Mike Dalessio
fa118a7d83
Add validation for the join code usage limit
...
which is preferred to generating a database error
2025-12-10 10:10:08 -05:00
Stanko K.R.
5ce71bf941
Move Identities to My::Identities
2025-12-10 15:13:35 +01:00
Stanko K.R.
90e6322092
Return no content on update
2025-12-10 15:07:22 +01:00
Stanko K.R.
566def581e
Remove redundant respond_to
2025-12-10 15:05:13 +01:00
Stanko K.R.
79e77a3780
Handle user update failures
2025-12-10 09:23:53 +01:00
Stanko K.R.
7b30ca203e
Add index actions for Comments and Columns
...
Also, fix crash when a deactivated user is serialized (they don't have
an identity).
2025-12-10 09:23:52 +01:00
Stanko K.R.
6b229424a3
Lower the number of returned unread notifications
...
After talking to the mobile team we cam to the conclusion that for the API and the mobile apps speed is of the utmost importance when working with notifications. So we agreed to lower the unread notifications limit to 100 like we have in Basecamp. This strikes a balance between speed and usability.
2025-12-10 09:23:52 +01:00
Stanko K.R.
bf51950007
Add API for reading notifications
2025-12-10 09:23:52 +01:00
Stanko K.R.
1a24c1373c
Add API for creating and updating boards
2025-12-10 09:23:52 +01:00
Stanko K.R.
f3ff0c605e
Add pagination to most places and fix cards pagination
2025-12-10 09:23:52 +01:00
Stanko K.R.
ba30a301dc
Add API for updating and deactivating users
2025-12-10 09:23:52 +01:00
Stanko K.R.
7a0554774c
Add API for columns
2025-12-10 09:23:52 +01:00
Stanko K.R.
d16b3756de
Add API for reactions
2025-12-10 09:23:52 +01:00
Stanko K.R.
eeed2a8416
Add API for watching cards
2025-12-10 09:23:52 +01:00
Stanko K.R.
ed1002f6c5
Add API for card triage
2025-12-10 09:23:52 +01:00
Stanko K.R.
8a84785056
Add API for tagging cards
2025-12-10 09:23:52 +01:00
Stanko K.R.
c517ef6063
Add API for CRUD actions on steps
2025-12-10 09:23:52 +01:00
Stanko K.R.
8a61ca2a79
Add API for postponing cards
2025-12-10 09:23:52 +01:00
Stanko K.R.
52e65b3c08
Add API for removing card images
2025-12-10 09:23:52 +01:00
Stanko K.R.
1caeea541d
Add API for gilding cards
2025-12-10 09:23:52 +01:00
Stanko K.R.
41115eaf87
Add API for comments CRUD
2025-12-10 09:23:52 +01:00
Stanko K.R.
b4012dfb40
Add API for closing and opening cards
2025-12-10 09:23:52 +01:00
Stanko K.R.
cf52982b8b
Add API for mobing cards between boards
2025-12-10 09:23:52 +01:00
Stanko K.R.
23e6f3b095
Add API for assigning cards
2025-12-10 09:23:52 +01:00
Stanko K.R.
235a94355e
Add card update & delete actions
2025-12-10 09:23:52 +01:00
Stanko K.R.
259707bf70
Fix identity tests
2025-12-10 09:23:52 +01:00
Jay Ohms
26fc9ecad4
Add an /identity.json endpoint to obtain the identity accounts and users
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson
ae0eaadcdf
Publish any API card as soon as it is created
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson
0159f369f4
Only authenticate with bearer token if the header is present
2025-12-10 09:23:52 +01:00
Jay Ohms
680f9c0c4d
Add top-level API index support for tags
2025-12-10 09:23:52 +01:00
Jay Ohms
5ad7b973cb
Add API support for users
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson
79fc57a82a
Use built-in authenticate_or_request_with_http_token
...
Hat tip to @adrienpoly
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson
983a19fd8a
Create cards via API
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson
f0c0a87c74
Return json URLs for API actions
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson
129b81984f
Creating a new board will return the location header
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson
efbd2cc3da
Allow API JSON requests to sidestep csrf protection
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson
0ce3a85778
Only allow writing when the access token has permission
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson
7bc6ae4fac
Polish
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson
96b62d6ec4
Only allow new token to be viewed within 10 seconds
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson
88902485e1
Access tokens are strictly personal
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson
caa4cd491e
Smooth out the finder API
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson
7d2c284726
Clarify
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson
467843fe22
Inline now anemic helper methods
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson
3329008dd8
Handle everything in the same method
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson
660fcff558
Authenticate api requests without needing a session
2025-12-10 09:23:52 +01:00
Jason Zimdars
073d1af862
List, create, and revoke access tokens
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson
db29562c4c
Tie access token directly to session
...
We need to present them differently in the session list and prevent them
from being deleted
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson
a81c681a8d
Add access token authentication via HTTP AUTHORIZATION bearer header
2025-12-10 09:23:52 +01:00
David Heinemeier Hansson
ea697b7143
Add API to boards
2025-12-10 09:23:52 +01:00
Jeremy Daer
ea8a78cc22
Fix stale-read race when creating push subscriptions
...
(Caught one such uniqueness exception in the wild)
* 200 OK -> 204 No Content, default status
* No need to touch the subscription when found
* Drop superflous test
2025-12-09 01:34:37 -08:00