42688ed1c9
Prefer authentication token for session if present
2022-10-05 21:34:19 +02:00
16c00ec136
Add support for signed URLs used by the render_file function
2022-09-23 21:35:22 +02:00
5881795d5f
Memorize config options instead of reading them from file over and over again
2022-09-23 21:35:22 +02:00
936c11e31f
Refactor authentication token for new study-group-based authorization
2022-09-22 19:24:26 +02:00
9c9f45ff77
Redefine user roles with their role in a study group
2022-09-22 19:24:26 +02:00
f1aa004284
Use controller method for 404 responses
2022-09-14 01:01:14 +02:00
b0130b8fae
Remove overwrite for X-Frame-Options
...
* With current third-party-cookies being blocked by modern
browsers, CodeOcean won't work in an iFrame anyway.
2022-09-06 11:21:37 +02:00
b6837e9539
Refactor validity of token authentication
2022-09-02 16:56:19 +02:00
cc3fc72cf9
slight changes to application controller to be more readable
2022-08-05 08:05:07 +02:00
baf70a0c06
Sanitize locale input.
...
Closes CODEOCEAN-9E
2022-07-15 13:35:18 +02:00
2ce9c4258a
Remove New Relic
2022-04-29 22:53:36 +02:00
e7d35af418
Resolve Pundit deprecation warning
2022-04-20 18:28:44 +02:00
d08707f62e
Fix switch_locale to return the block result
2021-06-28 16:08:24 +02:00
1b71163a77
Refactor locale with around method
2021-06-25 17:36:56 +02:00
5243808d54
Apply automatic rubocop fixes
2021-05-17 19:40:38 +02:00
da0a682ffb
Apply manual rubocop fixes
2021-05-14 22:03:06 +02:00
6cbecb5b39
Apply automatic rubocop fixes
2021-05-14 22:03:06 +02:00
78230f0d97
Add message for expired session
2021-04-22 11:32:12 +02:00
fbf9010823
Ensure Mnemosyne trace is always attached
2021-03-19 20:00:41 +01:00
06fe37d6cf
Check for Mnemosyne trace before appending meta information
2021-03-17 14:34:05 +01:00
486808eae0
Add mnemosyne tracing for render_csrf_error
2021-03-10 18:53:20 +01:00
82555d88b7
Add mnemosyne tracing for session
2021-03-10 18:00:37 +01:00
a174d75a47
Debug CSRF issues temporarily
2021-03-10 13:51:29 +01:00
b10e23dd16
Upgrade to newest Sentry
2021-03-04 14:02:16 +01:00
939f36816d
Update Raven user context
2020-11-25 01:13:12 +01:00
eedbf6a815
Return nil if no user is signed in
2020-10-28 14:52:04 +01:00
5646316394
Set context for raven
2020-01-29 01:39:14 +01:00
f7030e3506
Refactor redirect if user is not authorized
2019-01-31 13:06:28 +01:00
d45dc04a3e
Limit redirect to host
2019-01-15 17:36:32 +01:00
1a26d67c82
Merge branch 'master' into add_roles_via_LTI
...
# Conflicts:
# app/views/application/_breadcrumbs.html.slim
# app/views/application/welcome.html.slim
# app/views/exercise_collections/show.html.slim
# app/views/external_users/index.html.slim
# app/views/layouts/application.html.slim
# app/views/proxy_exercises/index.html.slim
# app/views/user_exercise_feedbacks/index.html.slim
# app/views/user_mailer/send_thank_you_note.slim
2018-12-14 00:53:06 +01:00
d3f67ab4c7
Rethink permissions in CodeOcean for usage in schools and adopt views
2018-12-12 14:09:19 +01:00
a0d8b30ef2
Implement support for some basic embed options for work sheets via LTI
...
This commit also fixes an issue with the flash messages being positioned too high and displayed for too long
2018-12-11 14:29:36 +01:00
832b48ba62
Refactor /insights to throw a Pundit exception if no current_user is set
2018-11-28 15:44:45 +01:00
c4f9c2fc85
Prevent redirection if possible
...
This will just show the flash message on prevent the browser from changing the location. Works great with Turbolinks!
2018-11-22 19:00:01 +01:00
9666683bd7
Fix error, submission, hints and help views
2018-11-06 16:46:01 +01:00
a77a006e8d
Update CSRF chain to prepend checks and resolve comments from PR
...
Signed-off-by: Sebastian Serth <Sebastian.Serth@student.hpi.de >
2018-11-06 16:46:01 +01:00
8d1c846fae
changes to newrelic
2017-09-20 13:29:26 +02:00
5002f9bbce
allow iframe requests
2017-04-11 12:19:41 +02:00
325ea25849
Replaced session[:lti_parameters] with proper LtiParameter object.
...
Removed all tests that would be failing
TODO: decision if all LtiParameter objects for a certain user/consumer will be deleted when the user/consumer is deleted from the session, or only the LtiParameter object for the current exercise of the user/consumer.
TODO: replace removed tests with proper tests
2016-12-30 09:45:39 +01:00
6f1d8b2d38
Marked more locations that might require to be changed when we switch from session to LtiParameters Object
2016-12-27 07:48:59 +01:00
f4c01879bf
preparations to replace session with lti_parameters object
2016-12-27 00:13:41 +01:00
c39fd9d6ce
Revert stuff
2015-04-28 16:48:52 +02:00
23ddfaca11
current_user nil not false
2015-04-28 16:12:43 +02:00
707c40a65b
some more logging for missing @current_user
2015-04-27 10:52:23 +02:00
4eef3d70d5
minor refactoring of flash messages
2015-03-23 16:42:57 +01:00
5bfe03c426
set application locale from custom LTI launch parameter
2015-02-23 11:33:43 +01:00
4cbf9970b1
transferred Code Ocean from original repository to GitHub
2015-01-22 10:01:32 +01:00
