Released 2021-06-15
Enhancement: Update Kaigara version (#1296)
Feature: Update Kaigara version to 0.1.23
Feature: Ability to reset all users sessions after password reset
Feature: Add IP country for admin user activities api
Fix user default language
Fix: Document worker
Fix: Add full match for state triggers
Fix: Add country to user activities
Script for creating labels for a list of users (#1289)
Co-authored-by: dinesh-skyach <dinesh.chohda@skyach.com> Co-authored-by: Camille <cmeulien@heliostech.fr> Co-authored-by: josadcha <josadcha@heliostech.fr>
Released 2021-06-15
Fix user default language
Released 2021-05-27
Fix: add peatio/swagger endpoint to athuz pass rules
Released 2021-05-27
Feature: add new 'reporter' role
Released 2021-05-17
Feature: Separate request domain and protocol
Feature: Admin document endpoint
Released 2021-04-30
Enhancement: Require captcha only for users without 2fa
Released 2021-04-20
Enhancement: Update Kaigara version (#1294)
Enhancement: Update goci version to 0.1.11
Enhancement: Update goci version (#1286)
Enhancement: Update Kaigara version (#1277)
Feature: Ability to reset all users sessions after password reset
Feature: Add IP country for admin user activities api
Feature: Bump version to 3.0.0
Feature: Add ability to use ERB templates in mailer.yml
Feature: Add ability to read JWT private key from string (#1272)
Co-authored-by: Camille Meulien <cmeulien@heliostech.fr>
Fix: Update tests
Fix: Document worker
Fix: Add full match for state triggers
Fix: Add country to user activities
Fix: JWT_PRIVATE_KEY from env
Released 2021-04-20
Fix: Document worker
Released 2021-04-19
Enhancement: Update Kaigara version (#1296)
Feature: Update Kaigara version to 0.1.23
Feature: Ability to reset all users sessions after password reset
Feature: Add IP country for admin user activities api
Fix: Add full match for state triggers
Fix: Add country to user activities
Script for creating labels for a list of users (#1289)
Co-authored-by: dinesh-skyach <dinesh.chohda@skyach.com> Co-authored-by: Camille <cmeulien@heliostech.fr> Co-authored-by: josadcha <josadcha@heliostech.fr>
Released 2021-04-19
Enhancement: Update Kaigara version (#1294)
Enhancement: Update goci version to 0.1.11
Enhancement: Update goci version (#1286)
Enhancement: Update Kaigara version (#1277)
Feature: Ability to reset all users sessions after password reset
Feature: Add IP country for admin user activities api
Feature: Bump version to 3.0.0
Feature: Add ability to use ERB templates in mailer.yml
Feature: Add ability to read JWT private key from string (#1272)
Co-authored-by: Camille Meulien <cmeulien@heliostech.fr>
Fix: Document worker
Fix: Add full match for state triggers
Fix: Add country to user activities
Fix: JWT_PRIVATE_KEY from env
Released 2021-04-19
Enhancement: Update Kaigara version (#1296)
Feature: Update Kaigara version to 0.1.23
Feature: Ability to reset all users sessions after password reset
Feature: Add IP country for admin user activities api
Fix: Add full match for state triggers
Fix: Add country to user activities
Released 2021-04-16
Enhancement: Update goci version to 0.1.11
Enhancement: Update goci version (#1286)
Enhancement: Update Kaigara version (#1277)
Feature: Ability to reset all users sessions after password reset
Feature: Add IP country for admin user activities api
Feature: Bump version to 3.0.0
Feature: Add ability to use ERB templates in mailer.yml
Feature: Add ability to read JWT private key from string (#1272)
Co-authored-by: Camille Meulien <cmeulien@heliostech.fr>
Fix: Add full match for state triggers
Fix: Add country to user activities
Fix: JWT_PRIVATE_KEY from env
Released 2021-04-16
Add CSRF token in API key documentation (#1169)
Add ability for admin to read activity
Add PostgreSQL support
Add migration tasks to version 2.6
Add kycaid.md (#1141)
Add security.md (#1138)
Add secret encrypted to api keys model
Add renew process to vault initializer
Adding barong export task
Bump kaigara to 0.1.21
Bump master version to 2.6.0
Change naming to barong.postmaster.event.mailer and turn off manual_ack for events
Deep_symbolize_keys for VerificationsWorker KYC (#1139)
Enhancement: Add ability to create service account with specific level (#1263)
Enhancement: Bump Kaigara version to 0.1.22
Enhancement: Bump Kaigara version to 0.1.22
Enhancement: Change log for private key loading
Enhancement: Add Kaigara installation to the Dockerfile
Enhancement: Add response types for documentation
Enhancement: Add ability to disable encryption on API level (#1220)
Enhancement: update sdk-citools version for Drone CI
Enhancement: Add permissions:load rake task (#1197)
Co-authored-by: Valentine Shatravenko <vshatravenko@heliostech.fr>
Enhancement: Update SDK version to 2.6.6
Enhancement: Make APIKey kid field unique
Feature: Update Kaigara version to 0.1.23
Feature: Ability to reset all users sessions after password reset
Feature: Add IP country for admin user activities api
Feature: Add the support for ERB in management_api.yml (#1267)
Feature: Add username to user's model (#1234)
Co-authored-by: Oleksandr Khlopiachyi <akhlopiachyi@heliostech.fr>
Feature: Add management API endpoints to create/update APIkeys
Feature: Add ability to update owner_uid (#1247)
Co-authored-by: Anna Kulakova <akulakova@heliostech.fr>
Feature: Add ability to register first user with superadmin role
Feature: Auth0 support (#1245)
Feature: Add Document to abilities
Feature: add ordering parameter to get labels endpoint
Feature: Add CI step to update the global version (#1230)
Feature: Mailer improvements (#1202)
Co-authored-by: Chumak Nadiia <chumaknadya19@gmail.com>
Feature: Blocklogin restrictions (#1213) (#1214)
Feature: Blocklogin restrictions (#1213)
Destroy user sessions
Add specs and docs
Fix: Restrictions specs
Feature: add the ability to update user email by superadmin
Feature: Add rake task for deleting activities && Add documentation
Feature: Add read/delete phones for management API
Feature: Add management API for phone creation
Feature: Add key expiration time and rotation tasks (#1157)
Feature: Mask last_name, dob, doc_number, phone_number on API level
Feature: Add encryption on profile, phone and document models (#1150)
Co-authored-by: Camille <cmeulien@heliostech.fr>
Feature: ability to customize email template logo (#1114)
Fix: Add full match for state triggers
Fix: Add country to user activities
Fix: Prevent label duplication
Fix: mng API to create service account without owner_uid (#1260)
Fix dead links in README 2.6
Fix: Prevent nil error on phone submasking in case of wrong migration
Fix: default ordering for labels to asc
Fix: Missing model annotation after migration
Fix: Reject from retry when JWT:VerificationError raised
Fix: Record activity log after mysql connection lost
Fix: Unify mailer language keys && Add backtrace
Fix: Delete redundant permissions (#1178)
Fix: Docs generation
Fix restriction seed function
Fix: ApiKey creating only on account holder active state && Refactoring
Fix: Add string length limit for encrypted fields
Fix: Skip validation on encrypted migration
Fix: Delete mask fields on management API
Fix: Mailer exit on lost db connection (#1149)
Fix vault initializer
Fix: don't raise error on production if BARONG_VAULT_TOKEN is missing
Fix: Redis sidekiq connection
Fix: Handle Document <-> Facial verification KYCAID (#1134)
Handle OpenURI::HTTPError 404 && avoid OpenURI StringIO creation (#1132)
Improve the vault token renew process
Introduce service accounts (#1137)
Remove the default value of vault_token (#1151)
Update mailer.md
Update ability of compliance and accountant
Compliance and accountant should be able to see Market, Engine, Currency
Update abilities.yml
Update authz rules
Update seeds.yml
Update Barong README and documentation
Update jwt-multisig to 1.0.4
Update vault policies documentation
Update rails to 5.2.4.4 (#1145)
Co-authored-by: Camille <cmeulien@heliostech.fr>
Update dependencies to latest
Updating SDK tools to 2.6.5
YAML configuration of admins abilities (#1127)
Co-authored-by: Camille Meulien <cmeulien@heliostech.fr>
Released 2021-04-09
Add CSRF token in API key documentation
Deep_symbolize_keys for VerificationsWorker KYC (#1140)
Enhancement: Update sdk tools version
Enhancement: Add logo and useful links to the README [CI SKIP]
Feature: Ability to reset all users sessions after password reset
Fix: Unify mailer language keys && Add backtrace
Fix: Delete redundant permissions (#1180)
Fix restriction seed function
Fix: Mailer exit on lost db connection (#1152)
Fix: Redis sidekiq connection
Fix: Handle Document <-> Facial verification KYCAID (#1136)
Handle OpenURI::HTTPError 404 && avoid OpenURI StringIO creation (#1133)
Released 2021-04-08
Add CSRF token in API key documentation (#1169)
Add ability for admin to read activity
Add PostgreSQL support
Add migration tasks to version 2.6
Add kycaid.md (#1141)
Add security.md (#1138)
Add secret encrypted to api keys model
Add renew process to vault initializer
Add structure.sql (#1131)
Add ability for admin to create comments (#1121)
Co-authored-by: denisfd <fedorchenko999@gmail.com>
Add private label otp enabled for user (#1084)
Adding barong export task
Apply fixes for kycaid integration
Bump kaigara to 0.1.21
Bump master version to 2.6.0
Bump master version to 2.5.0
Change naming to barong.postmaster.event.mailer and turn off manual_ack for events
Deep_symbolize_keys for VerificationsWorker KYC (#1139)
Enhancement: Add ability to create service account with specific level (#1263)
Enhancement: Bump Kaigara version to 0.1.22
Enhancement: Bump Kaigara version to 0.1.22
Enhancement: Change log for private key loading
Enhancement: Add Kaigara installation to the Dockerfile
Enhancement: Add response types for documentation
Enhancement: Add ability to disable encryption on API level (#1220)
Enhancement: update sdk-citools version for Drone CI
