Commit Graph

27 Commits

Author SHA1 Message Date
486808eae0 Add mnemosyne tracing for render_csrf_error 2021-03-10 18:53:20 +01:00
82555d88b7 Add mnemosyne tracing for session 2021-03-10 18:00:37 +01:00
a174d75a47 Debug CSRF issues temporarily 2021-03-10 13:51:29 +01:00
b10e23dd16 Upgrade to newest Sentry 2021-03-04 14:02:16 +01:00
939f36816d Update Raven user context 2020-11-25 01:13:12 +01:00
eedbf6a815 Return nil if no user is signed in 2020-10-28 14:52:04 +01:00
5646316394 Set context for raven 2020-01-29 01:39:14 +01:00
f7030e3506 Refactor redirect if user is not authorized 2019-01-31 13:06:28 +01:00
d45dc04a3e Limit redirect to host 2019-01-15 17:36:32 +01:00
1a26d67c82 Merge branch 'master' into add_roles_via_LTI
# Conflicts:
#	app/views/application/_breadcrumbs.html.slim
#	app/views/application/welcome.html.slim
#	app/views/exercise_collections/show.html.slim
#	app/views/external_users/index.html.slim
#	app/views/layouts/application.html.slim
#	app/views/proxy_exercises/index.html.slim
#	app/views/user_exercise_feedbacks/index.html.slim
#	app/views/user_mailer/send_thank_you_note.slim
2018-12-14 00:53:06 +01:00
d3f67ab4c7 Rethink permissions in CodeOcean for usage in schools and adopt views 2018-12-12 14:09:19 +01:00
a0d8b30ef2 Implement support for some basic embed options for work sheets via LTI
This commit also fixes an issue with the flash messages being positioned too high and displayed for too long
2018-12-11 14:29:36 +01:00
832b48ba62 Refactor /insights to throw a Pundit exception if no current_user is set 2018-11-28 15:44:45 +01:00
c4f9c2fc85 Prevent redirection if possible
This will just show the flash message on prevent the browser from changing the location. Works great with Turbolinks!
2018-11-22 19:00:01 +01:00
9666683bd7 Fix error, submission, hints and help views 2018-11-06 16:46:01 +01:00
a77a006e8d Update CSRF chain to prepend checks and resolve comments from PR
Signed-off-by: Sebastian Serth <Sebastian.Serth@student.hpi.de>
2018-11-06 16:46:01 +01:00
8d1c846fae changes to newrelic 2017-09-20 13:29:26 +02:00
5002f9bbce allow iframe requests 2017-04-11 12:19:41 +02:00
325ea25849 Replaced session[:lti_parameters] with proper LtiParameter object.
Removed all tests that would be failing

TODO: decision if all LtiParameter objects for a certain user/consumer will be deleted when the user/consumer is deleted from the session, or only the LtiParameter object for the current exercise of the user/consumer.

TODO: replace removed tests with proper tests
2016-12-30 09:45:39 +01:00
6f1d8b2d38 Marked more locations that might require to be changed when we switch from session to LtiParameters Object 2016-12-27 07:48:59 +01:00
f4c01879bf preparations to replace session with lti_parameters object 2016-12-27 00:13:41 +01:00
c39fd9d6ce Revert stuff 2015-04-28 16:48:52 +02:00
23ddfaca11 current_user nil not false 2015-04-28 16:12:43 +02:00
707c40a65b some more logging for missing @current_user 2015-04-27 10:52:23 +02:00
4eef3d70d5 minor refactoring of flash messages 2015-03-23 16:42:57 +01:00
5bfe03c426 set application locale from custom LTI launch parameter 2015-02-23 11:33:43 +01:00
4cbf9970b1 transferred Code Ocean from original repository to GitHub 2015-01-22 10:01:32 +01:00