Commit Graph

989 Commits

Author SHA1 Message Date
Hannah Wolfe
8d46705dbb Disable user validation and errors on login
fixes #3658

- Catch any errors from user.save() events during login
- Prevent validation from happening at all when only updating status/last_login
- Fixes a problem I introduced with errors which are arrays in logError
2014-08-08 13:12:17 +01:00
Fabian Becker
9915fb1268 Fix revoke user invite and user.destroy
fixes #3630
- Extend user adapter in ember to load users with status: all
- Fix user.destroy by loading all users with status: all
2014-08-06 16:48:18 +00:00
Hannah Wolfe
c95c9b45cb Merge pull request #3621 from sebgie/fix-refresh-token
Fix token refresh
2014-08-06 10:34:20 +01:00
Sebastian Gierlinger
3908dbdf8f Merge pull request #3620 from ErisDS/issue-3589
Cleaner spam prevention error messages
2014-08-06 11:17:29 +02:00
Sebastian Gierlinger
b2e9d21018 Fix token refresh
no issue
- spam prevention causes token refresh to return an error
2014-08-06 11:11:44 +02:00
Hannah Wolfe
e315148cc5 Cleaner spam prevention error messages
closes #3589

- Full error messages appear in stderr
- Clean error messages for user
2014-08-06 10:00:21 +01:00
Sebastian Gierlinger
1219817628 Merge pull request #3613 from ErisDS/update-notification
Improved Update Notification
2014-08-06 10:55:47 +02:00
Waleed Ali
7009d416cb Improve settings error handling
closes #3450
- Added no-permission error handling for settings edit API.
- In Authentication API integration test, updated the initOwnerUser
  function to insert the roles and user_roles for the owner user so the
  owner can edit settings after adding the no-permission error handling. I
  also added the mail send permission to the test since it's used after
  the user edits the settings.
2014-08-06 09:11:50 +01:00
Sebastian Gierlinger
22171fd058 Merge pull request #3611 from ErisDS/author-classes
Adding missing body class for author pages
2014-08-06 09:37:06 +02:00
Hannah Wolfe
03a46a0b24 Improved Update Notification
- adding a version number to the notification
- adding a link to the upgrade docs, to make this process easier.
2014-08-06 08:33:00 +01:00
Hannah Wolfe
9fb34d6b27 Merge pull request #3550 from halfdan/3542-forgotten-user
Properly show message when resetting password.
2014-08-06 02:18:30 +01:00
Hannah Wolfe
9419f9bbe4 Adding missing body class for author pages
closes #3606
2014-08-05 23:38:57 +01:00
Fabian Becker
a2d5105bcc Changing User.read API to default to active users.
refs #3542
- Properly handle forgotten screen (ember)
- Change Users API to only return active users on read
- Adjust tests
2014-08-06 00:30:48 +02:00
Hannah Wolfe
28c20cba5d Merge pull request #3596 from sebgie/issue#3518
Add owner role to setup user
2014-08-05 19:01:06 +01:00
Sebastian Gierlinger
5590628d54 Merge pull request #3600 from ErisDS/author-helper
Fix the author context block
2014-08-05 19:59:53 +02:00
Hannah Wolfe
157cf5c3b9 Fix the author context block
fixes #3599

- If the author helper is called as a block (i.e. fn is present) then
  treat it as a with call
2014-08-05 17:03:13 +01:00
Sebastian Gierlinger
766e6ff944 Add owner role to setup user
closes #3518
- added owner role to user that is added if no user is available
2014-08-05 13:48:10 +02:00
Sebastian Gierlinger
c62d7ba43e Improve spam prevention
closes #3544
- limit forgotten password requests to five requests per IP per hour
for different email addresses
- limit forgotten password requests to five requests per email address
- limit signin requests to ten failed requests per IP per hour
- removed special treatment for tests
2014-08-05 12:58:58 +02:00
Felix Rieseberg
abf251212c Descriptive error if user by mail not found.
closes #3537
- Replaced generic NotFound error with descriptive NotFoundError.
2014-08-01 18:13:33 -07:00
Jason Williams
938b183707 Sanity check page parameter used in findPage
Closes #3510
- Make sure the page parameter is does not overflow the
  integer data type.
- Added tests.
2014-08-01 14:32:38 +00:00
Hannah Wolfe
59953c6610 Merge pull request #3486 from sebgie/issue#3468
Update spam prevention
2014-08-01 00:10:50 +01:00
Sebastian Gierlinger
3792598a31 Update spam prevention
closes #3468
- added rate limit to deny more than 5 attempt every hour
- updated spam prevention to be configurable
- added config values spamTimeout, ratePeriod, rateAttempts
- added ratePeriod:1 to config.example.js to prevent functional tests
from hitting the rate limit
- commented spam test, I’ll fix it tomorrow
2014-08-01 00:58:32 +02:00
Hannah Wolfe
756368721e Update importer for MU
closes #3285