Enhancement: Add permissions:load rake task (#1197)
Co-authored-by: Valentine Shatravenko <vshatravenko@heliostech.fr>
Enhancement: Update SDK version to 2.6.6
Enhancement: Make APIKey kid field unique
Enhancement: api_keys and users endpoints improvements
Enhancement: JWT expirating and Cache expiration policy improve
Enhancement: raise error on Mysql2::Error::ConnectionError in the mailer
Enhancement: Add ability to use dots, ~ and – in city and address
Enhancement: remove lang param from APIs, stick to user.language logic
Enhancement: add management API - create profile, update :data field
Enhancement: remove api_key signature blacklisting
Enhancement: allow only latest requested token on reset_pass (#1054)
Enhancement: Add created_at and updated_at to profile entities
Feature: Update Kaigara version to 0.1.23
Feature: Ability to reset all users sessions after password reset
Feature: Add IP country for admin user activities api
Feature: Add the support for ERB in management_api.yml (#1267)
Feature: Add username to user's model (#1234)
Co-authored-by: Oleksandr Khlopiachyi <akhlopiachyi@heliostech.fr>
Feature: Add management API endpoints to create/update APIkeys
Feature: Add ability to update owner_uid (#1247)
Co-authored-by: Anna Kulakova <akulakova@heliostech.fr>
Feature: Add ability to register first user with superadmin role
Feature: Auth0 support (#1245)
Feature: Add Document to abilities
Feature: add ordering parameter to get labels endpoint
Feature: Add CI step to update the global version (#1230)
Feature: Mailer improvements (#1202)
Co-authored-by: Chumak Nadiia <chumaknadya19@gmail.com>
Feature: Blocklogin restrictions (#1213) (#1214)
Feature: Blocklogin restrictions (#1213)
Destroy user sessions
Add specs and docs
Fix: Restrictions specs
Feature: add the ability to update user email by superadmin
Feature: Add rake task for deleting activities && Add documentation
Feature: Add read/delete phones for management API
Feature: Add management API for phone creation
Feature: Add key expiration time and rotation tasks (#1157)
Feature: Mask last_name, dob, doc_number, phone_number on API level
Feature: Add encryption on profile, phone and document models (#1150)
Co-authored-by: Camille <cmeulien@heliostech.fr>
Feature: ability to customize email template logo (#1114)
Feature: add filters for /resource/users/activity/all endpoint
Feature: post admin/profiles, 2-admin profile approval (#1120)
Feature: Add redis cluster support
Feature: Add email filters (#1085)
Feature: admin endpoint to retrieve user api keys
Feature: introduce category of restrictions, restrictions as firewall (#1061)
Feature: introduce akamai support, add barong_gateway switch
Feature: Add Sentry error tracking system (#1053)
Feature: PUT resource/users/me data field (#1050)
Fix: Add country to user activities
Fix: Prevent label duplication
Fix: mng API to create service account without owner_uid (#1260)
Fix dead links in README 2.6
Fix: Prevent nil error on phone submasking in case of wrong migration
Fix: default ordering for labels to asc
Fix: Missing model annotation after migration
Fix: Reject from retry when JWT:VerificationError raised
Fix: Record activity log after mysql connection lost
Fix: Unify mailer language keys && Add backtrace
Fix: Delete redundant permissions (#1178)
Fix: Docs generation
Fix restriction seed function
Fix: ApiKey creating only on account holder active state && Refactoring
Fix: Add string length limit for encrypted fields
Fix: Skip validation on encrypted migration
Fix: Delete mask fields on management API
Fix: Mailer exit on lost db connection (#1149)
Fix vault initializer
Fix: don't raise error on production if BARONG_VAULT_TOKEN is missing
Fix: Redis sidekiq connection
Fix: Handle Document <-> Facial verification KYCAID (#1134)
Fix: display only uniq list of users with profiles in search request (#1081)
Fix: remove failed login activity on empty otp (#1066)
Fix: Add docs && changelog generation on master branch (#1049)
Handle OpenURI::HTTPError 404 && avoid OpenURI StringIO creation (#1132)
Improve the vault token renew process
Introduce service accounts (#1137)
KYCAID integration
Refactor: fix typo in emails, remove inline attachment (#1059)
Refactor: push cloudflare IPs list to rails trusted proxies
Release: 2-4-stable :tada:
Remove the default value of vault_token (#1151)
Update mailer.md
Update ability of compliance and accountant
Compliance and accountant should be able to see Market, Engine, Currency
Update abilities.yml
Update authz rules
Update seeds.yml
Update Barong README and documentation
Update jwt-multisig to 1.0.4
Update vault policies documentation
Update rails to 5.2.4.4 (#1145)
Co-authored-by: Camille <cmeulien@heliostech.fr>
Update dependencies to latest
Update gems
Update .drone.yml (#1073)
Add globbing for building any stable branch
Updating SDK tools to 2.6.5
YAML configuration of admins abilities (#1127)
Co-authored-by: Camille Meulien <cmeulien@heliostech.fr>
Released 2021-04-08
Add CSRF token in API key documentation (#1171)
Add private label otp enabled for user (#1076)
Enhancement: Update sdk tools version
Enhancement: Add logo and useful links to the README [CI SKIP]
Enhancement: raise error on Mysql2::Error::ConnectionError in the mailer
Enhancement: JWT expirating and Cache expiration policy improve
Enhancement: Add ability to use dots, ~ and – in city and address
Enhancement: remove lang param from APIs, stick to user.language logic
Enhancement: add management API - create profile, update :data field
Enhancement: remove api_key signature blacklisting
Enhancement: allow only latest requested token on reset_pass (#1054)
Enhancement: Add created_at and updated_at to profile entities
Feature: Ability to reset all users sessions after password reset
Feature: admin endpoint to retrieve user api keys
Feature: introduce category of restrictions, restrictions as firewall (#1061)
Feature: introduce akamai support, add barong_gateway switch
Feature: Add Sentry error tracking system (#1053)
Feature: PUT resource/users/me data field (#1050)
Fix: Mailer exit on lost db connection (#1153)
Fix: display only uniq list of users with profiles in search request (#1082)
Fix: remove failed login activity on empty otp (#1066)
Fix: Add docs && changelog generation on master branch (#1049)
Refactor: fix typo in emails, remove inline attachment (#1059)
Refactor: push cloudflare IPs list to rails trusted proxies (#1047)
Release: 2-4-stable :tada:
Released 2021-04-08
Enhancement: Update goci version to 0.1.11
Enhancement: Update goci version (#1286)
Enhancement: Update Kaigara version (#1277)
Feature: Ability to reset all users sessions after password reset
Feature: Add IP country for admin user activities api
Feature: Bump version to 3.0.0
Feature: Add ability to use ERB templates in mailer.yml
Feature: Add ability to read JWT private key from string (#1272)
Co-authored-by: Camille Meulien <cmeulien@heliostech.fr>
Fix: Add country to user activities
Fix: JWT_PRIVATE_KEY from env
Released 2021-04-08
Add CSRF token in API key documentation (#1169)
Add ability for admin to read activity
Add PostgreSQL support
Add migration tasks to version 2.6
Add kycaid.md (#1141)
Add security.md (#1138)
Add secret encrypted to api keys model
Add renew process to vault initializer
Add structure.sql (#1131)
Add ability for admin to create comments (#1121)
Co-authored-by: denisfd <fedorchenko999@gmail.com>
Add private label otp enabled for user (#1084)
Adding barong export task
Apply fixes for kycaid integration
Bump kaigara to 0.1.21
Bump master version to 2.6.0
Bump master version to 2.5.0
Change naming to barong.postmaster.event.mailer and turn off manual_ack for events
Deep_symbolize_keys for VerificationsWorker KYC (#1139)
Enhancement: Add ability to create service account with specific level (#1263)
Enhancement: Bump Kaigara version to 0.1.22
Enhancement: Bump Kaigara version to 0.1.22
Enhancement: Change log for private key loading
Enhancement: Add Kaigara installation to the Dockerfile
Enhancement: Add response types for documentation
Enhancement: Add ability to disable encryption on API level (#1220)
Enhancement: update sdk-citools version for Drone CI
Enhancement: Add permissions:load rake task (#1197)
Co-authored-by: Valentine Shatravenko <vshatravenko@heliostech.fr>
Enhancement: Update SDK version to 2.6.6
Enhancement: Make APIKey kid field unique
Enhancement: api_keys and users endpoints improvements
Enhancement: JWT expirating and Cache expiration policy improve
Enhancement: raise error on Mysql2::Error::ConnectionError in the mailer
Enhancement: Add ability to use dots, ~ and – in city and address
Enhancement: remove lang param from APIs, stick to user.language logic
Enhancement: add management API - create profile, update :data field
Enhancement: remove api_key signature blacklisting
Enhancement: allow only latest requested token on reset_pass (#1054)
Enhancement: Add created_at and updated_at to profile entities
Feature: Ability to reset all users sessions after password reset
Feature: Add IP country for admin user activities api
Feature: Add the support for ERB in management_api.yml (#1267)
Feature: Add username to user's model (#1234)
Co-authored-by: Oleksandr Khlopiachyi <akhlopiachyi@heliostech.fr>
Feature: Add management API endpoints to create/update APIkeys
Feature: Add ability to update owner_uid (#1247)
Co-authored-by: Anna Kulakova <akulakova@heliostech.fr>
Feature: Add ability to register first user with superadmin role
Feature: Auth0 support (#1245)
Feature: Add Document to abilities
Feature: add ordering parameter to get labels endpoint
Feature: Add CI step to update the global version (#1230)
Feature: Mailer improvements (#1202)
Co-authored-by: Chumak Nadiia <chumaknadya19@gmail.com>
Feature: Blocklogin restrictions (#1213) (#1214)
Feature: Blocklogin restrictions (#1213)
Destroy user sessions
