Commit Graph

13 Commits

Author SHA1 Message Date
leigh-mil
663fb9f288 Use ApplicationRoles.disable() instead of Applications.remove_member() 2019-09-26 09:53:20 -04:00
leigh-mil
5c54c043c0 Add route for applications.revoke_invite 2019-09-26 09:46:23 -04:00
dandds
6dc1e10e77 Delete unused Vue components and remove references to them. 2019-09-25 06:14:12 -04:00
graham-dds
dbc851258f Update .secrets.baseline 2019-09-24 10:16:49 -04:00
dandds
112f0e0ab2 Initial JS tests for the Vue TOForm component.
This adds BeautifulSoup to the Python dev dependencies so that we can
render an entire page and then extract the Vue component we need.
Ideally, we should refactor all the Vue components so that they live in
Jinja macros and we can render those macros directly.
2019-09-20 15:24:55 -04:00
leigh-mil
93530e903f Create route for updating app member 2019-09-18 11:16:54 -04:00
leigh-mil
ddcd91964f Remove route 'applications.update_env_roles' and related functions and tests 2019-09-11 15:29:09 -04:00
dandds
883947b75f Enable debug mode in tests.
Debug mode allows route integration tests to raise explicit exceptions on
errors, instead of returning error pages. Some portions of the test
suite need to be able to ignore exceptions (the response is not under
test) so they use a separate pytest fixture version of the app and
client that are configured with debug disabled, as it would be in
production.
2019-08-30 15:32:57 -04:00
richard-dds
0566b525f6 Fix secrets file 2019-08-28 15:56:50 -04:00
richard-dds
c324cde3b3 Update secrets baseline 2019-08-28 15:06:20 -04:00
dandds
5f0ff137d3 Raise default session lifetime to 30 minutes. 2019-08-21 14:44:55 -04:00
richard-dds
36d39dc949 Use unique attachment object names 2019-08-14 10:39:58 -04:00
dandds
2a0168b1e6 Scripts for finding accidental secrets in the repo.
This adds the following:
- A detect-secrets dependency and a related script
  (`script/detect_secrets`) to find and alert developers to secrets
  added to the code. By default, the script will search staged and new,
  unstaged files. It can optionally search only staged files.
- A whitelist, `.secrets.baseline`, that tracks instances of secrets or
  false positives already in the repo.
- Modifies `script/test` to detect secrets as part of the test suite.
- Updates to the README regarding the use of detect-secrets.
2019-08-13 05:59:56 -04:00