aboutsummaryrefslogtreecommitdiffstats
path: root/app/controllers/admin_controller.rb
Commit message (Collapse)AuthorAgeLines
* Return a list of all cache directories for the requestLouise Crow2014-09-01-2/+1
|
* Merge branch 'feature/hide-individual-responses' into rails-3-developLouise Crow2013-09-17-2/+1
|\ | | | | | | | | | | | | | | | | | | | | Conflicts: Gemfile app/views/admin_request/edit_outgoing.html.erb config/packages doc/CHANGES.md doc/INSTALL.md spec/models/info_request_spec.rb spec/models/public_body_spec.rb
| * Move some download methods to InfoRequest.Louise Crow2013-09-16-2/+1
| | | | | | | | | | | | Use send_file to send zips. Also adds 'all_can_view_all_correspondence?' - is this request completely cachable, or do we need to cache different versions for different levels of privilege?
* | Make method name clearerHenare Degan2013-08-10-1/+1
|/
* Change email address in header of source code to hello@mysociety.orgMatthew Landauer2013-03-26-1/+1
|
* Update Configuration references to new name.Louise Crow2013-03-19-1/+1
|
* Merge branch 'develop' into rails-3-developLouise Crow2013-03-19-2/+1
|\ | | | | | | | | | | | | | | Conflicts: Gemfile Gemfile.lock app/views/admin_request/show.html.erb config/environment.rb
| * Allow the emergency user account to be disabled.Louise Crow2013-03-19-2/+1
| |
* | Rename Configuration class to avoid conflict with ActiveSupport::ConfigurableHenare Degan2013-03-03-3/+3
|/
* Remove any download zip files when a request's cached files are expired.Louise Crow2012-12-13-0/+4
|
* Move methods used only in admin controllers to admin_controller.rbLouise Crow2012-10-30-0/+24
|
* If we're doing admin authentication internally, don't bother with the ↵Louise Crow2012-10-30-3/+4
| | | | request environment, set the admin_name on the session instead.
* Remove svn tags that are out of date as we are now using gitMatthew Landauer2012-10-09-2/+0
|
* Extract configuration with defaults into one moduleMatthew Landauer2012-09-25-4/+2
|
* Fix typo in comment.Louise Crow2012-08-16-1/+1
|
* Don't allow non-superusers to access admin interface (eek!) Fixes #515Seb Bacon2012-06-27-2/+5
|
* Improve administrative user account support:Seb Bacon2012-05-14-14/+31
| | | | | | * Allow users with `super` admin level to use the administrative interface. * Allow bootstrapping these users with an Emergency User over HTTP Basic Auth * Introduce new `SKIP_ADMIN_AUTH` setting to allow all admin auth to be bypassed (used by mySociety)
* first stab at sending PURGE requests to upstream varnish for request pages. ↵Seb Bacon2012-03-13-0/+2
| | | | Next step: making it asynchronous, e.g. with a queue of things to purge via a cron job.
* Username from users logged in as ADMIN_USERNAME should appear in ↵seb2011-11-21-0/+1
| | | | administrative interface event logs. Fixes #287.
* Respect admin password and username. Fixes #245.Seb Bacon2011-09-30-5/+9
|
* Don't treat CSRF tokens as optional session data for administrators (they're ↵Seb Bacon2011-07-27-0/+3
| | | | | | needed to allow them to edit anything! Fixes #95 (Also change wording of test namess to match usual rspec convention)
* Authentication should only apply to admin interface when *both* email *and* ↵Seb Bacon2011-07-27-1/+1
| | | | password are unset
* fix up basic auth for admin settings: get credentials from config, cause ↵Seb Bacon2011-07-06-5/+8
| | | | default (where no config) to skip authorization completely, add tests for these
* Specific code for our requirements (kosovo law, our request etc..)Faton Selishta2011-06-02-1/+8
|
* Add CSRF protection on state changing actions. Use default handler ↵Louise Crow2011-02-28-4/+5
| | | | handle_unverified_request which clears session.
* Adding CSRF protection for admin forms.Louise Crow2011-02-24-0/+5
|
* Edit interface for user level censor rules.Francis Irving2010-08-04-0/+7
|
* Do the cacheing ourselves.Francis Irving2010-05-19-13/+3
|
* Generate path for fragment cache in central placeFrancis Irving2010-05-18-1/+1
|
* Store only clipped attachment text in database.francis2009-09-17-1/+5
|
* Replace expires_fragment with actual fast alternative!francis2009-09-15-13/+15
|
* Reindex in Xapian when censor rules change.francis2009-08-21-1/+3
|
* Use caching that allows pre-authentication.francis2009-06-30-17/+15
| | | | | Add test code for hidden requests. Make super users able to view hidden requests.
* "hidden" option to completely hide requests (from everyone except ↵francis2009-06-23-1/+22
| | | | administrator screens).
* Derive from right classfrancis2009-01-29-2/+2
|
* Always give full stack trace for admin interfacefrancis2009-01-29-56/+9
|
* Remove tracks by medium display in admin.francis2008-11-17-2/+1
|
* Factor out an SQL fragment.francis2008-09-11-4/+3
|
* *** empty log message ***francis2008-09-08-1/+2
|
* Let adapter compute booleans, so works with sqlite as well as postgresqlfrancis2008-07-30-2/+2
|
* Now we remind after 1 week, only put in admin after 10 daysfrancis2008-07-14-2/+2
|
* Store incoming messages which aren't to a valid request in a holding pen, andfrancis2008-07-08-1/+2
| | | | let people move them from admin interface.
* Date and order for things needing classification.francis2008-06-10-4/+5
|
* Admin classify after 1 week, not 2 weeks.francis2008-05-21-2/+2
|
* 2 day timelinefrancis2008-04-18-3/+7
|
* last_updated gets knackered by various track email things etc. so do queryfrancis2008-04-17-2/+2
| | | | on actual last new event for admin interface.
* Stats page.francis2008-04-16-1/+7
|
* Debug page.francis2008-04-11-1/+5
|
* Show which user you are in the admin interfacefrancis2008-04-11-1/+2
|
* Include public body history change in timelinefrancis2008-04-09-1/+9
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-21 05:59:47 +0000