Add specs and docs
Fix: Restrictions specs
Feature: add the ability to update user email by superadmin
Feature: Add rake task for deleting activities && Add documentation
Feature: Add read/delete phones for management API
Feature: Add management API for phone creation
Feature: Add key expiration time and rotation tasks (#1157)
Feature: Mask last_name, dob, doc_number, phone_number on API level
Feature: Add encryption on profile, phone and document models (#1150)
Co-authored-by: Camille <cmeulien@heliostech.fr>
Feature: ability to customize email template logo (#1114)
Feature: add filters for /resource/users/activity/all endpoint
Feature: post admin/profiles, 2-admin profile approval (#1120)
Feature: Add redis cluster support
Feature: Add email filters (#1085)
Feature: admin endpoint to retrieve user api keys
Feature: introduce category of restrictions, restrictions as firewall (#1061)
Feature: introduce akamai support, add barong_gateway switch
Feature: Add Sentry error tracking system (#1053)
Feature: PUT resource/users/me data field (#1050)
Fix: Add country to user activities
Fix: Prevent label duplication
Fix: mng API to create service account without owner_uid (#1260)
Fix dead links in README 2.6
Fix: Prevent nil error on phone submasking in case of wrong migration
Fix: default ordering for labels to asc
Fix: Missing model annotation after migration
Fix: Reject from retry when JWT:VerificationError raised
Fix: Record activity log after mysql connection lost
Fix: Unify mailer language keys && Add backtrace
Fix: Delete redundant permissions (#1178)
Fix: Docs generation
Fix restriction seed function
Fix: ApiKey creating only on account holder active state && Refactoring
Fix: Add string length limit for encrypted fields
Fix: Skip validation on encrypted migration
Fix: Delete mask fields on management API
Fix: Mailer exit on lost db connection (#1149)
Fix vault initializer
Fix: don't raise error on production if BARONG_VAULT_TOKEN is missing
Fix: Redis sidekiq connection
Fix: Handle Document <-> Facial verification KYCAID (#1134)
Fix: display only uniq list of users with profiles in search request (#1081)
Fix: remove failed login activity on empty otp (#1066)
Fix: Add docs && changelog generation on master branch (#1049)
Handle OpenURI::HTTPError 404 && avoid OpenURI StringIO creation (#1132)
Improve the vault token renew process
Introduce service accounts (#1137)
KYCAID integration
Refactor: fix typo in emails, remove inline attachment (#1059)
Refactor: push cloudflare IPs list to rails trusted proxies
Release: 2-4-stable :tada:
Remove the default value of vault_token (#1151)
Update mailer.md
Update ability of compliance and accountant
Compliance and accountant should be able to see Market, Engine, Currency
Update abilities.yml
Update authz rules
Update seeds.yml
Update Barong README and documentation
Update jwt-multisig to 1.0.4
Update vault policies documentation
Update rails to 5.2.4.4 (#1145)
Co-authored-by: Camille <cmeulien@heliostech.fr>
Update dependencies to latest
Update gems
Update .drone.yml (#1073)
Add globbing for building any stable branch
Updating SDK tools to 2.6.5
YAML configuration of admins abilities (#1127)
Co-authored-by: Camille Meulien <cmeulien@heliostech.fr>
Released 2021-04-08
Add CSRF token in API key documentation (#1171)
Add private label otp enabled for user (#1076)
Enhancement: Update sdk tools version
Enhancement: Add logo and useful links to the README [CI SKIP]
Enhancement: raise error on Mysql2::Error::ConnectionError in the mailer
Enhancement: JWT expirating and Cache expiration policy improve
Enhancement: Add ability to use dots, ~ and – in city and address
Enhancement: remove lang param from APIs, stick to user.language logic
Enhancement: add management API - create profile, update :data field
Enhancement: remove api_key signature blacklisting
Enhancement: allow only latest requested token on reset_pass (#1054)
Enhancement: Add created_at and updated_at to profile entities
Feature: Ability to reset all users sessions after password reset
Feature: admin endpoint to retrieve user api keys
Feature: introduce category of restrictions, restrictions as firewall (#1061)
Feature: introduce akamai support, add barong_gateway switch
Feature: Add Sentry error tracking system (#1053)
Feature: PUT resource/users/me data field (#1050)
Fix: Mailer exit on lost db connection (#1153)
Fix: display only uniq list of users with profiles in search request (#1082)
Fix: remove failed login activity on empty otp (#1066)
Fix: Add docs && changelog generation on master branch (#1049)
Refactor: fix typo in emails, remove inline attachment (#1059)
Refactor: push cloudflare IPs list to rails trusted proxies (#1047)
Release: 2-4-stable :tada:
Released 2021-04-08
Enhancement: Update goci version to 0.1.11
Released 2021-04-08
Enhancement: Update goci version (#1286)
Released 2021-04-08
Enhancement: Update Kaigara version (#1277)
Feature: Add IP country for admin user activities api
Feature: Bump version to 3.0.0
Feature: Add ability to use ERB templates in mailer.yml
Feature: Add ability to read JWT private key from string (#1272)
Co-authored-by: Camille Meulien <cmeulien@heliostech.fr>
Fix: Add country to user activities
Fix: JWT_PRIVATE_KEY from env
Released 2021-04-08
Fix: Add country to user activities
Released 2021-04-07
Feature: Add IP country for admin user activities api
Released 2021-04-07
Feature: Add IP country for admin user activities api
Released 2021-04-06
Enhancement: Update Kaigara version (#1277)
Feature: Bump version to 3.0.0
Feature: Add ability to use ERB templates in mailer.yml
Feature: Add ability to read JWT private key from string (#1272)
Co-authored-by: Camille Meulien <cmeulien@heliostech.fr>
Feature: Add the support for ERB in management_api.yml (#1267)
Fix: JWT_PRIVATE_KEY from env
Released 2021-03-25
Fix: Prevent label duplication
Released 2021-03-23
Feature: Add username to user's model (#1234)
Co-authored-by: Oleksandr Khlopiachyi <akhlopiachyi@heliostech.fr>
Released 2021-03-22
Enhancement: Add ability to create service account with specific level (#1263)
Released 2021-03-18
Enhancement: Bump Kaigara version to 0.1.22
Enhancement: Bump Kaigara version to 0.1.22
Released 2021-03-18
Bump kaigara to 0.1.21
Released 2021-03-10
Fix: mng API to create service account without owner_uid (#1260)
Released 2021-03-10
Enhancement: Change log for private key loading
Released 2021-03-03
Enhancement: Add Kaigara installation to the Dockerfile
Fix dead links in README 2.6
Update mailer.md
Released 2021-02-26
Feature: Add management API endpoints to create/update APIkeys
Released 2021-02-22
Feature: Add ability to update owner_uid (#1247)
Co-authored-by: Anna Kulakova <akulakova@heliostech.fr>
Released 2021-02-16
Feature: Add ability to register first user with superadmin role
Released 2021-02-12
Feature: Auth0 support (#1245)
Released 2021-02-12
Feature: Add Document to abilities
Released 2021-02-05
Fix: Prevent nil error on phone submasking in case of wrong migration
Released 2021-01-28
Fix: default ordering for labels to asc
Released 2021-01-27
Feature: add ordering parameter to get labels endpoint
Released 2021-01-22
Feature: Add CI step to update the global version (#1230)
Released 2021-01-21
Fix: Missing model annotation after migration
Released 2021-01-19
Enhancement: Add response types for documentation
Released 2021-01-18
Feature: Mailer improvements (#1202)
Co-authored-by: Chumak Nadiia <chumaknadya19@gmail.com>
Fix: Reject from retry when JWT:VerificationError raised
Released 2021-01-15
Fix: Record activity log after mysql connection lost
Released 2021-01-15
Enhancement: Add ability to disable encryption on API level (#1220)
Released 2020-12-29
Ability to update and delete users profiles (#913)
Update profile API
Co-authored-by: chumaknadya <chumaknadya19@gmail.com> Co-authored-by: mnaichuk <mnaichuk@heliostech.fr>
Add CSRF token in API key documentation (#1169)
Add ability for admin to read activity
Add PostgreSQL support
Add migration tasks to version 2.6
Add kycaid.md (#1141)
Add security.md (#1138)
Add secret encrypted to api keys model
Add renew process to vault initializer
Add structure.sql (#1131)
Add ability for admin to create comments (#1121)
Co-authored-by: denisfd <fedorchenko999@gmail.com>
Add private label otp enabled for user (#1084)
Add ability to configure upload-related configuration (#1016)
Add description field to labels
Add cloudflare middleware to improve remote_ip (#965)
Add topic to CU on admin/permissions
Add redis - hiredis dependency, specify driver in dev env (#951)
Add ability to configure aws_signature_version && endpoint (#947)
Add session autorenew
Add the support of twilio verify API (#928)
Add missing labels event api documentation
Add system.session.create event with user and request_ip data (#916)
Add AliCloud Uploader (#926)
Print backtrace on 500
Add Ali uploader
Disable fetching uploader from env
Add ability to disable 2fa (#925)
Add ability to skip label creation on doc save (#922)
Add ability to restrict by geoip (#920)
Add ability to restrict by geoip
Remove city
Update Dockerfile
Add :upload in list of params to be filtered
Add AliCloud Carrierwave storage provider (#911)
Add state to Profile model (#910)
Add endpoint for delete restriction (#902)
Add Management API: push document for user
Add validation for referral && Add ability to get referral uid
Add Resctrictions (#891)
Add rake task for load users and balances (#885)
Add ability to configure sms content for phone verification (#877)
Adding barong export task
Allow blank doc_expire for documents controllers
Allow pending user to open session (#881)
Apply fixes for kycaid integration
Avoid no method error UTC for nil entities (#921)
Bump master version to 2.6.0
Bump master version to 2.5.0
Bump nokogiri from 1.10.5 to 1.10.8 (#1023)
Bumps nokogiri from 1.10.5 to 1.10.8.
