
being logged in.
a117e66
@johnyb johnyb add div around form fields
results in better styling and better structure of the resulting html.
Makes it better styleable
814f2fe
@johnyb johnyb add update action to users_controller
users can no be updated. Authorisation is still missing!
b848515
@johnyb johnyb trailing_whitespace-- cdded8f
@johnyb johnyb install cancan gem
We need some kind of authorisation framework and cancan provides the
base for this.
ae6ae08
@johnyb johnyb add authorisation to users_controller
Adds some straight forward authorisation for users_controller. Fixes the
problem, that everybody was able to set other users password by changing
their e-mail address.
cd859f2
@johnyb johnyb remove create action for git_configs
It’s not needed. GitConfig instances will be created on creation of a
user instance and be bound to it.
4a41e3e
@johnyb johnyb add authorisation for git_configs_controller
user can manage own git config, not other’s. Also using cancan gem
removes some controller code—less code to maintain.
db9b46a
@johnyb johnyb fix user menu scenario
provide a real user to setup complete environment. fixes the scenario.
also remove the @wip tag
b6c6945
@johnyb johnyb only render form if user is available
under some conditions @user might be nil. (when rendered from device
views) and so just check for it. fixes a few scenarios
3089617
@johnyb johnyb remove @wip tag from set e-mail address scenario
scenario is now passing fine
9829818
@johnyb johnyb merged commit b5f1d80 into master
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on May 1, 2012
  1. @johnyb

    add password management feature

    Julian Bäume authored johnyb committed
    This is a first version of the feature.
  2. @johnyb

    add feature and step definitions for user creation

    johnyb authored
    Integration tests for user creation. This needs a working connection to
    the LDAP server and should run without problems, one day.
  3. @johnyb

    write debug using logger instead of puts

    johnyb authored
    puts writes to stdout, and logger writes to the logfile (which might be
    configured as stdout). This is more clean and doesn’t spam the cucumber
    output any longer
  4. @johnyb

    add class-attribute to flash elements

    johnyb authored
    This can be used to style errors and alerts accordingly
  5. @johnyb

    activate registerable-option from devise

    johnyb authored
    We want our users to register an account.
  6. @johnyb

    re-phrase forgot password link in feature

    johnyb authored
    this now matches the string used by devise. Makes implementation more
    easy, now :)
  7. @johnyb

    add password recover links

    johnyb authored
    Activate forgot password links, makes less tests fail :)
  8. @johnyb

    add specs for information stored in ldap

    johnyb authored
    This is a step towards having a few more password styles in the ldap
    directory and testing the currently implemented things. It’s useful for
    the VPN provided by passe0815 for the freifunk lübeck project to store
    smb account information.
  9. @johnyb

    store ntlm hashes of users password in ldap

    johnyb authored
    This makes a few more tests pass and it can be used to authenticate at
    the VPN provided by passe0815 for freifunk lübeck.
  10. @johnyb

    make it more easy to alter the ldap config

    johnyb authored
    rename the config file to end with .template and add the actual config
    file to .gitignore. This prevents git from detecting changes to the
    config file itsel, while still providing some example configuration for
    other users.
  11. @johnyb

    implement step definitions for forget password

    Julian Bäume authored johnyb committed
    brings more cucumber coverage
  12. @johnyb

    add encoding hint to db schema

    Julian Bäume authored johnyb committed
    this wis added after running the migrations on a ruby 1.9 setup
  13. @johnyb

    include email_spec gem

    johnyb authored
    this makes it really easy to test e-mail functions within the
    application.
  14. @johnyb

    do less initialization on each cucumber run

    johnyb authored
    move more static things into the pre block
  15. @johnyb

    add default_url_option[:host] for mailer in tests

    johnyb authored
    otherwise devise can’t generate a mail to confirm password reset
  16. @johnyb

    refactor test-code

    johnyb authored
    ldap stuff is now in it’s own file and can be moved around quite easy
  17. @johnyb

    use correct paths for password links

    johnyb authored
    these paths are generated by devise, we just use them
  18. @johnyb

    implement request password reset scenario

    johnyb authored
    we can now request a password reset
  19. @johnyb

    make sure there is no user in the db

    johnyb authored
    not only the ldap should be clean, but also the local test db
  20. @johnyb

