Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release - 0.2.0 #42

Merged
merged 43 commits into from Jun 21, 2021
Merged

Release - 0.2.0 #42

merged 43 commits into from Jun 21, 2021

Conversation

malparty
Copy link
Owner

Content

User web authentication with Devise.
Preview available in Staging

Features

Chores

N/A

Bugs

N/A

@malparty
[#5] Edit default from email
5da306d
@malparty
[#5] Add flash notice-alert in view layout
7175a1d
@malparty
[#5] Generate basic User model from Devise
50076a3
@malparty
[#5] Add firstname lastname to User
10cbeea
@malparty
[#5] Generate Devise views
b6ae354
@malparty
[#5] Add lastname and firstname to registration views
3b359ae
@malparty
[#293] Merge from setup-deploy branch to get empty view
3d8c6f4
@malparty
[#293] Add logout button
7147cf9
@malparty
[#293] Add before_action authenticate_user
c2c642b
@malparty
[#293] Setup DoorKeeper to embbed OAuth2
d656a8d
@malparty
[#293] Setup DoorKeeper to embbed OAuth2
38e6db8
@malparty
[#5] Hide sign out button when not logged
145411b
@malparty
[#5] Edit default from email
b49d334
@malparty
[#5] Add flash notice-alert in view layout
271ef92
@malparty
[#5] Rebase from Config Deployment
111bad2
@malparty
[#5] Add firstname lastname to User
574b467
@malparty
[#5] Generate Devise views
d150da1
@malparty
[#5] Add lastname and firstname to registration views
a57d6da
@malparty
[#293] Add logout button
3dbcb86
@malparty
[#293] Add before_action authenticate_user
bfe7091
@malparty
[#293] Setup DoorKeeper to embbed OAuth2
3131f03
@malparty
[#293] Setup DoorKeeper to embbed OAuth2
5fc126d 
Rebase from setup deployment workflows
@malparty
[#5] Hide sign out button when not logged
f0a6257
@malparty
Merge branch 'feature/user-login-backend' of https://github.com/malpa…
5d398cb 
…rty/google-search-ruby into feature/user-login-backend

Pull from GitHub
@malparty
[#5] Add user db seed for system tests
53ea9b7
@malparty
[#5] Add login system tests
e7389a9
@malparty
root commit
7139952
@malparty
[#5] Fix missing password_confirmation param in sign_up request
ad3fab5
@malparty
[#5] Add login and signup system tests
49e917b
@malparty
[#5] Update system tests to use faster sign_in method helper
557c936
@malparty malparty added this to the 0.2.0 milestone Jun 21, 2021
@malparty malparty self-assigned this Jun 21, 2021
@malparty malparty added this to In development in Product backlog via automation Jun 21, 2021
github-actions[bot]
github-actions bot reviewed Jun 21, 2021
View reviewed changes
app/controllers/application_controller.rb
protected

def update_allowed_parameters
devise_parameter_sanitizer.permit(:sign_up) do |u|
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Has the variable name 'u'

github-actions[bot]
github-actions bot reviewed Jun 21, 2021
View reviewed changes
app/controllers/application_controller.rb
devise_parameter_sanitizer.permit(:sign_up) do |u|
u.permit(:first_name, :last_name, :email, :password, :password_confirmation)
end
devise_parameter_sanitizer.permit(:account_update) do |u|
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Has the variable name 'u'

github-actions[bot]
github-actions bot reviewed Jun 21, 2021
View reviewed changes
app/models/user.rb
# the authenticate method from devise documentation
def self.authenticate(email, password)
user = User.find_for_authentication(email: email)
user&.valid_password?(password) ? user : nil
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Is controlled by argument 'password'

github-actions[bot]
github-actions bot reviewed Jun 21, 2021
View reviewed changes
spec/support/authentication_helper.rb
login_as user, scope: :user
end

def sign_up_ui(email, password, password_confirm = nil)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Has approx 8 statements

@github-actions
Copy link

3 Errors
🚫 Brakeman static analysis detected issues in the code. If this is a false positive, mark it as such.
🚫 Code coverage data not found
🚫 Undercover: coverage report cannot be found.