Signed-off-by: dependabot[bot] <support@github.com>
Bump rack from 2.0.7 to 2.0.8 (#987)
Bumps rack from 2.0.7 to 2.0.8.
Signed-off-by: dependabot[bot] <support@github.com>
Bump puma from 3.12.1 to 3.12.2 (#982)
Bumps puma from 3.12.1 to 3.12.2.
Signed-off-by: dependabot[bot] <support@github.com>
Bump excon from 0.67.0 to 0.71.0 (#984)
Bumps excon from 0.67.0 to 0.71.0.
Signed-off-by: dependabot[bot] <support@github.com>
Change naming to barong.postmaster.event.mailer and turn off manual_ack for events
Create roadmap.md
Deep_symbolize_keys for VerificationsWorker KYC (#1139)
Define DocumentTypes class for flexible doc type configuration (#935)
Enhancement: update sdk-citools version for Drone CI
Enhancement: Add permissions:load rake task (#1197)
Co-authored-by: Valentine Shatravenko <vshatravenko@heliostech.fr>
Enhancement: Update SDK version to 2.6.6
Enhancement: Make APIKey kid field unique
Enhancement: api_keys and users endpoints improvements
Enhancement: JWT expirating and Cache expiration policy improve
Enhancement: raise error on Mysql2::Error::ConnectionError in the mailer
Enhancement: Add ability to use dots, ~ and – in city and address
Enhancement: remove lang param from APIs, stick to user.language logic
Enhancement: add management API - create profile, update :data field
Enhancement: remove api_key signature blacklisting
Enhancement: allow only latest requested token on reset_pass (#1054)
Enhancement: Add created_at and updated_at to profile entities
Enhancement: Redeploy on master.devkube.com on every master push (#1038)
Enhancement: disallow using nonce in api key twice (#1030)
Enhancement: avoid errors on missing configurations (#1033)
Enhancement: raise fatal error if cant connect to redis in production (#1032)
Enhancement: security updates (#1021)
Enhancement: minor fixes and improvments (#1020)
Enhancement: improve log coverage, fix log_level config in prod env (#1008)
Enhancement: improve twilio client error mapping (#988)
Enhancement: referral_uid as optional param in users management API (#990)
Enhancement: improve date validation with :required_docs_expire false (#989)
Enhancement: always render 201 on reset_password API (#985)
Enhauncement: Configuration unifying & documentation (#1001)
Enhauncement: rework captcha policy, add documentation (#994)
Event API changes: remove blocking check for on_update events (#933)
Feature: Blocklogin restrictions (#1213) (#1214)
Feature: Blocklogin restrictions (#1213)
Destroy user sessions
Add specs and docs
Fix: Restrictions specs
Feature: add the ability to update user email by superadmin
Feature: Add rake task for deleting activities && Add documentation
Feature: Add read/delete phones for management API
Feature: Add management API for phone creation
Feature: Add key expiration time and rotation tasks (#1157)
Feature: Mask last_name, dob, doc_number, phone_number on API level
Feature: Add encryption on profile, phone and document models (#1150)
Co-authored-by: Camille <cmeulien@heliostech.fr>
Feature: ability to customize email template logo (#1114)
Feature: add filters for /resource/users/activity/all endpoint
Feature: post admin/profiles, 2-admin profile approval (#1120)
Feature: Add redis cluster support
Feature: Add email filters (#1085)
Feature: admin endpoint to retrieve user api keys
Feature: introduce category of restrictions, restrictions as firewall (#1061)
Feature: introduce akamai support, add barong_gateway switch
Feature: Add Sentry error tracking system (#1053)
Feature: PUT resource/users/me data field (#1050)
Feature: new email templates (#1041)
Feature: Ability to send emails (#959)
Feature: Ability to send emails
Feature: new email template (#1036)
Co-authored-by: Yehor <ychumak@heliostech.fr> Co-authored-by: Andrew Peresada <kohelbekker@gmail.com> Co-authored-by: Louis <lbellet@openware.com>
Feature: Add ability to support multiple profiles (#1015)
Co-authored-by: Chumak Nadiia <chumaknadya19@gmail.com>
Feature: rework password validation policy (#1006)
Feature: Make processes and threads configurable (#1005)
Feature: introduce CSRF protection (#986)
Feature: GET /identity/configs - tiny configurations endpoint (#1004)
Feature: add DataStorages
Feature: new drone steps for telegram notification and docs (#974)
Feature: add configuration and troubleshooting docs (#970)
Feature: Update the CI to use SDK for version bumps (#969)
Feature: allow # \ () & ' : " in profile residental address field (#950)
Feature Ability to change UID prefix with BARONG_UID_PREFIX=ABC
Feature: Add redeploy on devkube step to drone (#874)
Fix: Unify mailer language keys && Add backtrace
Fix: Delete redundant permissions (#1178)
Fix: Docs generation
Fix restriction seed function
Fix: ApiKey creating only on account holder active state && Refactoring
Fix: Add string length limit for encrypted fields
Fix: Skip validation on encrypted migration
Fix: Delete mask fields on management API
Fix: Mailer exit on lost db connection (#1149)
Fix vault initializer
Fix: don't raise error on production if BARONG_VAULT_TOKEN is missing
Fix: Redis sidekiq connection
Fix: Handle Document <-> Facial verification KYCAID (#1134)
Fix: display only uniq list of users with profiles in search request (#1081)
Fix: remove failed login activity on empty otp (#1066)
Fix: Add docs && changelog generation on master branch (#1049)
Fix: Association issue (#1039)
Fix: get rid of wrong unicode symbol
Fix: password_min_entropy expose in /configs issue
Fix: add missing redis_url in Barong::App.config (#1007)
Fix: changes in recaptcha verification behaviour (#1002)
Fix: Support new MaxmindDB download policy (#999)
Fix: Support new MaxmindDB download policy
Fix dates in specs
Enhauncement: update sdk version
Co-authored-by: chumaknadya <chumaknadya19@gmail.com>
Fix: Update Drone CI pipelines for master branch (#979)
Fix: Rake task for notification updated (#976)
Fix structure of event API messages (#912)
Fix rollback to pending state, add missing data in entities (#914)
fix: Gemfile & Gemfile.lock to reduce vulnerabilities (#1040)
The following vulnerabilities are fixed with an upgrade:
fix: Gemfile & Gemfile.lock to reduce vulnerabilities (#1027)
The following vulnerabilities are fixed with an upgrade:
Flexible state - labels flow (#907)
Get rid of 'serialize: JSON', accept 'metadata' as json instead of pure hash (#930)
Handle OpenURI::HTTPError 404 && avoid OpenURI StringIO creation (#1132)
Handle Vault errors on POST /api/v2/resource/api_keys (#918)
Improve the vault token renew process
Introduce service accounts (#1137)
Introduce MockPhoneVerifyService (#941)
Introduce MockPhoneVerify service
Change verify_code returning value type to bool
Clean TwilioSmsSendService micro code
Make phone always accept code with 'mock' MockPhoneVerifyService
KYCAID integration
Make labels acts_as_eventable on: [create update] (#936)
Profile act as eventable on update
Protect superadmin against changes from non-superadmin users (#955)
Refactor: fix typo in emails, remove inline attachment (#1059)
Refactor: push cloudflare IPs list to rails trusted proxies
Release: 2-4-stable :tada:
Remove the default value of vault_token (#1151)
Reorganize docs && add password_hashing.md (#964)
Server side sessions via cache_store (#949)
Resolve session expiration and improve cookie hijacking issues by comparing ip network and user_agent
Session related improvements (#977)
Setup redeploy on devkube (#1035)
Simple GET levels requirements endpoint for admin (#932)
Simple rake task to create users and api keys (#816)
Small fixes in document and profile model (#887) (#901)
Support 'with replace' policy on labels update (#915)
UPDATES: sessions delete, permissions update, log error on 500 (#917)
Add ability to change all fields in permissions
Return 404 on sessions delete if session is not valid
Log Error on 500
Unify params by extending Grape::Helpers (#968)
Update ability of compliance and accountant
Compliance and accountant should be able to see Market, Engine, Currency
Update abilities.yml
Update authz rules
Update seeds.yml
Update Barong README and documentation
Update jwt-multisig to 1.0.4
Update vault policies documentation
Update rails to 5.2.4.4 (#1145)
Co-authored-by: Camille <cmeulien@heliostech.fr>
Update dependencies to latest
Update gems
Update .drone.yml (#1073)
Add globbing for building any stable branch
Update loofah && nokogiri && rack-cors versions (#975)
Update storage-related gems (#957)
Update ruby to 2.6.5 for security reasons
Update seeds.yml (#934)
Update Barong::App validations (#904)
Update nokogiri version (Command injection) (#906)
Update models' annotations (#895)
Update to ruby 2.6.3 and rails 5.2.3, fix binstubs issue
Updating SDK tools to 2.6.5
Updating gem multisign and jwt [ci skip]
Use uid instead of id on profile update && delete api
Use CGI::escape instead of pure url in documents event api
Use Barong::App.config.barong_uid_prefix in referral validation (#923)
YAML configuration of admins abilities (#1127)
Co-authored-by: Camille Meulien <cmeulien@heliostech.fr>
Released 2020-12-24
Add ability to configure aws_signature_version && endpoint (#947) (#960)
Add ability to configure sms content for phone verification (#877)
Enhancement: Update sdk tools version
Extend doc_type inclusion list, make validation case insensitive (#884)
Small fixes in document and profile model (#887)
Update Barong::App validations (#904) (#962)
Update drone for build images for branch 2-2-stable
Released 2020-12-24
Add CSRF token in API key documentation
Add structure.sql (#1131)
Add ability for admin to create comments (#1121)
Co-authored-by: denisfd <fedorchenko999@gmail.com>
Add private label otp enabled for user (#1084)
Add ability to configure upload-related configuration (#1016)
Add description field to labels
Apply fixes for kycaid integration
Bump master version to 2.5.0
Bump nokogiri from 1.10.5 to 1.10.8 (#1023)
Bumps nokogiri from 1.10.5 to 1.10.8.
