team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,945 Commits 1 Branch 0 Tags
8e406c3d4aecd16cc81a756fc8f3851c55b3068d
Commit Graph

1945 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ken Johnson eb861e3534 added @oreoshake fix for the gemset creation since the merged pull request doesnt seem to have taken 2013-05-30 12:54:55 -04:00
Ken Johnson 23bc521787 got rid of mass assignment in certain areas 2013-05-30 12:52:43 -04:00
Ken Johnson ff36b0fab5 working way to update your scheduled PTO 2013-05-30 12:11:50 -04:00
Ken Johnson 8044080b25 fixed height w/ JS 2013-05-28 16:11:03 -04:00
Ken Johnson caf348f189 made some big changes here. The schedule had a has_one relationship with the PTO model. That is a problem since we only get one result back. meaning, a user cant have multiple scheduled events. This has been fixed with the use of has_many within the PTO model. Now, in relation to the PTO section, the next changes to happen are to be a fully functional create action that allows an event to be schedule, the form and controller has already been created. Umm, also, a calendar has been added and when we get the results back from a call to the create event action we will update that calendar. Think that is about it for now 2013-05-28 12:48:35 -04:00
Ken Johnson 3016af35c7 got rid of the extras on the sidebar 2013-05-28 11:06:21 -04:00
Ken Johnson 92c07b49c1 putting in a calendar to show any scheduled PTO days 2013-05-28 11:01:52 -04:00
Ken Johnson a1712f78a3 added another chart for PTO and fixed badly named method 2013-05-28 10:41:04 -04:00
Ken Johnson 657db353c4 working on new chart for PTO 2013-05-28 10:12:31 -04:00
Ken Johnson 9feae35f5f switching to a different graph 2013-05-28 09:44:17 -04:00
Ken Johnson 21752fab7e I am setting this up, in this way, so that we have some extensibility. We may wish to have some sort of a polymorphic association where multiple models need to have a scheduling model available to them. That being said, as of right now, only the pto model needs it so I am doing a belong_to and has_one association between the two 2013-05-27 13:09:33 -04:00
Ken Johnson 8bfdf45ff9 trying to fix up broken links and the broken css 2013-05-27 09:48:03 -04:00
Ken Johnson 923abddb89 working on the PTO section 2013-05-27 09:38:34 -04:00
Ken Johnson daddb138a5 okay, I am tired, I am just gonna continue this effort sat night or sun. Anyways, some of the main things this app should do are running so not a bad day. I would say we are only a couple days from beta release. 2013-05-25 03:01:53 -04:00
Ken Johnson 2acc5af274 new interface for PTO, although I need to work on dynamically generating the content 2013-05-25 02:45:26 -04:00
Ken Johnson af763d40bf added the PTO section 2013-05-24 20:54:07 -04:00
Ken Johnson 3fb341553c 401k view, now I need to make sure these stats populate for every user 2013-05-24 20:02:30 -04:00
Ken Johnson 96e0095878 moving in the right direction 2013-05-24 19:51:09 -04:00
Ken Johnson b1b378f451 added seed data, now time to work on the controllers and the view 2013-05-24 19:34:58 -04:00
Ken Johnson b59c85fade I feel like this is fairly important to make sure we avoid causing headaches, lol 2013-05-24 19:19:37 -04:00
Ken Johnson 471c5851c7 okay, so, we have associations rocking 2013-05-24 19:15:36 -04:00
Ken Johnson 0d841124f5 assigned a user id, does not "appear" to have screwed anything up 2013-05-24 15:25:06 -04:00
Ken Johnson 383835d57d added seed data, this closes issue #12 2013-05-24 13:57:48 -04:00
Ken Johnson 2ceb0328c3 added gem 2013-05-24 13:34:28 -04:00
Ken Johnson 31ce6ab1b5 test 2013-05-24 13:19:44 -04:00
Ken Johnson a10ba8c66c aws ignore 2013-05-24 12:42:50 -04:00
Ken Johnson 18740a7226 working on the dashboard, added some pie charts 2013-05-24 00:03:07 -04:00
Ken Johnson 4579d6e916 finished the first XSS example 2013-05-23 20:29:03 -04:00
Ken Johnson dbbb2ce651 finished the first instance of broken auth and sess mgmt 2013-05-23 20:06:24 -04:00
Ken Johnson c71ef0ccfd fixed some broken elements and added content to broken auth 2013-05-23 17:59:59 -04:00
Ken Johnson 9e92619294 refactored remaining tutorials 2013-05-23 17:12:39 -04:00
Ken Johnson 65dc8369e9 refactored url access and misconfig 2013-05-23 17:08:35 -04:00
Ken Johnson 958de07b4a refactored insecure dor 2013-05-23 17:01:43 -04:00
Ken Johnson 4b8b2243c3 refactored xss 2013-05-23 16:59:36 -04:00
Ken Johnson b280d84955 refactored injection 2013-05-23 16:57:18 -04:00
Ken Johnson 51aa8701f2 refactoring tutorial instances into partials for extensibility 2013-05-23 16:55:27 -04:00
Ken Johnson c72178a665 changed formatting of a paragraph element with a class of desc 2013-05-23 16:42:49 -04:00
Ken Johnson f674a57440 awesome. now we show code snippets in a much better way. Peeps who add to the tutorials will need to enclose code w/ <pre class="ruby></pre> 2013-05-23 15:18:39 -04:00
Ken Johnson a877e93780 abstracted out tutorial as I start writing these up, otherwise the html is going to get incredibly cluttered 2013-05-22 13:26:00 -04:00
Ken Johnson 7032fcaaed another fixer upper 2013-05-22 13:07:19 -04:00
Ken Johnson 9a53087361 okay, added some added color enhancements, time to write up some A3 shiz 2013-05-22 12:44:24 -04:00
Ken Johnson e03fd8548c abstracted out the validation js, need to add it to signup, then basically write up broken auth for both lack of pwd complexity and username/password enumeration 2013-05-22 11:47:00 -04:00
Ken Johnson 46c1af43cd okay, I swear, last commit of the night. This adds a pwd confirmation field to account update as well as the relevant js 2013-05-22 03:41:28 -04:00
Ken Johnson c60eea0781 prolly about as close as I am gonna get tonight 2013-05-22 03:30:53 -04:00
Ken Johnson 429794e74f rough version of form validation added to app 2013-05-22 02:35:54 -04:00
Ken Johnson c3cabbbad1 removed those changes 2013-05-21 11:58:57 -04:00
Ken Johnson c36012c76f added back .rvmrc because it caused issues w/ pow 2013-05-21 11:58:24 -04:00
Ken Johnson 775f44a54e using ruby version and ruby gemset instead of .rvmrc 2013-05-21 11:22:24 -04:00
Ken Johnson 671095e030 added a vuln for broken auth and session mgmt, issue #2 2013-05-21 00:58:11 -04:00
Ken Johnson b2e2a1b4b0 moved delete button away from submit button (duh), and changed delete a user to a POST request after realizing a spider might wreak havoc on that and delete all users 2013-05-21 00:42:56 -04:00