aboutsummaryrefslogtreecommitdiffstats
path: root/spec
Commit message (Collapse)AuthorAgeLines
...
| * | | Move outgoing message admin actions to RESTful model.Louise Crow2014-12-18-2/+2
| | | |
| * | | Move admin incoming message actions to use RESTful routes.Louise Crow2014-12-18-9/+9
| | | | | | | | | | | | | | | | | | | | So data changing actions require a POST and can be protected against CSRF.
| * | | Move change request actions to use RESTful routes.Louise Crow2014-12-18-4/+6
| | | |
| * | | Move edit and update to RESTful routingLouise Crow2014-12-18-1/+1
| | | |
| * | | Move new action to use RESTful routing.Louise Crow2014-12-18-1/+1
| | | |
| * | | Use RESTful routing for indexLouise Crow2014-12-18-2/+2
| | | |
| * | | Make downloading a raw email a RESTful routeLouise Crow2014-12-18-3/+19
| | | |
| * | | Make marking an event as a clarification a RESTful routeLouise Crow2014-12-18-0/+53
| | | |
| * | | Make hide a RESTful action accessed via POSTLouise Crow2014-12-12-3/+3
| | | |
| * | | Make show_raw_email a RESTful action via GETLouise Crow2014-12-12-48/+53
| | | | | | | | | | | | | | | | | | | | Move specs that involve receiving email and then viewing the interface to be integration specs, which is what they really are.
| * | | RESTful routing for editing and updating commentsLouise Crow2014-12-12-0/+66
| | | |
| * | | Use RESTful routing for destroy actionLouise Crow2014-12-12-2/+2
| | | |
| * | | Use RESTful routing for index and show actionsLouise Crow2014-12-12-7/+6
| | | |
* | | | Merge branch 'admin-public-holiday-interface' into rails-3-developLouise Crow2014-12-18-61/+522
|\ \ \ \
| * | | | Allow import of holidays from feed or built-in suggestionsLouise Crow2014-12-15-1/+252
| | | | |
| * | | | Add some inline editingLouise Crow2014-12-15-7/+31
| | | | |
| * | | | Add create actionLouise Crow2014-12-15-0/+39
| | | | |
| * | | | Add new actionLouise Crow2014-12-15-0/+15
| | | | |
| * | | | Add basic destroy action.Louise Crow2014-12-15-0/+25
| | | | |
| * | | | Add basic update action.Louise Crow2014-12-15-2/+38
| | | | |
| * | | | Add basic edit actionLouise Crow2014-12-15-2/+22
| | | | |
| * | | | Add index method for listing existing holidaysLouise Crow2014-12-15-0/+40
| | | | |
| * | | | Add validation for presence of day.Louise Crow2014-12-15-61/+72
| | | | |
* | | | | Refactor the application of masks and censor rules to messages.Louise Crow2014-12-15-122/+205
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Seems more logical to make this one method that figures out what to do based on file type. Plus, incoming message does so many things, it seemed like having these related methods be separate would make them easier to read and understand. Also, email, mobile and login substitution texts weren't being translated. Finally, I think passing the censor rules and masks as arguments is a first step in some more decoupling of models.
* | | | | Enforce a lifetime on session cookiesLouise Crow2014-12-12-0/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Problem described in http://seclists.org/fulldisclosure/2013/Sep/145 Pattern taken from https://www.coffeepowered.net/2013/09/26/rails-session-cookies/
* | | | | Only mark email_subject_request as HTML safe when used in email subject.Louise Crow2014-12-12-7/+7
| |/ / / |/| | | | | | | | | | | It's also used in the web interface and needs to be escaped there.
* | | | Merge branch 'catch-openuri-timeout-errors' into rails-3-developLouise Crow2014-12-11-1/+5
|\ \ \ \ | |/ / / |/| | |
| * | | Use exception notification for third party url errorsLouise Crow2014-11-14-1/+5
| | | | | | | | | | | | | | | | Include URL and error in notification and log.