Signed-off-by: dependabot[bot] <support@github.com>
Bump rack from 2.0.7 to 2.0.8 (#987)
Bumps rack from 2.0.7 to 2.0.8.
Signed-off-by: dependabot[bot] <support@github.com>
Bump puma from 3.12.1 to 3.12.2 (#982)
Bumps puma from 3.12.1 to 3.12.2.
Signed-off-by: dependabot[bot] <support@github.com>
Bump excon from 0.67.0 to 0.71.0 (#984)
Bumps excon from 0.67.0 to 0.71.0.
Signed-off-by: dependabot[bot] <support@github.com>
Create roadmap.md
Deep_symbolize_keys for VerificationsWorker KYC (#1140)
Enhancement: Update sdk tools version
Enhancement: Add logo and useful links to the README [CI SKIP]
Enhancement: api_keys and users endpoints improvements
Enhancement: JWT expirating and Cache expiration policy improve
Enhancement: raise error on Mysql2::Error::ConnectionError in the mailer
Enhancement: Add ability to use dots, ~ and – in city and address
Enhancement: remove lang param from APIs, stick to user.language logic
Enhancement: add management API - create profile, update :data field
Enhancement: remove api_key signature blacklisting
Enhancement: allow only latest requested token on reset_pass (#1054)
Enhancement: Add created_at and updated_at to profile entities
Enhancement: Redeploy on master.devkube.com on every master push (#1038)
Enhancement: disallow using nonce in api key twice (#1030)
Enhancement: avoid errors on missing configurations (#1033)
Enhancement: raise fatal error if cant connect to redis in production (#1032)
Enhancement: security updates (#1021)
Enhancement: minor fixes and improvments (#1020)
Enhancement: improve log coverage, fix log_level config in prod env (#1008)
Enhancement: improve twilio client error mapping (#988)
Enhancement: referral_uid as optional param in users management API (#990)
Enhancement: improve date validation with :required_docs_expire false (#989)
Enhancement: always render 201 on reset_password API (#985)
Enhauncement: Configuration unifying & documentation (#1001)
Enhauncement: rework captcha policy, add documentation (#994)
Feature: add filters for /resource/users/activity/all endpoint
Feature: post admin/profiles, 2-admin profile approval (#1120)
Feature: Add redis cluster support
Feature: Add email filters (#1085)
Feature: admin endpoint to retrieve user api keys
Feature: introduce category of restrictions, restrictions as firewall (#1061)
Feature: introduce akamai support, add barong_gateway switch
Feature: Add Sentry error tracking system (#1053)
Feature: PUT resource/users/me data field (#1050)
Feature: new email templates (#1041)
Feature: Ability to send emails (#959)
Feature: Ability to send emails
Feature: new email template (#1036)
Co-authored-by: Yehor <ychumak@heliostech.fr> Co-authored-by: Andrew Peresada <kohelbekker@gmail.com> Co-authored-by: Louis <lbellet@openware.com>
Feature: Add ability to support multiple profiles (#1015)
Co-authored-by: Chumak Nadiia <chumaknadya19@gmail.com>
Feature: rework password validation policy (#1006)
Feature: Make processes and threads configurable (#1005)
Feature: introduce CSRF protection (#986)
Feature: GET /identity/configs - tiny configurations endpoint (#1004)
Feature: add DataStorages
Feature: new drone steps for telegram notification and docs (#974)
fix: Gemfile & Gemfile.lock to reduce vulnerabilities (#1040)
The following vulnerabilities are fixed with an upgrade:
fix: Gemfile & Gemfile.lock to reduce vulnerabilities (#1027)
The following vulnerabilities are fixed with an upgrade:
Fix: Unify mailer language keys && Add backtrace
Fix: Delete redundant permissions (#1180)
Fix restriction seed function
Fix: Mailer exit on lost db connection (#1152)
Fix: Redis sidekiq connection
Fix: Handle Document <-> Facial verification KYCAID (#1136)
Fix: display only uniq list of users with profiles in search request (#1081)
Fix: remove failed login activity on empty otp (#1066)
Fix: Add docs && changelog generation on master branch (#1049)
Fix: Association issue (#1039)
Fix: get rid of wrong unicode symbol
Fix: password_min_entropy expose in /configs issue
Fix: add missing redis_url in Barong::App.config (#1007)
Fix: changes in recaptcha verification behaviour (#1002)
Fix: Support new MaxmindDB download policy (#999)
Fix: Support new MaxmindDB download policy
Fix dates in specs
Enhauncement: update sdk version
Co-authored-by: chumaknadya <chumaknadya19@gmail.com>
Fix: Update Drone CI pipelines for master branch (#979)
Fix: Rake task for notification updated (#976)
Handle OpenURI::HTTPError 404 && avoid OpenURI StringIO creation (#1133)
KYCAID integration
Refactor: fix typo in emails, remove inline attachment (#1059)
Refactor: push cloudflare IPs list to rails trusted proxies
Release: 2-4-stable :tada:
Session related improvements (#977)
Setup redeploy on devkube (#1035)
Update gems
Update .drone.yml (#1073)
Add globbing for building any stable branch
Released 2020-12-24
Add ability to configure upload-related configuration (#1017)
Enhancement: Update sdk tools version
Enhancement: Minor fixes and improvements (#1019)
Enhauncement: rework captcha policy, add documentation (#994)
Feature: rework password validation policy (#1006)
Feature: Add docs generated step in drone pipeline (#978)
Fix: small changes in profile flow (#1126)
Fix: changes in recaptcha verification behaviour (#1002)
Fix: Support new MaxmindDB download policy (#1000)
Fix: Support new MaxmindDB download policy
Fix dates in specs
Enhauncement: update sdk version
Co-authored-by: chumaknadya <chumaknadya19@gmail.com>
Refactor: push cloudflare IPs list to rails trusted proxies (#1046)
Session related improvements
Released 2020-12-24
Add CSRF token in API key documentation (#1169)
Add ability for admin to read activity
Add PostgreSQL support
Add migration tasks to version 2.6
Add kycaid.md (#1141)
Add security.md (#1138)
Add secret encrypted to api keys model
Add renew process to vault initializer
Adding barong export task
Bump master version to 2.6.0
Change naming to barong.postmaster.event.mailer and turn off manual_ack for events
Deep_symbolize_keys for VerificationsWorker KYC (#1139)
Enhancement: update sdk-citools version for Drone CI
Enhancement: Add permissions:load rake task (#1197)
Co-authored-by: Valentine Shatravenko <vshatravenko@heliostech.fr>
Enhancement: Update SDK version to 2.6.6
Enhancement: Make APIKey kid field unique
Feature: add the ability to update user email by superadmin
Feature: Add rake task for deleting activities && Add documentation
Feature: Add read/delete phones for management API
Feature: Add management API for phone creation
Feature: Add key expiration time and rotation tasks (#1157)
Feature: Mask last_name, dob, doc_number, phone_number on API level
Feature: Add encryption on profile, phone and document models (#1150)
Co-authored-by: Camille <cmeulien@heliostech.fr>
Feature: ability to customize email template logo (#1114)
Fix: Unify mailer language keys && Add backtrace
Fix: Delete redundant permissions (#1178)
Fix: Docs generation
Fix restriction seed function
Fix: ApiKey creating only on account holder active state && Refactoring
Fix: Add string length limit for encrypted fields
Fix: Skip validation on encrypted migration
Fix: Delete mask fields on management API
Fix: Mailer exit on lost db connection (#1149)
Fix vault initializer
Fix: don't raise error on production if BARONG_VAULT_TOKEN is missing
Fix: Redis sidekiq connection
Fix: Handle Document <-> Facial verification KYCAID (#1134)
Handle OpenURI::HTTPError 404 && avoid OpenURI StringIO creation (#1132)
Improve the vault token renew process
Introduce service accounts (#1137)
Remove the default value of vault_token (#1151)
Update ability of compliance and accountant
Compliance and accountant should be able to see Market, Engine, Currency
Update abilities.yml
Update authz rules
Update seeds.yml
Update Barong README and documentation
Update jwt-multisig to 1.0.4
Update vault policies documentation
Update rails to 5.2.4.4 (#1145)
