| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Might fix #255
|
|
Fixes #312.
|
|
* Remove unwanted space in utils.py
* Fix email validation when sending invites
|
|
|
|
* Add a `make update-translations` command
To collect new strings to be translated from code.
Totally cheated on @Glandos commands :-)
Ref #336
Ref https://github.com/spiral-project/ihatemoney/issues/336#issue-322069517
* Document translation process
Fix #336
* Drop noisy location comments from .po files
Fix #339
* Drop .pot header
As it serves no purpose with our translation workflow.
.po header could be removed also, but pybabel has no option for that.
Ref #339
|
|
I don't know why, but on my setup (nginx + uwsgi), the `strict_slashes` (default to `True`) was causing an infinite loop.
I think it could be safely removed for this route only.
|
|
|
|
|
|
`python-home` is prefered over `python-path`. It will work with or without
a virtualenv.
See http://modwsgi.readthedocs.io/en/develop/configuration-directives/WSGIDaemonProcess.html
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Clearer data structure, and simpler template
This commit has a side effect: sidebar now hides disabled members.
IMHO, the disabled members should either be hidden or shown consistently between
sidebar and central table. Previous status was: shown in sidebar (if balance ≠
0) and hidden in central table.
|
|
|
|
That was forgotten from fe39258630e55d4a3e1297a01a1c8fd39bad3a4e
|
|
This fix a regression from #316 (scrollbar was displayed all the time).
Note that the padding-bottom value is totally empiric, but proved OK on my Fx
and Chrome instances + some responsive tests. There might be finer solutions,
feel free :-).
|
|
The flask-rest custom json encoder is still needed
and thus was added to ihatemoney's utils.
Closes #298
|
|
* Make sidebar scrollable
Make sidebar scrollable.
* Update CHANGELOG.rst
Fixes #318
|
|
For this I had to create an Jinja2 explicit environment, so I put a
function in `ihatemoney.utils.create_jinja2_env(strict_rendering=False)`.
When using this environment and if `strict_rendering` is activated,
templates using undefined variables will now error out rather than
failing silently.
|
|
The script was relying on the presence of an environment variable, which
is only set when the virtualenv is activated. But a virtualenv does not
have to be activated to work (it's possible to call the python command
directly).
This fixes it by relying on `sys.executable` which should be correct at
all times.
Fixes #306
|
|
* Rename manage.ConfigTemplate → manage.GenerateConfig
To be consistent with the CLI name: `generate-config`.
* Add tests for manage.py commands
* Run tests from pip-installed package
To be able to detect packaging-related issues on test runs.
refs #305
|
|
This makes it inconsistent with our own generated passwords. Only check
that the password has been hashed.
Fixes #310.
|
|
The script was relying on the presence of an environment variable, which
is only set when the virtualenv is activated. But a virtualenv does not
have to be activated to work (it's possible to call the python command
directly).
This fixes it by relying on `sys.executable` which should be correct at
all times.
Fixes #306
|
|
I've also renamed the templates to *.j2 in order to make things clearer
to others. Having extensions with the name of the locale doesn't seem to
be a good practice, and would need us to add the locales in the MANIFEST
file each time we add one.
Fix #305
|
|
* Enable basic auth passthrough for API
Added the couple of apache configuration lines necessary to get the basic authentication working for the API.
* Revert the addition of "AuthType Basic"
Did some more testing on my server here and I totally agree, don't need "AuthType Basic".
|
|
Disable was already (kind-of) possible via API via DELETE, but not re-enabling.
Kudos to @almet for helping me fixing that damn BooleanField :-)
|
|
Bad inheritance was causing APITestsCase tests to be ran twice.
|
|
Fix duplicate member validation
|
|
Avoid confusing the user for the commands outputing text to the user.
fix #277
|
|
|
|
Visual result is exactly the same, but less black magic :-).
|
|
* Fix PUT api/project/:code/members/:id
Before that commit, every PUT *must* change the name of the members, so that was :
- no idempotence,
- no ability to change only weight
fix #295
* Remove redundant comment
|
|
{% block sidebar %} is used by sidebar_table_layout.html and its children, not by
layout.html nor its direct children.
This is dead code removal.
|
|
* Remove the password from API GET responses
While keeping it for POST/PUT.
fix #289
* Add a test to check password change via API
|
|
|
|
- Remove all occurences of clear text project passwords.
- Migrate the database to hash the previously stored passwords.
Closes #232
|
|
* Use token based auth in invitation e-mails
Invitation e-mails no longer contain the clear
text project password
* Skip invite page after project creation
- Replace ``The project identifier is demo, remember it!``
by ``Invite other people to join this project!``
(linking to the invite page)
- Encourage users to share the project password via other
communication means in the reminder email
|
|
|
|
|
|
Send a mail containing a password reset
token link instead of sending a clear text
password.
Ref #232
|
|
* Fixed exposed password in session
The project password was set in clear text
in the session cookie. The cookie payload is
only base64 encoded so it must not be used to
store private information. The password is
simply replaced by a boolean.
* Simplify authentication logic
|
|
* Add a command to generate configuration examples
Config files are generated from templates (which remplace previous example files).
- solve the issue of hard-to-explain configuration examples
- ease pkg path seeking (avoid it, actually)
- add working defaults for sqlite and unix socket paths (instead of
/replace/me/path/example)
- move settings comments from default_settings.py to ihatemoney.cfg.j2, as it is
the one that will be facing user.
* Use generate-config command in install doc
Also follow the new working defaults of templates for socket and db path.
* Fix doc settings table
On the long term, plaintext tables might destroy humanity.
* Mention templates dir URL in documentation
As requested by @almet
|
|
|
|
* Update to a more flexible admin authentication
* Admin can now access any project
* Add delete and edit options in the dashboard
* Add a link to the dashboard in the nav bar
This is a rework of the changes proposed by @Olivd, so they can apply on top of
the latest master without trouble. All credit goes to him for the code.
|