* | | | Merge branch 'sanitize-non-utf8-request-uri' into rails-3-developLouise Crow2014-12-09-8/+6
|\ \ \ \
| * | | | Use rack-utf8_sanitizer gemLouise Crow2014-11-18-8/+6
| | | | | | | | | | | | | | | | | | | | This sanitises non utf-8 params before they're processed by Rails.
* | | | | Merge branch 'owasp-fixes' into rails-3-developLouise Crow2014-12-09-3/+0
|\ \ \ \ \
| * | | | | Don't display specific error messages in production.Louise Crow2014-12-05-3/+0
| | |_|_|/ | |/| | |
* | | | | Merge branch '1666-related-requests-search' into rails-3-developGareth Rees2014-12-08-0/+17
|\ \ \ \ \ | |_|_|_|/ |/| | | |
| * | | | RequestController#search_typaahead limit resultsGareth Rees2014-11-11-0/+11
| | | | | | | | | | | | | | | | | | | | Use the per_page parameter to limit the results returned
| * | | | RequestController#search_typeahead filter by bodyGareth Rees2014-11-11-0/+6
| | |/ / | |/| | | | | | | | | | | | | | Action now supports the `request_from` param as per the Xapian filtering system to filter search typeaheads by public body
* | | | Merge branch '2000-validate-category-description' into rails-3-developLouise Crow2014-12-01-0/+6
|\ \ \ \
| * | | | Validate the presence of the description.Louise Crow2014-12-01-0/+6
| | | | | | | | | | | | | | | | | | | | It's required in [PublicBody#type_of_authority]( https://github.com/mysociety/alaveteli/blob/rails-3-develop/app/models/public_body.rb#L343-L347)
* | | | | Merge branch '1965-censor-rule-creation-failure' into rails-3-developLouise Crow2014-12-01-0/+503
|\ \ \ \ \ | |/ / / / |/| | | |
| * | | | Use instance variable for CensorRule in #destroyGareth Rees2014-11-19-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Easier to check against the assigned variable, but the spec still fails because an internal error is raised if the rule is not associated with a User or InfoRequest
| * | | | Set the form URL to POST to in #createGareth Rees2014-11-19-0/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Direct the (re-rendered) form at the correct route for the association (or use the generic route if the rule is being created for some other reason)
| * | | | Associate censor rule with something in #createGareth Rees2014-11-19-0/+48
| | | | | | | | | | | | | | | | | | | | | | | | | Build the CensorRule against the object that is found by an additional parameter (either :info_request_id or :user_id)
| * | | | Set the form URL to POST to in #newGareth Rees2014-11-19-0/+17
| | | | | | | | | | | | | | | | | | | | | | | | | Direct the form at the correct route for the association (or use the generic route if the rule is being created for some other reason)
| * | | | Associate censor rule with something in #newGareth Rees2014-11-19-0/+12
| | | | | | | | | | | | | | | | | | | | | | | | | Build the CensorRule against the object that is found by an additional parameter (either :info_request_id or :user_id)
| * | | | Initialize a new CensorRule in #newGareth Rees2014-11-19-0/+5
| | | | |
| * | | | Specs for AdminCensorRuleController#updateGareth Rees2014-11-19-0/+126
| | | | | | | | | | | | | | | | | | | | | | | | | Note that these specs describe what the system does – not what it _should_ do!
| * | | | Specs for AdminCensorRuleController#createGareth Rees2014-11-19-0/+111
| | | | | | | | | | | | | | | | | | | | | | | | | Note that these specs describe what the system does – not what it _should_ do!
| * | | | Specs for AdminCensorRuleController#destroyGareth Rees2014-11-18-0/+65
| | | | | | | | | | | | | | | | | | | | Note that these specs describe what the system does – not what it _should_ do!
| * | | | Specs for AdminCensorRuleController#editGareth Rees2014-11-18-0/+23
| | | | |
| * | | | Specs for AdminCensorRuleController#newGareth Rees2014-11-18-0/+48
| | | | |
| * | | | Add CensorRule factoriesGareth Rees2014-11-18-0/+32
| | | | |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-06 10:33:35 +0000