Co-authored-by: Camille <cmeulien@heliostech.fr>
Update dependencies to latest
Updating SDK tools to 2.6.5
YAML configuration of admins abilities (#1127)
Co-authored-by: Camille Meulien <cmeulien@heliostech.fr>
Released 2020-12-24
Add CSRF token in API key documentation
Add structure.sql (#1131)
Add ability for admin to create comments (#1121)
Co-authored-by: denisfd <fedorchenko999@gmail.com>
Add private label otp enabled for user (#1084)
Apply fixes for kycaid integration
Bump master version to 2.5.0
Deep_symbolize_keys for VerificationsWorker KYC (#1140)
Enhancement: Add logo and useful links to the README [CI SKIP]
Enhancement: api_keys and users endpoints improvements
Enhancement: JWT expirating and Cache expiration policy improve
Enhancement: raise error on Mysql2::Error::ConnectionError in the mailer
Enhancement: Add ability to use dots, ~ and – in city and address
Enhancement: remove lang param from APIs, stick to user.language logic
Enhancement: add management API - create profile, update :data field
Enhancement: remove api_key signature blacklisting
Enhancement: allow only latest requested token on reset_pass (#1054)
Enhancement: Add created_at and updated_at to profile entities
Feature: add filters for /resource/users/activity/all endpoint
Feature: post admin/profiles, 2-admin profile approval (#1120)
Feature: Add redis cluster support
Feature: Add email filters (#1085)
Feature: admin endpoint to retrieve user api keys
Feature: introduce category of restrictions, restrictions as firewall (#1061)
Feature: introduce akamai support, add barong_gateway switch
Feature: Add Sentry error tracking system (#1053)
Feature: PUT resource/users/me data field (#1050)
Fix: Unify mailer language keys && Add backtrace
Fix: Delete redundant permissions (#1180)
Fix restriction seed function
Fix: Mailer exit on lost db connection (#1152)
Fix: Redis sidekiq connection
Fix: Handle Document <-> Facial verification KYCAID (#1136)
Fix: display only uniq list of users with profiles in search request (#1081)
Fix: remove failed login activity on empty otp (#1066)
Fix: Add docs && changelog generation on master branch (#1049)
Handle OpenURI::HTTPError 404 && avoid OpenURI StringIO creation (#1133)
KYCAID integration
Refactor: fix typo in emails, remove inline attachment (#1059)
Refactor: push cloudflare IPs list to rails trusted proxies
Release: 2-4-stable :tada:
Update gems
Update .drone.yml (#1073)
Add globbing for building any stable branch
Released 2020-12-24
Add CSRF token in API key documentation (#1171)
Add private label otp enabled for user (#1076)
Enhancement: Add logo and useful links to the README [CI SKIP]
Enhancement: raise error on Mysql2::Error::ConnectionError in the mailer
Enhancement: JWT expirating and Cache expiration policy improve
Enhancement: Add ability to use dots, ~ and – in city and address
Enhancement: remove lang param from APIs, stick to user.language logic
Enhancement: add management API - create profile, update :data field
Enhancement: remove api_key signature blacklisting
Enhancement: allow only latest requested token on reset_pass (#1054)
Enhancement: Add created_at and updated_at to profile entities
Feature: admin endpoint to retrieve user api keys
Feature: introduce category of restrictions, restrictions as firewall (#1061)
Feature: introduce akamai support, add barong_gateway switch
Feature: Add Sentry error tracking system (#1053)
Feature: PUT resource/users/me data field (#1050)
Fix: Mailer exit on lost db connection (#1153)
Fix: display only uniq list of users with profiles in search request (#1082)
Fix: remove failed login activity on empty otp (#1066)
Fix: Add docs && changelog generation on master branch (#1049)
Refactor: fix typo in emails, remove inline attachment (#1059)
Refactor: push cloudflare IPs list to rails trusted proxies (#1047)
Release: 2-4-stable :tada:
Released 2020-12-22
Add ability for admin to read activity
Update ability of compliance and accountant
Compliance and accountant should be able to see Market, Engine, Currency
Released 2020-12-22
Add PostgreSQL support
Add migration tasks to version 2.6
Add kycaid.md (#1141)
Add security.md (#1138)
Add secret encrypted to api keys model
Add renew process to vault initializer
Adding barong export task
Bump master version to 2.6.0
Change naming to barong.postmaster.event.mailer and turn off manual_ack for events
Deep_symbolize_keys for VerificationsWorker KYC (#1139)
Enhancement: update sdk-citools version for Drone CI
Enhancement: Add permissions:load rake task (#1197)
Co-authored-by: Valentine Shatravenko <vshatravenko@heliostech.fr>
Enhancement: Update SDK version to 2.6.6
Enhancement: Make APIKey kid field unique
Feature: add the ability to update user email by superadmin
Feature: Add rake task for deleting activities && Add documentation
Feature: Add read/delete phones for management API
Feature: Add management API for phone creation
Feature: Add key expiration time and rotation tasks (#1157)
Feature: Mask last_name, dob, doc_number, phone_number on API level
Feature: Add encryption on profile, phone and document models (#1150)
Co-authored-by: Camille <cmeulien@heliostech.fr>
Feature: ability to customize email template logo (#1114)
Fix: Unify mailer language keys && Add backtrace
Fix: Delete redundant permissions (#1178)
Fix: Docs generation
Fix restriction seed function
Fix: ApiKey creating only on account holder active state && Refactoring
Fix: Add string length limit for encrypted fields
Fix: Skip validation on encrypted migration
Fix: Delete mask fields on management API
Fix: Mailer exit on lost db connection (#1149)
Fix vault initializer
Fix: don't raise error on production if BARONG_VAULT_TOKEN is missing
Fix: Redis sidekiq connection
Fix: Handle Document <-> Facial verification KYCAID (#1134)
Handle OpenURI::HTTPError 404 && avoid OpenURI StringIO creation (#1132)
Improve the vault token renew process
Introduce service accounts (#1137)
Remove the default value of vault_token (#1151)
Update abilities.yml
Update authz rules
Update seeds.yml
Update Barong README and documentation
Update jwt-multisig to 1.0.4
Update vault policies documentation
Update rails to 5.2.4.4 (#1145)
Co-authored-by: Camille <cmeulien@heliostech.fr>
Update dependencies to latest
Updating SDK tools to 2.6.5
YAML configuration of admins abilities (#1127)
Co-authored-by: Camille Meulien <cmeulien@heliostech.fr>
Released 2020-12-21
Deep_symbolize_keys for VerificationsWorker KYC (#1140)
Enhancement: Add logo and useful links to the README [CI SKIP]
Fix: Unify mailer language keys && Add backtrace
Fix: Delete redundant permissions (#1180)
Fix restriction seed function
Fix: Mailer exit on lost db connection (#1152)
Fix: Redis sidekiq connection
Fix: Handle Document <-> Facial verification KYCAID (#1136)
Handle OpenURI::HTTPError 404 && avoid OpenURI StringIO creation (#1133)
Released 2020-12-18
Fix: Unify mailer language keys && Add backtrace
Released 2020-12-18
Update abilities.yml
Released 2020-12-18
Enhancement: Add permissions:load rake task (#1197)
Co-authored-by: Valentine Shatravenko <vshatravenko@heliostech.fr>
Released 2020-12-18
Update authz rules
Released 2020-12-17
Enhancement: Update SDK version to 2.6.6
Released 2020-12-16
Fix: Delete redundant permissions (#1178)
Released 2020-12-15
Fix: Docs generation
Released 2020-12-15
Updating SDK tools to 2.6.5
Released 2020-12-15
Update seeds.yml
Released 2020-12-08
Released 2020-12-04
Released 2020-12-04
Feature: add the ability to update user email by superadmin
Released 2020-12-04
Feature: Add rake task for deleting activities && Add documentation
Released 2020-11-04
Add PostgreSQL support
Add migration tasks to version 2.6
Add kycaid.md (#1141)
Add security.md (#1138)
Add secret encrypted to api keys model
Add renew process to vault initializer
Adding barong export task
Bump master version to 2.6.0
Change naming to barong.postmaster.event.mailer and turn off manual_ack for events
