Commit graph

138 commits

Author SHA1 Message Date
Rien Maertens
7f30b99dde
Another security issue herp derp 2019-04-18 20:45:56 +02:00
Rien Maertens
4fb4385ba5
Also skip CSRF check for clients (Tap) 2019-04-18 00:50:41 +02:00
redfast00
ce5c1e3fbe
Host the charting library ourselves instead of from Google
This fixes the debt chart not working in Firefox (has a built-in tracking blocker). Also made chart nicer
to display by adding percentages
2019-04-13 21:26:51 +02:00
redfast00
9a4be12e6e
API create transaction 2019-04-12 11:33:13 +02:00
redfast00
0e9b607061
Make API more friendly 2019-04-11 17:34:23 +02:00
redfast00
dee3e9a50a
Add transactions API 2019-04-10 14:15:20 +02:00
redfast00
4eb84e1c91
Fix CSRF in form submission 2019-04-10 14:14:17 +02:00
redfast00
51a045dae9
Don't allow users to see each others balances 2019-04-10 11:58:48 +02:00
redfast00
b44e288070
Fix IDOR in requests 2019-03-24 22:31:03 +01:00
Rien Maertens
6a9651efbd
Hoe heeft dit OOIT gewerkt? 2018-08-07 20:13:23 +02:00
Robbe Van Herck
01b403c99e Added reset token 2018-06-20 19:28:01 +02:00
Robbe Van Herck
1581a38026 Add user API token 2018-06-20 18:51:17 +02:00
Robbe Van Herck
049b7bc3e4 Updated to Rails 5.2.0 2018-06-20 18:02:33 +02:00
David Vandorpe
7e07debc91
Revert "Fix for WiNA"
This reverts commit eae4a3e99c.
2018-03-21 19:40:03 +01:00
David Vandorpe
eae4a3e99c
Fix for WiNA 2018-03-13 14:50:50 +01:00
benji
e7d88b7083 Change after_sign_in_page to root and add sign_out button 2017-01-16 21:40:09 +01:00
benji
c94738123a Add card view for open outgoing requests 2017-01-14 23:12:45 +01:00
benji
c5176aa479 Allow submitting of react form 2017-01-14 22:45:51 +01:00
benji
c160188af5 Add more info to the landing page 2017-01-14 16:22:44 +01:00
benji
546d918700 Add transactions view 2017-01-11 21:18:23 +01:00
benji
a803d005a3 Authorize creating requests for users, and add links for pennings to zeus requests 2017-01-11 14:34:17 +01:00
benji
ad395945f2 Merge branch 'master' of github.com:ZeusWPI/Tab into request-payments 2017-01-11 14:14:06 +01:00
benji
35fba66b39 Merge branch 'master' into fancy-user-page 2017-01-11 13:59:10 +01:00
benji
4a631bc0c2 Add notifications about requests 2017-01-09 16:22:58 +01:00
benji
4748625502 Make requests for money 2017-01-09 15:46:43 +01:00
benji
8a9e9d9184 Use decent escaping of special characters in transaction messages 2016-05-20 15:08:14 +02:00
benji
50d27561e4 escape shit 2016-03-21 11:54:32 +01:00
benji
8306271bd9 Remove unused private method 2016-02-17 15:20:12 +01:00
benji
ac2dbee62b Privacy and stuff 2016-02-10 15:23:16 +01:00
benji
ccc7b987dd Return new user instead of nil to avoid parse errors 2016-02-04 13:45:12 +01:00
benji
53f1a0a44f Put confirmation and maximum limit on transaction amount 2016-02-02 18:34:19 +01:00
benji
4faf3e36ab More stuff 2016-02-02 17:49:32 +01:00
benji
aa2b22358a Return balance for non-existing user 2016-02-02 15:24:26 +01:00
benji
61a85146ea Return a new user when it doesn't exist 2016-02-02 15:20:29 +01:00
Felix Van der Jeugt
7da6b0fed6 Merge pull request #10 from ZeusWPI/cute-little-statistics
Cute little statistics
2015-09-17 18:30:39 +02:00
Felix Van der Jeugt
4aebb0be59 improve landing page 2015-09-17 18:23:21 +02:00
benji
cbf491e49c Move datatables to seperate controller and provide user#show api 2015-09-17 16:46:33 +02:00
Felix Van der Jeugt
9191e12ce9 fix amount distribution, still ugly though 2015-09-14 17:30:52 +02:00
Felix Van der Jeugt
2a51355046 fix shamepie, break distribution 2015-09-14 17:21:53 +02:00
Felix Van der Jeugt
32e1ebfb94 Merge branch 'master' into cute-little-statistics 2015-09-14 16:32:45 +02:00
Felix Van der Jeugt
d0d7510532 better piechart of origins 2015-09-14 16:17:01 +02:00
Felix Van der Jeugt
6a86a418eb show transaction distribution in euro's 2015-09-14 15:14:09 +02:00
benji
0cf5872a98 Add id_at_client to transactions + tests 2015-09-14 13:16:01 +02:00
benji
6c04a90f68 Return new transaction on create 2015-09-14 10:32:58 +02:00
Felix Van der Jeugt
54b8e8808b Merge branch 'master' into cute-little-statistics 2015-09-12 15:46:45 +02:00
benji
1b6f83f70a typo oO 2015-09-12 12:26:02 +02:00
benji
cd939f2bf1 Create user when he/she doesn't exist yet and name provided through api 2015-09-12 12:21:12 +02:00
benji
1fba3b98be Use http authorization to place api key 2015-09-12 10:51:37 +02:00
Felix Van der Jeugt
9302c3533b add distributions of debt sources and transaction amounts 2015-09-12 00:55:23 +02:00
Felix Van der Jeugt
c9010f59ee add shamepie -- the big slices are really gross! 2015-09-12 00:17:43 +02:00