Commit Graph

460 Commits

Author SHA1 Message Date
Mike Dalessio 679a073c6b Add test coverage for the require_unauthenticated_access redirect 2025-12-11 13:02:54 -05:00
Kevin McConnell 193a28f6c8 Merge pull request #2035 from harisadam/single_tenant
Add env-configurable option to disable public signups
2025-12-11 13:08:19 +00:00
Kevin McConnell 05d176cc31 Test that sign in respects single tenant state 2025-12-11 12:49:03 +00:00
Kevin McConnell 0e443d3602 Use initializer to configure tenant mode 2025-12-11 11:20:43 +00:00
Kevin McConnell a5580666a7 Single tenant by default & update tests 2025-12-11 11:20:43 +00:00
Stanko K.R. 5ee10800a2 Allow direct uploads via API 2025-12-11 11:52:38 +01:00
Adam Haris f76309d116 Merge branch 'main' into single_tenant 2025-12-11 06:08:01 +01:00
Jankees van Woezik 477b4d65f2 API: Support created_at for API card and comment creation (#2056)
* Add support to set `created_at`

Discussed in
https://github.com/basecamp/fizzy/pull/1766#issuecomment-3637846074,
this allows users to import cards from another system with entries from
the past. For instance I'm importing all our Github issues (including
the closed onces) to Fizzy.

* Iron out published state tracking

---------

Co-authored-by: Jeremy Daer <jeremy@37signals.com>
2025-12-10 19:57:38 -08:00
Stanko K.R. 4e092407ab Fix crash due to missing partial 2025-12-10 18:47:00 +01:00
Mike Dalessio fa118a7d83 Add validation for the join code usage limit
which is preferred to generating a database error
2025-12-10 10:10:08 -05:00
Adam Haris eb8655dc8e refactor: use MULTI_TENANT env variable, model concern instead of controller (#accepting_signups?) 2025-12-10 15:14:22 +01:00
Stanko K.R. 5ce71bf941 Move Identities to My::Identities 2025-12-10 15:13:35 +01:00
Stanko K.R. 79e77a3780 Handle user update failures 2025-12-10 09:23:53 +01:00
Stanko K.R. 7b30ca203e Add index actions for Comments and Columns
Also, fix crash when a deactivated user is serialized (they don't have
an identity).
2025-12-10 09:23:52 +01:00
Stanko K.R. bf51950007 Add API for reading notifications 2025-12-10 09:23:52 +01:00
Stanko K.R. 1a24c1373c Add API for creating and updating boards 2025-12-10 09:23:52 +01:00
Stanko K.R. f3ff0c605e Add pagination to most places and fix cards pagination 2025-12-10 09:23:52 +01:00
Stanko K.R. ba30a301dc Add API for updating and deactivating users 2025-12-10 09:23:52 +01:00
Stanko K.R. 7a0554774c Add API for columns 2025-12-10 09:23:52 +01:00
Stanko K.R. d16b3756de Add API for reactions 2025-12-10 09:23:52 +01:00
Stanko K.R. eeed2a8416 Add API for watching cards 2025-12-10 09:23:52 +01:00
Stanko K.R. ed1002f6c5 Add API for card triage 2025-12-10 09:23:52 +01:00
Stanko K.R. 8a84785056 Add API for tagging cards 2025-12-10 09:23:52 +01:00
Stanko K.R. c517ef6063 Add API for CRUD actions on steps 2025-12-10 09:23:52 +01:00
Stanko K.R. 8a61ca2a79 Add API for postponing cards 2025-12-10 09:23:52 +01:00
Stanko K.R. 52e65b3c08 Add API for removing card images 2025-12-10 09:23:52 +01:00
Stanko K.R. 1caeea541d Add API for gilding cards 2025-12-10 09:23:52 +01:00
Stanko K.R. 41115eaf87 Add API for comments CRUD 2025-12-10 09:23:52 +01:00
Stanko K.R. b4012dfb40 Add API for closing and opening cards 2025-12-10 09:23:52 +01:00
Stanko K.R. cf52982b8b Add API for mobing cards between boards 2025-12-10 09:23:52 +01:00
Stanko K.R. 23e6f3b095 Add API for assigning cards 2025-12-10 09:23:52 +01:00
Stanko K.R. 235a94355e Add card update & delete actions 2025-12-10 09:23:52 +01:00
Stanko K.R. ae03f2b283 Move tests into their controller tests 2025-12-10 09:23:52 +01:00
Stanko K.R. 259707bf70 Fix identity tests 2025-12-10 09:23:52 +01:00
Jay Ohms 26fc9ecad4 Add an /identity.json endpoint to obtain the identity accounts and users 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 3f393c1423 Include card description and tags 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson a8dc4fb310 Excess whitespace 2025-12-10 09:23:52 +01:00
Jay Ohms 680f9c0c4d Add top-level API index support for tags 2025-12-10 09:23:52 +01:00
Jay Ohms 5ad7b973cb Add API support for users 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 983a19fd8a Create cards via API 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson f0c0a87c74 Return json URLs for API actions 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 129b81984f Creating a new board will return the location header 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 0ce3a85778 Only allow writing when the access token has permission 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson 96b62d6ec4 Only allow new token to be viewed within 10 seconds 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson b53c0a5385 Correct 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson d384971ea2 Test the boards API 2025-12-10 09:23:52 +01:00
David Heinemeier Hansson a81c681a8d Add access token authentication via HTTP AUTHORIZATION bearer header 2025-12-10 09:23:52 +01:00
Adam Haris 0780b5168f add env variable to disable multi-tenancy 2025-12-09 15:40:01 +01:00
Jeremy Daer ea8a78cc22 Fix stale-read race when creating push subscriptions
(Caught one such uniqueness exception in the wild)

* 200 OK -> 204 No Content, default status
* No need to touch the subscription when found
* Drop superflous test
2025-12-09 01:34:37 -08:00
Jeremy Daer 49c4f2adc6 Fix ActiveStorage FileNotFoundError with immediate variant processing (#2022)
When ActiveStorage::Record uses `connects_to` for read replica support,
it creates a separate connection pool from ApplicationRecord. This causes
`after_commit` callbacks to fire in non-deterministic order - the
Attachment's `create_variants` callback can fire before the User model's
upload callback completes, resulting in FileNotFoundError.

The fix removes replica connection configuration from ActiveStorage::Record
so it shares the same connection pool as application models, ensuring
proper callback ordering.

Also reverts test workarounds that were added to work around this issue,
since the root cause is now fixed.

See: https://github.com/rails/rails/issues/53694
2025-12-08 14:44:49 -08:00