Commit Graph

82 Commits

Author SHA1 Message Date
0bdb6cf2fb
Minor fixes 2020-12-07 17:48:15 +00:00
32c01f6e0b Removed useless feature 2020-11-03 03:00:03 +00:00
d53e8135ee Reverted recent accidental changes 2020-11-02 22:04:57 +00:00
96aa01b9c6 Recent changes 2020-11-02 21:44:05 +00:00
06d1e0ad3f RSM-8 Add team files page and ability to download files 2020-10-11 02:54:09 +01:00
6541e25a39 Apply fixes from StyleCI 2020-10-10 16:30:26 +00:00
077ead9612 RSM-5 Made Vacancies easily linkable to Teams 2020-10-09 22:27:36 +01:00
6cc99d2ebe Prevent empty form creation 2020-10-09 00:56:11 +01:00
596a469e15 Add user invitation facilities RSM-5
Adds user invitation to teams, and framework for assigning taems
Also adds user acc. deletion.
2020-10-08 19:19:10 +01:00
75f4404259 RSM-6 Team features 2020-10-03 21:36:35 +01:00
0dfb68dba2 Add acceptable "permanent" ban time 2020-09-08 00:05:37 +01:00
24303052ad Ban validation update 2020-09-07 23:57:50 +01:00
178bc31a6e Ban datetime format 2020-09-07 23:44:14 +01:00
95bf7c239e Update ban time logic 2020-09-07 23:38:25 +01:00
4d2595dd39 Update ban logic 2020-09-07 23:33:35 +01:00
1319ce6b86 Added more debug logging 2020-09-07 22:56:54 +01:00
bea83b650c Added more debug logging 2020-09-07 22:54:20 +01:00
8e85e08171 Vacancy tweaks 2020-09-03 02:52:21 +01:00
de3dba3627 Vacancy tweaks 2020-09-03 02:50:19 +01:00
7e58c3af6b Add more missing translation strings
Also fixed broken vacancy editor
2020-09-03 02:20:15 +01:00
60874c046f Conditionally pre-load Appointment relationship 2020-09-03 00:34:35 +01:00
af96d193a4 Missing login button translation 2020-09-03 00:11:49 +01:00
9b5e35b241 Missing typehint 2020-09-02 20:52:56 +01:00
a0192cdb02 Added route localization and auto detection 2020-09-02 17:43:27 +01:00
00cc36246f Minor import change 2020-08-31 19:53:10 +01:00
41e3e817a2 Added error messages to settings.blade.php 2020-08-31 19:50:58 +01:00
2afea88846 Added logging to Settings 2020-08-31 19:47:27 +01:00
cd874c5f58 Settings auth checks 2020-08-31 18:36:38 +01:00
a3071dccf9 Update wrong view name 2020-08-31 17:58:07 +01:00
b0cbf65cfc Added missing permissions to roles 2020-08-31 17:55:36 +01:00
ca82f5882d Add settings page 2020-08-30 23:06:01 +01:00
535a2c3973 Fixed broken banning logic 2020-08-13 22:12:17 +01:00
ad5c3404cc
Update variable 2020-07-25 01:20:43 +01:00
62b063ee63
Missed variable name 2020-07-23 02:37:08 +01:00
94d08f1886 Trust Heroku proxies
This commit also forces the environment into HTTPS when in production.
2020-07-18 06:33:00 +01:00
91627decbe Added Heroku Procfile
Also changed required password length for new users
2020-07-18 02:45:15 +01:00
2763f777ab Add password strength requirment
This commit adds a password strength requirement for new users using 
regular expressions.
Also adds a dismissable alert so users know how to create passwords 
properly.
2020-07-17 23:13:46 +01:00
d392c0593f Add two factor authentication 2020-07-17 22:44:10 +01:00
5f1f92a9ce Code review
This commit fixes some superficial instances of Broken Access Control 
(https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_A5-Broken_Access_Control).
There may be some more instances of this, as authorization was only done 
after most of the controllers were done (big mistake).

Some refactoring was also performed, where Route Model Binding with DI 
(dependency injection) was used whenever possible, to increase 
testability of the codebase.
Some reused code was also moved to Helper classes as to enforce DRY; 
There may be some lines of code that are still copy-pasted from other 
parts of the codebase for reuse.

Non-breaking refactoring changes were made, but the app as a whole still 
needs full manual testing, and customised responses to HTTP 500 
responses. Some errors are also not handled gracefully and this wasn't 
checked in this commit.
2020-07-16 21:21:28 +01:00
4a766620ff Fix appointment policy not being called correctly
This commit fixes the appointment policy being called at the wrong time, with the wrong arguments.
It also fixes wrong references on the auth service provider, also fixing other issues with poliy usage.

Fixes #3 and SPACEJEWEL-HOSTING-59.
2020-07-16 05:24:00 +01:00
bca6020ab0 Add ability to edit forms and add new fields
This commit adds the ability to edit and modify existing forms.
On the technical side, it also adds a new reusable validation Facade which helps reduce duplicated code.
2020-07-15 06:48:49 +01:00
1f50faaea7 Add ability to preview application 2020-07-12 19:36:12 +01:00
e978a5417b Added ability to delete single application
Also moved User observer code to Application observer
2020-07-12 17:01:33 +01:00
4dc412e53c Added check for constrained models when deleting 2020-07-12 06:39:39 +01:00
bd0664ce0d Add ability to edit Vacancies 2020-07-11 20:34:26 +01:00
4b390ea536 Added full Vacancy description
Also added support for Markdown
2020-07-11 05:34:12 +01:00
035c9399a6 Add "All Applications" page 2020-07-11 02:43:59 +01:00
ed95f02e00 Fix error where exception appeared instead of error message
This commit fixes an issue with fake MC usernames being used and 
resulting in a fatal exception. Displays an error msg now.
2020-06-28 04:51:32 +01:00
599d742e96 Use UUID conversion facade 2020-06-28 00:46:49 +01:00
33c16fcf46 Add user directory & isolate authorisation 2020-06-27 19:15:33 +01:00