- remove apps stuff for now
- if there is a single user, behave the same as before, overriding
  non-critical properties of the single owner user
- if there are multiple users, import them like normal resource
2014-07-31 23:14:57 +01:00
Hannah Wolfe
a04562b349 Merge pull request #3478 from halfdan/fix-pgsql
Fixing pg build.
2014-07-31 20:55:21 +01:00
Hannah Wolfe
a13f460acb Merge pull request #3485 from jaswilli/migration
Fix naming of export file during migration
2014-07-31 20:55:12 +01:00
Hannah Wolfe
6413337c2f Merge pull request #3425 from jgable/fixImporter
Make importer more robust for tags
2014-07-31 20:52:51 +01:00
Sebastian Gierlinger
c5fbe2def3 Merge pull request #3479 from ErisDS/issue-3079
Complete frontend multi-user features
2014-07-31 18:52:16 +02:00
Jason Williams
8936b82014 Fix naming of export file during migration
No Issue
- The method that generates a filename for the export during
  a migration returns a promise, not the filename directly,
  so the export file was being named [object Object].
2014-07-31 16:22:05 +00:00
Hannah Wolfe
194d45fac6 Merge pull request #3480 from jaswilli/issue-3466
Update user roles in store after owner transfer
2014-07-31 15:39:48 +01:00
Hannah Wolfe
1c3cb1bb6a Merge pull request #3472 from morficus/issue-3401
custom slugging capabilities for individual user pages
2014-07-31 15:36:11 +01:00
Hannah Wolfe
f9ff78475b Complete frontend multi-user features
closes #3076

- author RSS pages
- fixes page_url / pagination helper
- add 'author' option to has helper
- tests for author pages, author rss pages and helpers
2014-07-31 15:33:52 +01:00
Jason Williams
baf9138b27 Update user roles in store after owner transfer
Closes #3466
- Transferring the owner role is now done via a separate
  endpoint and not through Ember-Data.  As a result the
  user role data needs to be updated manually.
- Updated the owner endpoint to return a response body
  containing the updated user objects.
- Updated tests.
2014-07-31 13:41:10 +00:00
Fabian Becker
640f4c2915 Fixing pg build.
refs #2499
- Properly reference pg client
- Fix broken sql queries
2014-07-31 12:52:57 +00:00
Maurice Williams
489cd08d97 custom slugging capabilities for individual user pages
closes #3401
- modifying slug-generator to be more generic
- adding slugging capabilities for /settings/users/:slug
- modified posts to use the updated slug-generator
2014-07-31 08:14:22 -04:00
Hannah Wolfe
eecbdc1693 User edit & add endpoints cleanup
- edit and add endpoints don't assume role
- edit and add endpoints cope with no role, role objects, and strings
- resend user invite was failing at one point due to no role being sent, but this shouldn't be required
- other random api cleanup
2014-07-31 12:37:48 +01:00
Jacob Gable
69b871a754 Make importer more robust for tags
Closes #3242

- Add checks for valid fields in tags and posts
- Add unit test with empty tag export data file
- Add unit test with empty post export data file
2014-07-30 22:33:45 -05:00
Gabor Javorszky
8487dada0b Implement user and related content deletion
Closes #3100

* Introduces `destroyByAuhor`, given a context and an id, it will check if context has permission to delete the user by the id, and then deletes all the content where `author_id` is id, and then deletes the user
* Does multiple checks to make sure user exists
* Added a fixture `posts:mu` that creates 4 users belonging to 4 roles, 50 posts that have authors evenly distributed, 5 tags and all 50 have one tag attached to it, evenly distributed.

Caveats / questions

* Started testing
2014-07-31 03:48:59 +01:00
Hannah Wolfe
5dc457b417 Merge pull request #3443 from halfdan/30850-users-api
Users API advanced browsing
2014-07-30 22:47:55 +01:00
Hannah Wolfe
80cbef8cdb Merge pull request #3461 from halfdan/unhandled-rejection
Fix unhandled exception
2014-07-30 22:31:19 +01:00
Hannah Wolfe
5d3788ffe6 Merge pull request #3457 from sebgie/issue#3426
Transfer ownership end point
2014-07-30 22:26:42 +01:00
Fabian Becker
29ad30bec8 Fix unhandled exception
no ref
- return result of mail.send
2014-07-30 18:45:00 +00:00
Fabian Becker
d4fdb07d9c Users API advanced browsing
closes #3085
- active and invited include multiple statuses when fetching
- adjusted data generator
2014-07-30 16:59:27 +00:00
Sebastian Gierlinger
ded6aa6ac0 Transfer ownership end point
closes #3426
- added transfer ownership endpoint
- added owner to roles.permissible
- manually removed owner from roles.browse
- removed hard coded author role
- fixed tests that were passing due to hard coded author role
- added testUtils.setup(‚roles‘)
2014-07-30 17:40:30 +02:00
Hannah Wolfe
57a5444335 User API ability to filter users by role
refs #3446

- This only covers the API changes needed for #3446
2014-07-30 15:02:25 +01:00
Hannah Wolfe
ecc8c96c03 Merge pull request #3444 from sebgie/fix-invitations
Fix Invitations
2014-07-30 13:40:23 +01:00
Hannah Wolfe
92805d70e1 Merge pull request #3424 from jgable/fixSettings
Fix lazy loading of settings
2014-07-30 13:39:46 +01:00
Hannah Wolfe
4e85ac1c94 Adding new {{title}} helper
closes #3389
2014-07-29 21:45:56 +01:00
Hannah Wolfe
e4134ccad7 Merge pull request #3438 from hswolff/home-template
Add ability to create a 'home.hbs' template file for templates
2014-07-29 17:10:47 +01:00
Hannah Wolfe
68895c70eb Merge pull request #3442 from sebgie/issue#2330
Remove email address from frontend
2014-07-29 17:10:35 +01:00
Jacob Gable
0b34ad84cb Fix lazy loading of settings
Closes #3281

- Add the missing return to populateDefault
- Wrap defaultSetting in [] when passing to readSettingsResult
- Populate default value of dbHash in parseDefaultSettings
- Modify migrations.init to only load databaseVersion for export_spec test
- Fix spacing in test util file and null reference error in test
- Uncomment user tests (but add .skip) and remove settings from testUtils.setup()
2014-07-29 10:43:38 -05:00