    fix route for passwort reset

    johnyb authored
    devise_for needs to be called before the edit action is defined. This is
    needed to make sure /users/password/edit works fine.
  21. @johnyb

    implement reset password scenario

    johnyb authored
    now it’s checked, that the password is changed in the database
  22. @johnyb

    update all password hashes in ldap on pw reset

    johnyb authored
    before it wasn’t possible to update all our password hashes in the ldap,
    when the user resets a password. This commits adds tests to verify the
    NT and LM hashes are updated and that the ssha1 password is still not
    empty (better checks needed, there)
  23. @johnyb

    refactor register action for userscontroller

    johnyb authored
    this action now uses an internal method to share more code with the
    password reset action
  24. @johnyb

    refactor users_controller actions

    johnyb authored
    be more DRY with ldap initialisation
  25. @johnyb

    fix access to ldap_config variable

    johnyb authored
    make ldap_config a method that takes a key and returns the config value
  26. @johnyb

    enable reset_password action to reset old accounts

    johnyb authored
    The first version of anduin created only a few needed attributes in the
    ldap directory. For the VPN we need a few more attributes and so it’s
    now possible to reset the password and have the new attributes written
    during that action.
  27. @johnyb

    fix spec_helper so spork works better again

    johnyb authored
    obviously the rails-env needs to be initialized on every run, or else
    changes on the code won’t be recognized during runs and old code will be
    run.
  28. @johnyb

    change mailer sender for devise

    johnyb authored
    example addresses are not good on production systems ;)
  29. @johnyb

    provide a better errors if reset password fails

    johnyb authored
    users should be informed if their reset password token can’t be found in
    the database.
  30. @johnyb

    fix problems with ruby 1.8 and utf-8

    johnyb authored
    String in ruby 1.8 doesn’t have an encode-method, use Iconv instead.
    Encoding doesn’t exist in ruby 1.8, so just silently ignore it.
    Some files need hints, that they contain utf-8 encoded content.
  31. @johnyb

    force passwords to be utf-8 encoded

    johnyb authored
    fixes problems with some charecters in passwords
  32. @johnyb

    add more routes for user model

    johnyb authored
    expose all actions for user model, since it should be possible to update
    the model
  33. @johnyb

    assign user in edit action

    johnyb authored
    this is needed to present a form for the specific user
  34. @johnyb

    add form to update users email

    johnyb authored
    this email field is used to send reset password information
  35. @johnyb

    pluralise git_configs resource

    johnyb authored
    for this resource, plural should be used to allow rails to do all its
    magic
  36. @johnyb

    add scenario about setting user’s email

    johnyb authored
    The email is needed to allow password recovery. Instructions are sent to
    the user by mail, so the password_reset process can be started without
    being logged in.
  37. @johnyb

    add div around form fields

    johnyb authored
    results in better styling and better structure of the resulting html.
    Makes it better styleable
  38. @johnyb

    add update action to users_controller

    johnyb authored
    users can no be updated. Authorisation is still missing!
  39. @johnyb

    trailing_whitespace--

    johnyb authored
  40. @johnyb

    install cancan gem

    johnyb authored
    We need some kind of authorisation framework and cancan provides the
    base for this.
  41. @johnyb

    add authorisation to users_controller

    johnyb authored
    Adds some straight forward authorisation for users_controller. Fixes the
    problem, that everybody was able to set other users password by changing
    their e-mail address.
  42. @johnyb

    remove create action for git_configs

    johnyb authored
    It’s not needed. GitConfig instances will be created on creation of a
    user instance and be bound to it.
  43. @johnyb

    add authorisation for git_configs_controller

    johnyb authored
    user can manage own git config, not other’s. Also using cancan gem
    removes some controller code—less code to maintain.
  44. @johnyb

    fix user menu scenario

    johnyb authored
    provide a real user to setup complete environment. fixes the scenario.
    also remove the @wip tag
  45. @johnyb

    only render form if user is available

    johnyb authored
    under some conditions @user might be nil. (when rendered from device
    views) and so just check for it. fixes a few scenarios
  46. @johnyb

    remove @wip tag from set e-mail address scenario

    johnyb authored
    scenario is now passing fine
Something went wrong with that request. Please try again.