team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
101 Commits 1 Branch 0 Tags
08a8c60276c0d70949e1e58fd69f33e902e239ff
Commit Graph

93 Commits

Author SHA1 Message Date
Ken Johnson 08a8c60276 added route, controller, model, sidebar link, and basic index page for the work info section so that we can render user data 2013-05-31 10:48:20 -04:00
Ken Johnson a599ca9862 so now, when you add a PTO scheduled date, the calendar on your PTO page automatically updates to show this event :-) 2013-05-31 10:31:35 -04:00
Ken Johnson a6a38c773e added validation for all schedule fields (presence of) and working on a new way to dynamically update your calendar upon submission of a new calendar event 2013-05-31 00:31:13 -04:00
Ken Johnson e483f1b2cd cleaned up the tutorial home page 2013-05-30 17:05:48 -04:00
Ken Johnson 9d5cebbfa0 normalize 2013-05-30 16:05:03 -04:00
Ken Johnson d2ac6aee6d added content to the 401k section and change some stuff 2013-05-30 15:59:01 -04:00
Ken Johnson 23bc521787 got rid of mass assignment in certain areas 2013-05-30 12:52:43 -04:00
Ken Johnson ff36b0fab5 working way to update your scheduled PTO 2013-05-30 12:11:50 -04:00
Ken Johnson 8044080b25 fixed height w/ JS 2013-05-28 16:11:03 -04:00
Ken Johnson caf348f189 made some big changes here. The schedule had a has_one relationship with the PTO model. That is a problem since we only get one result back. meaning, a user cant have multiple scheduled events. This has been fixed with the use of has_many within the PTO model. Now, in relation to the PTO section, the next changes to happen are to be a fully functional create action that allows an event to be schedule, the form and controller has already been created. Umm, also, a calendar has been added and when we get the results back from a call to the create event action we will update that calendar. Think that is about it for now 2013-05-28 12:48:35 -04:00
Ken Johnson 3016af35c7 got rid of the extras on the sidebar 2013-05-28 11:06:21 -04:00
Ken Johnson 92c07b49c1 putting in a calendar to show any scheduled PTO days 2013-05-28 11:01:52 -04:00
Ken Johnson a1712f78a3 added another chart for PTO and fixed badly named method 2013-05-28 10:41:04 -04:00
Ken Johnson 657db353c4 working on new chart for PTO 2013-05-28 10:12:31 -04:00
Ken Johnson 9feae35f5f switching to a different graph 2013-05-28 09:44:17 -04:00
Ken Johnson 21752fab7e I am setting this up, in this way, so that we have some extensibility. We may wish to have some sort of a polymorphic association where multiple models need to have a scheduling model available to them. That being said, as of right now, only the pto model needs it so I am doing a belong_to and has_one association between the two 2013-05-27 13:09:33 -04:00
Ken Johnson 8bfdf45ff9 trying to fix up broken links and the broken css 2013-05-27 09:48:03 -04:00
Ken Johnson 923abddb89 working on the PTO section 2013-05-27 09:38:34 -04:00
Ken Johnson daddb138a5 okay, I am tired, I am just gonna continue this effort sat night or sun. Anyways, some of the main things this app should do are running so not a bad day. I would say we are only a couple days from beta release. 2013-05-25 03:01:53 -04:00
Ken Johnson 2acc5af274 new interface for PTO, although I need to work on dynamically generating the content 2013-05-25 02:45:26 -04:00
Ken Johnson af763d40bf added the PTO section 2013-05-24 20:54:07 -04:00
Ken Johnson 3fb341553c 401k view, now I need to make sure these stats populate for every user 2013-05-24 20:02:30 -04:00
Ken Johnson 96e0095878 moving in the right direction 2013-05-24 19:51:09 -04:00
Ken Johnson b59c85fade I feel like this is fairly important to make sure we avoid causing headaches, lol 2013-05-24 19:19:37 -04:00
Ken Johnson 471c5851c7 okay, so, we have associations rocking 2013-05-24 19:15:36 -04:00
Ken Johnson 0d841124f5 assigned a user id, does not "appear" to have screwed anything up 2013-05-24 15:25:06 -04:00
Ken Johnson 31ce6ab1b5 test 2013-05-24 13:19:44 -04:00
Ken Johnson a10ba8c66c aws ignore 2013-05-24 12:42:50 -04:00
Ken Johnson 18740a7226 working on the dashboard, added some pie charts 2013-05-24 00:03:07 -04:00
Ken Johnson 4579d6e916 finished the first XSS example 2013-05-23 20:29:03 -04:00
Ken Johnson dbbb2ce651 finished the first instance of broken auth and sess mgmt 2013-05-23 20:06:24 -04:00
Ken Johnson c71ef0ccfd fixed some broken elements and added content to broken auth 2013-05-23 17:59:59 -04:00
Ken Johnson 9e92619294 refactored remaining tutorials 2013-05-23 17:12:39 -04:00
Ken Johnson 65dc8369e9 refactored url access and misconfig 2013-05-23 17:08:35 -04:00
Ken Johnson 958de07b4a refactored insecure dor 2013-05-23 17:01:43 -04:00
Ken Johnson 4b8b2243c3 refactored xss 2013-05-23 16:59:36 -04:00
Ken Johnson b280d84955 refactored injection 2013-05-23 16:57:18 -04:00
Ken Johnson 51aa8701f2 refactoring tutorial instances into partials for extensibility 2013-05-23 16:55:27 -04:00
Ken Johnson c72178a665 changed formatting of a paragraph element with a class of desc 2013-05-23 16:42:49 -04:00
Ken Johnson f674a57440 awesome. now we show code snippets in a much better way. Peeps who add to the tutorials will need to enclose code w/ <pre class="ruby></pre> 2013-05-23 15:18:39 -04:00
Ken Johnson a877e93780 abstracted out tutorial as I start writing these up, otherwise the html is going to get incredibly cluttered 2013-05-22 13:26:00 -04:00
Ken Johnson 7032fcaaed another fixer upper 2013-05-22 13:07:19 -04:00
Ken Johnson 9a53087361 okay, added some added color enhancements, time to write up some A3 shiz 2013-05-22 12:44:24 -04:00
Ken Johnson e03fd8548c abstracted out the validation js, need to add it to signup, then basically write up broken auth for both lack of pwd complexity and username/password enumeration 2013-05-22 11:47:00 -04:00
Ken Johnson 46c1af43cd okay, I swear, last commit of the night. This adds a pwd confirmation field to account update as well as the relevant js 2013-05-22 03:41:28 -04:00
Ken Johnson c60eea0781 prolly about as close as I am gonna get tonight 2013-05-22 03:30:53 -04:00
Ken Johnson 429794e74f rough version of form validation added to app 2013-05-22 02:35:54 -04:00
Ken Johnson c36012c76f added back .rvmrc because it caused issues w/ pow 2013-05-21 11:58:24 -04:00
Ken Johnson 671095e030 added a vuln for broken auth and session mgmt, issue #2 2013-05-21 00:58:11 -04:00
Ken Johnson b2e2a1b4b0 moved delete button away from submit button (duh), and changed delete a user to a POST request after realizing a spider might wreak havoc on that and delete all users 2013-05-21 00:42:56 -04:00