Deep_symbolize_keys for VerificationsWorker KYC (#1139)
Enhancement: Make APIKey kid field unique
Feature: Add read/delete phones for management API
Feature: Add management API for phone creation
Feature: Add key expiration time and rotation tasks (#1157)
Feature: Mask last_name, dob, doc_number, phone_number on API level
Feature: Add encryption on profile, phone and document models (#1150)
Co-authored-by: Camille <cmeulien@heliostech.fr>
Feature: ability to customize email template logo (#1114)
Fix restriction seed function
Fix: ApiKey creating only on account holder active state && Refactoring
Fix: Add string length limit for encrypted fields
Fix: Skip validation on encrypted migration
Fix: Delete mask fields on management API
Fix: Mailer exit on lost db connection (#1149)
Fix vault initializer
Fix: don't raise error on production if BARONG_VAULT_TOKEN is missing
Fix: Redis sidekiq connection
Fix: Handle Document <-> Facial verification KYCAID (#1134)
Handle OpenURI::HTTPError 404 && avoid OpenURI StringIO creation (#1132)
Improve the vault token renew process
Introduce service accounts (#1137)
Remove the default value of vault_token (#1151)
Update Barong README and documentation
Update jwt-multisig to 1.0.4
Update vault policies documentation
Update rails to 5.2.4.4 (#1145)
Co-authored-by: Camille <cmeulien@heliostech.fr>
Update dependencies to latest
YAML configuration of admins abilities (#1127)
Co-authored-by: Camille Meulien <cmeulien@heliostech.fr>
Released 2020-11-03
Deep_symbolize_keys for VerificationsWorker KYC (#1140)
Enhancement: Add logo and useful links to the README [CI SKIP]
Fix restriction seed function
Fix: Mailer exit on lost db connection (#1152)
Fix: Redis sidekiq connection
Fix: Handle Document <-> Facial verification KYCAID (#1136)
Handle OpenURI::HTTPError 404 && avoid OpenURI StringIO creation (#1133)
Released 2020-10-16
Add PostgreSQL support
Add migration tasks to version 2.6
Add kycaid.md (#1141)
Add security.md (#1138)
Add secret encrypted to api keys model
Add renew process to vault initializer
Add structure.sql (#1131)
Add ability for admin to create comments (#1121)
Co-authored-by: denisfd <fedorchenko999@gmail.com>
Add private label otp enabled for user (#1084)
Adding barong export task
Apply fixes for kycaid integration
Bump master version to 2.6.0
Bump master version to 2.5.0
Change naming to barong.postmaster.event.mailer and turn off manual_ack for events
Deep_symbolize_keys for VerificationsWorker KYC (#1139)
Enhancement: Make APIKey kid field unique
Enhancement: api_keys and users endpoints improvements
Enhancement: JWT expirating and Cache expiration policy improve
Enhancement: raise error on Mysql2::Error::ConnectionError in the mailer
Enhancement: Add ability to use dots, ~ and – in city and address
Enhancement: remove lang param from APIs, stick to user.language logic
Enhancement: add management API - create profile, update :data field
Enhancement: remove api_key signature blacklisting
Enhancement: allow only latest requested token on reset_pass (#1054)
Enhancement: Add created_at and updated_at to profile entities
Feature: Add read/delete phones for management API
Feature: Add management API for phone creation
Feature: Add key expiration time and rotation tasks (#1157)
Feature: Mask last_name, dob, doc_number, phone_number on API level
Feature: Add encryption on profile, phone and document models (#1150)
Co-authored-by: Camille <cmeulien@heliostech.fr>
Feature: ability to customize email template logo (#1114)
Feature: add filters for /resource/users/activity/all endpoint
Feature: post admin/profiles, 2-admin profile approval (#1120)
Feature: Add redis cluster support
Feature: Add email filters (#1085)
Feature: admin endpoint to retrieve user api keys
Feature: introduce category of restrictions, restrictions as firewall (#1061)
Feature: introduce akamai support, add barong_gateway switch
Feature: Add Sentry error tracking system (#1053)
Feature: PUT resource/users/me data field (#1050)
Fix: ApiKey creating only on account holder active state && Refactoring
Fix: Add string length limit for encrypted fields
Fix: Skip validation on encrypted migration
Fix: Delete mask fields on management API
Fix: Mailer exit on lost db connection (#1149)
Fix vault initializer
Fix: don't raise error on production if BARONG_VAULT_TOKEN is missing
Fix: Redis sidekiq connection
Fix: Handle Document <-> Facial verification KYCAID (#1134)
Fix: display only uniq list of users with profiles in search request (#1081)
Fix: remove failed login activity on empty otp (#1066)
Fix: Add docs && changelog generation on master branch (#1049)
Handle OpenURI::HTTPError 404 && avoid OpenURI StringIO creation (#1132)
Improve the vault token renew process
Introduce service accounts (#1137)
KYCAID integration
Refactor: fix typo in emails, remove inline attachment (#1059)
Refactor: push cloudflare IPs list to rails trusted proxies
Release: 2-4-stable :tada:
Remove the default value of vault_token (#1151)
Update Barong README and documentation
Update jwt-multisig to 1.0.4
Update vault policies documentation
Update rails to 5.2.4.4 (#1145)
Co-authored-by: Camille <cmeulien@heliostech.fr>
Update dependencies to latest
Update gems
Update .drone.yml (#1073)
Add globbing for building any stable branch
YAML configuration of admins abilities (#1127)
Co-authored-by: Camille Meulien <cmeulien@heliostech.fr>
Released 2020-10-06
Add private label otp enabled for user (#1076)
Enhancement: raise error on Mysql2::Error::ConnectionError in the mailer
Enhancement: JWT expirating and Cache expiration policy improve
Enhancement: Add ability to use dots, ~ and – in city and address
Enhancement: remove lang param from APIs, stick to user.language logic
Enhancement: add management API - create profile, update :data field
Enhancement: remove api_key signature blacklisting
Enhancement: allow only latest requested token on reset_pass (#1054)
Enhancement: Add created_at and updated_at to profile entities
Feature: admin endpoint to retrieve user api keys
Feature: introduce category of restrictions, restrictions as firewall (#1061)
Feature: introduce akamai support, add barong_gateway switch
Feature: Add Sentry error tracking system (#1053)
Feature: PUT resource/users/me data field (#1050)
Fix: Mailer exit on lost db connection (#1153)
Fix: display only uniq list of users with profiles in search request (#1082)
Fix: remove failed login activity on empty otp (#1066)
Fix: Add docs && changelog generation on master branch (#1049)
Refactor: fix typo in emails, remove inline attachment (#1059)
Refactor: push cloudflare IPs list to rails trusted proxies (#1047)
Release: 2-4-stable :tada:
Released 2020-10-06
Fix: Mailer exit on lost db connection (#1152)
Released 2020-09-11
Fix: Redis sidekiq connection
Released 2020-08-28
Deep_symbolize_keys for VerificationsWorker KYC (#1140)
Released 2020-08-18
Fix: Handle Document <-> Facial verification KYCAID (#1136)
Released 2020-08-14
Handle OpenURI::HTTPError 404 && avoid OpenURI StringIO creation (#1133)
Released 2020-08-06
Add structure.sql (#1131)
Released 2020-08-03
Add ability for admin to create comments (#1121)
Co-authored-by: denisfd <fedorchenko999@gmail.com>
Add private label otp enabled for user (#1084)
Add ability to configure upload-related configuration (#1016)
Add description field to labels
Apply fixes for kycaid integration
Bump master version to 2.5.0
Bump nokogiri from 1.10.5 to 1.10.8 (#1023)
Bumps nokogiri from 1.10.5 to 1.10.8.
Signed-off-by: dependabot[bot] <support@github.com>
Bump rack from 2.0.7 to 2.0.8 (#987)
Bumps rack from 2.0.7 to 2.0.8.
Signed-off-by: dependabot[bot] <support@github.com>
Bump puma from 3.12.1 to 3.12.2 (#982)
Bumps puma from 3.12.1 to 3.12.2.
Signed-off-by: dependabot[bot] <support@github.com>
Bump excon from 0.67.0 to 0.71.0 (#984)
Bumps excon from 0.67.0 to 0.71.0.
