team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,227 Commits 1 Branch 0 Tags
a6802aee5c9ed0a55b0652e36743fdc19fba0eb8
Commit Graph

38 Commits

Author SHA1 Message Date
Joseph Mastey b934194ffe bug(passwords): fix situations where better password rules inadvertently break tests 
* use bang version of save methods in the seeds file, so that when you fix validation,
  it will at least explode, rather than silently failing to create users
* fix two tests where passwords are hardcoded so that they use stronger passwords,
  since password complexity is not the important bit of either of those tests.
 2017-09-18 12:58:26 -05:00
Joseph Mastey 0bfa2f155d chore(seeds): remove useless trailing whitespace from seeds 2017-09-18 12:47:39 -05:00
Joseph Mastey 54b8c291ea upgrade(rails 5): no longer use rake to invoke rake tasks, use rails 
though I left the case alone where the command would previously been
just `bundle exec rake`, as doing the same doesn't work for rails.
 2017-01-19 13:59:40 -06:00
Al Snow a343b970d9 Upgraded simplecov and poltergeist gems 2016-02-03 17:44:13 -05:00
Fred Nixon ea8e9901f4 On branch strong-params 
Your branch is behind 'origin/strong-params' by 1 commit, and can be fast-forwarded.

I'll pull to catch up after this commit
Change code to whitelist params
Remove attr_accessible lines
Add strong_params to Gemfile, since this branch is still on Rails 3
Mixin to ActiveRecord::Base ActiveModel::ForbiddenAttributesProtection
Use an initializer for the mixin
 2014-12-05 15:04:01 -05:00
cktricky e20d273139 making sure chnages to one branch does not affect another 2014-08-04 13:30:26 -04:00
John Poulin 3f63480022 Added Analytics function to track user hits by ip address, referrer and user agent 2014-04-17 20:03:50 -04:00
cktricky 59946e056c changed motorcross to motocross everywhere that it used. Closes or resolves issue #104 2014-03-26 12:58:48 -04:00
cktricky 70b44b36ad oops, mikes password changed for some reason which conflicts with our tutorials and such 2014-03-25 11:57:11 -04:00
cktricky 2c8781ebc1 added a pay controller and model 2014-03-14 20:29:14 -04:00
relotnek e7c30151d4 added token to users model and generate token method to users controller 2014-03-11 20:28:15 -04:00
cktricky 98678b0364 Merge branch 'top-10-2013' of github.com:OWASP/railsgoat into top-10-2013 2013-11-13 19:51:59 -05:00
cktricky b605a42812 got the code kicked off so we can encrypt SSN(s) in the database 2013-11-13 19:51:42 -05:00
Mike McCabe 2629565f21 fixing a small typo :) 2013-11-13 19:34:04 -05:00
cktricky efcb7b8c4b working on encryption 2013-11-13 18:24:26 -05:00
cktricky 8c672fd2fc fixed the route 2013-11-13 12:16:48 -05:00
Mike McCabe b0a5248c05 adding read data to seeds 2013-10-12 13:38:47 -04:00
Mike McCabe 8686f6b9d3 adding messages mvc to allow users to send messages. 2013-10-11 16:03:37 -04:00
cktricky da061c79b6 intended to remove some of the weirdness when updating a users account. A blank password basically ends up causing the previously existing password to be hashed twice. Probably move to has_secure_password at some point although that may end up screwing up the intent of the particular tutorial item 2013-09-30 13:03:03 -04:00
Ken Johnson ea2014b637 I have exhausted all thoughts on how to actually get jquery file upload to work, so screw it, I am just going to make something homegrown for tomorrow 2013-07-09 13:53:00 -04:00
Ken Johnson 7b900bda2d fixes issue #24 2013-06-10 16:25:14 -04:00
Ken Johnson cc38bd3f2a testing to see if I have commit access 2013-06-06 20:52:09 -04:00
Ken Johnson 379c442049 I have added the performance model, controller, route and seed data, now I am working on the actual visual aspects of the page 2013-05-31 14:45:31 -04:00
Ken Johnson f8e21af3e0 added a new vulnerability plus completed the work info page 2013-05-31 11:41:54 -04:00
Ken Johnson 97ca13632d removed mass assignment of user_id in the users model 2013-05-31 11:08:38 -04:00
Ken Johnson 08a8c60276 added route, controller, model, sidebar link, and basic index page for the work info section so that we can render user data 2013-05-31 10:48:20 -04:00
Ken Johnson 23bc521787 got rid of mass assignment in certain areas 2013-05-30 12:52:43 -04:00
Ken Johnson 21752fab7e I am setting this up, in this way, so that we have some extensibility. We may wish to have some sort of a polymorphic association where multiple models need to have a scheduling model available to them. That being said, as of right now, only the pto model needs it so I am doing a belong_to and has_one association between the two 2013-05-27 13:09:33 -04:00
Ken Johnson af763d40bf added the PTO section 2013-05-24 20:54:07 -04:00
Ken Johnson b1b378f451 added seed data, now time to work on the controllers and the view 2013-05-24 19:34:58 -04:00
Ken Johnson 471c5851c7 okay, so, we have associations rocking 2013-05-24 19:15:36 -04:00
Ken Johnson 0d841124f5 assigned a user id, does not "appear" to have screwed anything up 2013-05-24 15:25:06 -04:00
Ken Johnson 383835d57d added seed data, this closes issue #12 2013-05-24 13:57:48 -04:00
Ken Johnson 9c37eb99a1 lost track of what I was doing so I cant tell you what Ive done, heh 2013-04-25 15:23:07 -04:00
Ken Johnson 68acfe3803 added something :-) 2013-04-25 01:24:59 -04:00
Ken Johnson 47ce08bb20 working login, signup, and logout 2013-04-25 00:19:00 -04:00
Ken Johnson 5a992c3c1f made some changes to the application controller, added a user controller, and am now about to start working on the login piece 2013-04-24 18:09:43 -04:00
Ken Johnson dafe2a5f4a first commit 2013-03-19 17:27:18 -04:00