Commit graph

20 commits

Author SHA1 Message Date
Joseph Schorr
188ea98441 Add new decorator to prevent reflected text attacks
Instead of disabling repo names with periods in them, we simply disallow calls to the API when they are GET requests, whose path ends in a dot, and that do not have a referrer from the frontend.
2018-02-20 11:33:45 -05:00
Joseph Schorr
3b4296f580 Add missing var 2017-10-06 14:36:02 -04:00
Alec Merdler
6dae6c4f82 whitelisted moment.js locales to reduce bundle size 2017-08-02 15:46:14 -04:00
EvB
20284f57f3 fix(user-service): make sync calls to update user async 2017-05-26 17:18:05 -04:00
Charlton Austin
9729ac3cbb fix(entity-search.js): fix reload namespace
before if you reloaded the say the team owners tab you would get
an error this now watches the namespace and updates it

[TESTING -> tested against prod like data with local docker build]

Issue: https://www.pivotaltracker.com/story/show/145041479

- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-05-23 12:48:11 -04:00
Joseph Schorr
932fa56227 Fix name collision between the two organization delete calls
Fixes #2104

The collision was causing the frontend to try to call the *superuser* method (in local, where superuser is enabled), but on prod (where it isn't), it was calling the normal method, which takes a different parameter name
2016-11-10 15:28:20 -05:00
Joseph Schorr
1e3b354201 Add support for temp usernames and an interstitial to confirm username
When a user now logs in for the first time for any external auth (LDAP, JWT, Keystone, Github, Google, Dex), they will be presented with a confirmation screen that affords them the opportunity to change their Quay-assigned username.

Addresses most of the user issues around #74
2016-11-03 15:59:14 -04:00
Joseph Schorr
a85126ea97 Prevent NPE in delete namespace
Fixes #2039
2016-10-31 12:17:50 -04:00
Joseph Schorr
73eb66eac5 Add support for deleting namespaces (users, organizations)
Fixes #102
Fixes #105
2016-10-21 15:41:09 -04:00
Jake Moshenko
f04b018805 Write our users to Marketo as leads. 2016-10-14 16:29:11 -04:00
Joseph Schorr
82753931f5 Remove old Olark code
Fixes #1696
2016-08-10 15:11:05 -04:00
Joseph Schorr
4b3420eddf Change the encrypted password dialog to use the user's external username, if one exists.
Fixes #1538
2016-06-14 18:09:42 -04:00
josephschorr
ee557c944a Merge pull request #1455 from coreos-inc/better-dialogs
Better dialogs
2016-05-16 18:27:03 -04:00
Joseph Schorr
4a543be7a7 New create entity dialogs (team and robot)
Fixes https://github.com/coreos-inc/design/issues/230
2016-05-16 17:30:00 -04:00
Joseph Schorr
486facedbe Add catches around calls to external services that might break login 2016-05-16 15:54:52 -04:00
Joseph Schorr
1f90aa5b59 Fix repo count checker when the user service has not yet loaded
Fixes #521
2015-09-21 16:42:16 -04:00
Joseph Schorr
2739cf47ba Prevent change visibility of a repo in the UI when disallowed by billing plan
Fixes #486

- Extracts out the check plan logic and UI from the new repo page into its own directive (repo-count-checker)
- Adds the new directive to the repo settings panel
- Some additional UI improvements for the repo settings panel
2015-09-16 14:00:06 -04:00
Joseph Schorr
2e3704f7ba Redo header bar to trim options when we can and make the repositories page the default landing page for logged in users 2015-04-08 15:15:21 -04:00
Joseph Schorr
70aec00914 Add a fetch tag dialog 2015-03-19 15:08:18 -04:00
Joseph Schorr
9b87999c1c Code cleanup part #1: move all the services and directive JS code in the app.js file into its own files 2015-02-19 16:21:54 -05:00