1. 05 Dec, 2021 1 commit
  2. 12 Feb, 2021 1 commit
  3. 01 Oct, 2020 1 commit
  4. 08 Apr, 2020 1 commit
  5. 16 Nov, 2019 2 commits
    • ale's avatar
      Split availability check from user validation too · eef4b6e1
      ale authored
      And fix an issue where validHostedEmail() was no longer checking for
      availability in email alias validation.
      eef4b6e1
    • ale's avatar
      Add an UpdateResource action · 0bb4fb1e
      ale authored
      Since this requires validating an *existing* resource, we also split
      out the availability checks in the validation code from the
      syntactical validation, which is a good thing anyway.
      0bb4fb1e
  6. 06 Oct, 2019 1 commit
  7. 22 Aug, 2019 1 commit
    • ale's avatar
      Add missing validations and an availability API endpoint · b790a71a
      ale authored
      Previously some resource types were not validating requests for
      uniqueness (the creation would have failed later, at database commit
      time).
      
      The availability API allows unauthenticated callers (i.e. everyone) to
      query for existence of a specific resource, or resources that would
      conflict with it in the global namespace. It's basically a public
      validation check, meant so that applications that let users create
      accounts can provide early feedback on availability.
      b790a71a
  8. 09 Jun, 2019 1 commit
  9. 03 Feb, 2019 1 commit
    • ale's avatar
      Add a SearchResource API · dd4cfa28
      ale authored
      To support pattern searches, make the LDAP query templates understand
      both "admin-provided input" and "user-provided input", so that
      wildcards will only be escaped in the latter case.
      dd4cfa28
  10. 14 Dec, 2018 1 commit
  11. 17 Nov, 2018 1 commit
    • ale's avatar
      Switch to really opaque ResourceIDs · 78d08eef
      ale authored
      The new ResourceID is really a database ID (in our case, a LDAP DN),
      and we have completely decoupled other request attributes like type
      and owner from it.
      
      Resource ownership checks are now delegated to the backend.
      
      Also change the backend CreateResource call to CreateResources, taking
      multiple resources at once, so we can perform user-level resource
      validation, and simplify the CreateUser code path.
      78d08eef
  12. 16 Nov, 2018 1 commit
    • ale's avatar
      Add shard and status to the User type · c5d3b1a5
      ale authored
      The shard is kept in sync with the email resource shard. CreateUser
      validation enforces a single email resource per account.
      c5d3b1a5
  13. 14 Nov, 2018 1 commit
  14. 09 Nov, 2018 1 commit
    • ale's avatar
      First stage of refactor targeting simplicity · 4e34034b
      ale authored
      Structure flow around requests themselves and composition rather than
      handlers and wrappers, the results are likely more readable (and
      shorter).
      
      Move all the user auth management business logic to a smart RawUser
      object, to separate it from details of API handling. The result should
      be more understandable: all critical changes are contained within a
      single type.
      
      Also, with all the workflow driven by Requests, we can get rid of the
      boilerplate in the HTTP API server and replace it with a tiny tiny
      layer of reflection.
      4e34034b