| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
* Align tables in statistics
The table in sidebar is now aligned with the one in content, to avoid
redundant informations.
All tables are back to normal on small devices.
* fix test
* run black on tests
|
|
* Update models: Bill.pay_each()
* Import sql func
* reformatted using black
* Added ModelsTestCase.test_bill_pay_each() in order to test the SQL query change within pay_each.
Had to add Project.ProjectQuery.get_by_name() for the test.
|
|
Remove header and table column of 'Balance' in statistics view
|
|
Fix #417
* New tab upload
* Extract data from JSON
* Add users
* Black format
* Try to add bill
* Import bills
* Add french translation msg
* Black reformat missing
* Deactivated users are supported
* Test import
* Remove temp file in upload_json()
* Incomplete tests
* tests import
* Update ihatemoney/translations/fr/LC_MESSAGES/messages.po
Co-Authored-By: Rémy HUBSCHER <hubscher.remy@gmail.com>
* Remove useless variable and check json format
* Use String.IO and test for wrong json
* Remove coma
Co-authored-by: Rémy HUBSCHER <hubscher.remy@gmail.com>
|
|
|
|
Added API support to generate authentication tokens, at `/api/projects/:id/token`
|
|
|
|
|
|
|
|
In the same move :
- use a setup.cfg file for packaging
- remove the use of six
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* allow basic math ops in amount field for bills form
* docs: changing compile-translations to build-translations
|
|
* refactoring models _to_serialize property
* updated project api members list
* addressing flake8: line too long
|
|
|
|
|
|
|
|
I don't know why, but on my setup (nginx + uwsgi), the `strict_slashes` (default to `True`) was causing an infinite loop.
I think it could be safely removed for this route only.
|
|
|
|
Clearer data structure, and simpler template
This commit has a side effect: sidebar now hides disabled members.
IMHO, the disabled members should either be hidden or shown consistently between
sidebar and central table. Previous status was: shown in sidebar (if balance ≠
0) and hidden in central table.
|
|
The flask-rest custom json encoder is still needed
and thus was added to ihatemoney's utils.
Closes #298
|
|
* Rename manage.ConfigTemplate → manage.GenerateConfig
To be consistent with the CLI name: `generate-config`.
* Add tests for manage.py commands
* Run tests from pip-installed package
To be able to detect packaging-related issues on test runs.
refs #305
|
|
Disable was already (kind-of) possible via API via DELETE, but not re-enabling.
Kudos to @almet for helping me fixing that damn BooleanField :-)
|
|
Bad inheritance was causing APITestsCase tests to be ran twice.
|
|
|
|
* Fix PUT api/project/:code/members/:id
Before that commit, every PUT *must* change the name of the members, so that was :
- no idempotence,
- no ability to change only weight
fix #295
* Remove redundant comment
|
|
* Remove the password from API GET responses
While keeping it for POST/PUT.
fix #289
* Add a test to check password change via API
|
|
- Remove all occurences of clear text project passwords.
- Migrate the database to hash the previously stored passwords.
Closes #232
|
|
* Use token based auth in invitation e-mails
Invitation e-mails no longer contain the clear
text project password
* Skip invite page after project creation
- Replace ``The project identifier is demo, remember it!``
by ``Invite other people to join this project!``
(linking to the invite page)
- Encourage users to share the project password via other
communication means in the reminder email
|
|
|
|
Send a mail containing a password reset
token link instead of sending a clear text
password.
Ref #232
|
|
* Fixed exposed password in session
The project password was set in clear text
in the session cookie. The cookie payload is
only base64 encoded so it must not be used to
store private information. The password is
simply replaced by a boolean.
* Simplify authentication logic
|
|
* Update to a more flexible admin authentication
* Admin can now access any project
* Add delete and edit options in the dashboard
* Add a link to the dashboard in the nav bar
This is a rework of the changes proposed by @Olivd, so they can apply on top of
the latest master without trouble. All credit goes to him for the code.
|
|
|
|
* Protect admin endpoints against brute force attacks
Add a throttling mechanism to prevent a client brute
forcing the authentication form, based on its ip address
Closes #245
* Reset attempt counters if they get memory hungry
|
|
In flask's development server, the route handlers
run in a different thread than the main thread
thus an in-memory database created in the main thread
cannot be acccessed by the route handlers.
Switching the default database location to a temporary
file solves the isssue.
See full explanation here:
https://gehrcke.de/2015/05/in-memory-sqlite-database-and-flask-a-threading-trap/
|
|
Some supernatural power erased the configuration
tests, they're now back !
|
|
* Use absolute imports and rename package to ihatemoney
* Add a ihatemoney command
* Factorize application creation logic
* Refactor the tests
* Update the wsgi.py module with the new create_app() function
* Fix some styling thanks to Flake8.
* Automate Flake8 check in the CI.
|