BRAKEMAN REPORT

Application path Rails version Brakeman version Started at Duration
/home/runner/work/google-search-ruby/google-search-ruby 6.1.3.1 5.0.1 2021-06-21 05:19:43 +0000 2.179770558 seconds
Checks performed
BasicAuth, BasicAuthTimingAttack, CSRFTokenForgeryCVE, ContentTag, CookieSerialization, CreateWith, CrossSiteScripting, DefaultRoutes, Deserialize, DetailedExceptions, DigestDoS, DynamicFinders, EscapeFunction, Evaluation, Execute, FileAccess, FileDisclosure, FilterSkipping, ForgerySetting, HeaderDoS, I18nXSS, JRubyXML, JSONEncoding, JSONEntityEscape, JSONParsing, LinkTo, LinkToHref, MailTo, MassAssignment, MimeTypeDoS, ModelAttrAccessible, ModelAttributes, ModelSerialize, NestedAttributes, NestedAttributesBypass, NumberToCurrency, PageCachingCVE, PermitAttributes, QuoteTableName, Redirect, RegexDoS, Render, RenderDoS, RenderInline, ResponseSplitting, RouteDoS, SQL, SQLCVEs, SSLVerify, SafeBufferManipulation, SanitizeMethods, SelectTag, SelectVulnerability, Send, SendFile, SessionManipulation, SessionSettings, SimpleFormat, SingleQuotes, SkipBeforeFilter, SprocketsPathTraversal, StripTags, SymbolDoSCVE, TemplateInjection, TranslateBug, UnsafeReflection, UnsafeReflectionMethods, ValidationRegex, VerbConfusion, WithoutProtection, XMLDoS, YAMLParsing

SUMMARY

Scanned/Reported Total
Controllers 2
Models 2
Templates 17
Errors 0
Security Warnings 1 (0)
Warning Type Total
Cross-Site Scripting 1

SECURITY WARNINGS

Confidence Class Method Warning Type Message
Medium Cross-Site Scripting loofah gem 2.10.0 is vulnerable (CVE-2018-8048). Upgrade to 2.2.1 near line 214

Generated by 🚫 Danger

github-actions[bot]
github-actions bot reviewed Jun 21, 2021
View reviewed changes
spec/support/authentication_helper.rb
fill_in 'user_last_name', with: user.last_name
fill_in 'user_email', with: email
fill_in 'user_password', with: password
fill_in 'user_password_confirmation', with: password_confirm || password
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Is controlled by argument 'password_confirm'

Product backlog automation moved this from In development to Ready for QA Jun 21, 2021
@junan
Copy link
Contributor

junan commented Jun 21, 2021

@malparty I think we don't need Content section.

In compass release we add Content section(where we add content type PRs) also because we in the compass repo we have content type of issue/PR besides feature, chore, bug, release type of issue/PR . Most of the our projects we only have release, feature, chore, bug type.

@malparty
Copy link
Owner Author

@malparty I think we don't need Content section.

In compass release we add Content section(where we add content type PRs) also because we in the compass repo we have content type of issue/PR besides feature, chore, bug, release type of issue/PR . Most of the our projects we only have release, feature, chore, bug type.

Thanks! Time saver for future releases!! :) :) :)

@malparty malparty merged commit 6ce1fed into main Jun 21, 2021
@malparty malparty moved this from Ready for QA to Completed in Product backlog Jun 23, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions left review comments

@junan junan junan approved these changes

@ankitkalia1195 ankitkalia1195 ankitkalia1195 approved these changes

Assignees

@malparty malparty

Labels
priority: normal type: release @0.2.0 First usable release.
Projects
Product backlog
Completed
Milestone
0.2.0
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@malparty @junan @ankitkalia1195