Signed-off-by: dependabot[bot] <support@github.com>
Create roadmap.md
Enhancement: api_keys and users endpoints improvements
Enhancement: JWT expirating and Cache expiration policy improve
Enhancement: raise error on Mysql2::Error::ConnectionError in the mailer
Enhancement: Add ability to use dots, ~ and – in city and address
Enhancement: remove lang param from APIs, stick to user.language logic
Enhancement: add management API - create profile, update :data field
Enhancement: remove api_key signature blacklisting
Enhancement: allow only latest requested token on reset_pass (#1054)
Enhancement: Add created_at and updated_at to profile entities
Enhancement: Redeploy on master.devkube.com on every master push (#1038)
Enhancement: disallow using nonce in api key twice (#1030)
Enhancement: avoid errors on missing configurations (#1033)
Enhancement: raise fatal error if cant connect to redis in production (#1032)
Enhancement: security updates (#1021)
Enhancement: minor fixes and improvments (#1020)
Enhancement: improve log coverage, fix log_level config in prod env (#1008)
Enhancement: improve twilio client error mapping (#988)
Enhancement: referral_uid as optional param in users management API (#990)
Enhancement: improve date validation with :required_docs_expire false (#989)
Enhancement: always render 201 on reset_password API (#985)
Enhauncement: Configuration unifying & documentation (#1001)
Enhauncement: rework captcha policy, add documentation (#994)
Feature: add filters for /resource/users/activity/all endpoint
Feature: post admin/profiles, 2-admin profile approval (#1120)
Feature: Add redis cluster support
Feature: Add email filters (#1085)
Feature: admin endpoint to retrieve user api keys
Feature: introduce category of restrictions, restrictions as firewall (#1061)
Feature: introduce akamai support, add barong_gateway switch
Feature: Add Sentry error tracking system (#1053)
Feature: PUT resource/users/me data field (#1050)
Feature: new email templates (#1041)
Feature: Ability to send emails (#959)
Feature: Ability to send emails
Feature: new email template (#1036)
Co-authored-by: Yehor <ychumak@heliostech.fr> Co-authored-by: Andrew Peresada <kohelbekker@gmail.com> Co-authored-by: Louis <lbellet@openware.com>
Feature: Add ability to support multiple profiles (#1015)
Co-authored-by: Chumak Nadiia <chumaknadya19@gmail.com>
Feature: rework password validation policy (#1006)
Feature: Make processes and threads configurable (#1005)
Feature: introduce CSRF protection (#986)
Feature: GET /identity/configs - tiny configurations endpoint (#1004)
Feature: add DataStorages
Feature: new drone steps for telegram notification and docs (#974)
Fix: display only uniq list of users with profiles in search request (#1081)
Fix: remove failed login activity on empty otp (#1066)
Fix: Add docs && changelog generation on master branch (#1049)
Fix: Association issue (#1039)
Fix: get rid of wrong unicode symbol
Fix: password_min_entropy expose in /configs issue
Fix: add missing redis_url in Barong::App.config (#1007)
Fix: changes in recaptcha verification behaviour (#1002)
Fix: Support new MaxmindDB download policy (#999)
Fix: Support new MaxmindDB download policy
Fix dates in specs
Enhauncement: update sdk version
Co-authored-by: chumaknadya <chumaknadya19@gmail.com>
Fix: Update Drone CI pipelines for master branch (#979)
Fix: Rake task for notification updated (#976)
fix: Gemfile & Gemfile.lock to reduce vulnerabilities (#1040)
The following vulnerabilities are fixed with an upgrade:
fix: Gemfile & Gemfile.lock to reduce vulnerabilities (#1027)
The following vulnerabilities are fixed with an upgrade:
KYCAID integration
Refactor: fix typo in emails, remove inline attachment (#1059)
Refactor: push cloudflare IPs list to rails trusted proxies
Release: 2-4-stable :tada:
Session related improvements (#977)
Setup redeploy on devkube (#1035)
Update gems
Update .drone.yml (#1073)
Add globbing for building any stable branch
Released 2020-07-31
Add ability to configure upload-related configuration (#1017)
Enhancement: Minor fixes and improvements (#1019)
Enhauncement: rework captcha policy, add documentation (#994)
Feature: rework password validation policy (#1006)
Feature: Add docs generated step in drone pipeline (#978)
Fix: small changes in profile flow (#1126)
Fix: changes in recaptcha verification behaviour (#1002)
Fix: Support new MaxmindDB download policy (#1000)
Fix: Support new MaxmindDB download policy
Fix dates in specs
Enhauncement: update sdk version
Co-authored-by: chumaknadya <chumaknadya19@gmail.com>
Refactor: push cloudflare IPs list to rails trusted proxies (#1046)
Session related improvements
Released 2020-07-30
Add ability for admin to create comments (#1121)
Co-authored-by: denisfd <fedorchenko999@gmail.com>
Released 2020-07-30
Feature: post admin/profiles, 2-admin profile approval (#1120)
Released 2020-07-27
Add private label otp enabled for user (#1084)
Apply fixes for kycaid integration
Bump master version to 2.5.0
Enhancement: api_keys and users endpoints improvements
Enhancement: JWT expirating and Cache expiration policy improve
Enhancement: raise error on Mysql2::Error::ConnectionError in the mailer
Enhancement: Add ability to use dots, ~ and – in city and address
Enhancement: remove lang param from APIs, stick to user.language logic
Enhancement: add management API - create profile, update :data field
Enhancement: remove api_key signature blacklisting
Enhancement: allow only latest requested token on reset_pass (#1054)
Enhancement: Add created_at and updated_at to profile entities
Feature: Add redis cluster support
Feature: Add email filters (#1085)
Feature: admin endpoint to retrieve user api keys
Feature: introduce category of restrictions, restrictions as firewall (#1061)
Feature: introduce akamai support, add barong_gateway switch
Feature: Add Sentry error tracking system (#1053)
Feature: PUT resource/users/me data field (#1050)
Fix: display only uniq list of users with profiles in search request (#1081)
Fix: remove failed login activity on empty otp (#1066)
Fix: Add docs && changelog generation on master branch (#1049)
KYCAID integration
Refactor: fix typo in emails, remove inline attachment (#1059)
Refactor: push cloudflare IPs list to rails trusted proxies
Release: 2-4-stable :tada:
Update gems
Update .drone.yml (#1073)
Add globbing for building any stable branch
Released 2020-07-24
Add private label otp enabled for user (#1076)
Enhancement: raise error on Mysql2::Error::ConnectionError in the mailer
Enhancement: JWT expirating and Cache expiration policy improve
Enhancement: Add ability to use dots, ~ and – in city and address
Enhancement: remove lang param from APIs, stick to user.language logic
Enhancement: add management API - create profile, update :data field
Enhancement: remove api_key signature blacklisting
Enhancement: allow only latest requested token on reset_pass (#1054)
Enhancement: Add created_at and updated_at to profile entities
Feature: admin endpoint to retrieve user api keys
Feature: introduce category of restrictions, restrictions as firewall (#1061)
Feature: introduce akamai support, add barong_gateway switch
Feature: Add Sentry error tracking system (#1053)
Feature: PUT resource/users/me data field (#1050)
Fix: display only uniq list of users with profiles in search request (#1082)
Fix: remove failed login activity on empty otp (#1066)
Fix: Add docs && changelog generation on master branch (#1049)
Refactor: fix typo in emails, remove inline attachment (#1059)
Refactor: push cloudflare IPs list to rails trusted proxies (#1047)
Release: 2-4-stable :tada:
Released 2020-07-24
Enhancement: api_keys and users endpoints improvements
Feature: Add redis cluster support
Released 2020-06-24
Add private label otp enabled for user (#1084)
Add ability to configure upload-related configuration (#1016)
Add description field to labels
Bump master version to 2.5.0
Bump nokogiri from 1.10.5 to 1.10.8 (#1023)
Bumps nokogiri from 1.10.5 to 1.10.8.
Signed-off-by: dependabot[bot] <support@github.com>
Bump rack from 2.0.7 to 2.0.8 (#987)
Bumps rack from 2.0.7 to 2.0.8.
Signed-off-by: dependabot[bot] <support@github.com>
Bump puma from 3.12.1 to 3.12.2 (#982)
Bumps puma from 3.12.1 to 3.12.2.
Signed-off-by: dependabot[bot] <support@github.com>
Bump excon from 0.67.0 to 0.71.0 (#984)
Bumps excon from 0.67.0 to 0.71.0.
Signed-off-by: dependabot[bot] <support@github.com>
Create roadmap.md
Enhancement: JWT expirating and Cache expiration policy improve
Enhancement: raise error on Mysql2::Error::ConnectionError in the mailer
Enhancement: Add ability to use dots, ~ and – in city and address
Enhancement: remove lang param from APIs, stick to user.language logic
Enhancement: add management API - create profile, update :data field
Enhancement: remove api_key signature blacklisting
Enhancement: allow only latest requested token on reset_pass (#1054)
Enhancement: Add created_at and updated_at to profile entities
Enhancement: Redeploy on master.devkube.com on every master push (#1038)
Enhancement: disallow using nonce in api key twice (#1030)
Enhancement: avoid errors on missing configurations (#1033)
Enhancement: raise fatal error if cant connect to redis in production (#1032)
Enhancement: security updates (#1021)
Enhancement: minor fixes and improvments (#1020)
Enhancement: improve log coverage, fix log_level config in prod env (#1008)
Enhancement: improve twilio client error mapping (#988)
Enhancement: referral_uid as optional param in users management API (#990)
Enhancement: improve date validation with :required_docs_expire false (#989)
Enhancement: always render 201 on reset_password API (#985)
Enhauncement: Configuration unifying & documentation (#1001)
Enhauncement: rework captcha policy, add documentation (#994)
Feature: Add email filters (#1085)
Feature: admin endpoint to retrieve user api keys
Feature: introduce category of restrictions, restrictions as firewall (#1061)
Feature: introduce akamai support, add barong_gateway switch
Feature: Add Sentry error tracking system (#1053)
Feature: PUT resource/users/me data field (#1050)
Feature: new email templates (#1041)
Feature: Ability to send emails (#959)
Feature: Ability to send emails
Feature: new email template (#1036)
Co-authored-by: Yehor <ychumak@heliostech.fr> Co-authored-by: Andrew Peresada <kohelbekker@gmail.com> Co-authored-by: Louis <lbellet@openware.com>
Feature: Add ability to support multiple profiles (#1015)
Co-authored-by: Chumak Nadiia <chumaknadya19@gmail.com>
Feature: rework password validation policy (#1006)
Feature: Make processes and threads configurable (#1005)
Feature: introduce CSRF protection (#986)
Feature: GET /identity/configs - tiny configurations endpoint (#1004)
Feature: add DataStorages
Feature: new drone steps for telegram notification and docs (#974)
Fix: display only uniq list of users with profiles in search request (#1081)
Fix: remove failed login activity on empty otp (#1066)
Fix: Add docs && changelog generation on master branch (#1049)
Fix: Association issue (#1039)
Fix: get rid of wrong unicode symbol
Fix: password_min_entropy expose in /configs issue
Fix: add missing redis_url in Barong::App.config (#1007)
Fix: changes in recaptcha verification behaviour (#1002)
Fix: Support new MaxmindDB download policy (#999)
Fix: Support new MaxmindDB download policy
Fix dates in specs
Enhauncement: update sdk version
Co-authored-by: chumaknadya <chumaknadya19@gmail.com>
Fix: Update Drone CI pipelines for master branch (#979)
Fix: Rake task for notification updated (#976)
fix: Gemfile & Gemfile.lock to reduce vulnerabilities (#1040)
The following vulnerabilities are fixed with an upgrade:
fix: Gemfile & Gemfile.lock to reduce vulnerabilities (#1027)
The following vulnerabilities are fixed with an upgrade:
Refactor: fix typo in emails, remove inline attachment (#1059)
Refactor: push cloudflare IPs list to rails trusted proxies
Release: 2-4-stable :tada:
Session related improvements (#977)
Setup redeploy on devkube (#1035)
Update .drone.yml (#1073)
Add globbing for building any stable branch
Released 2020-06-12
Add ability to configure upload-related configuration (#1017)
Enhancement: Minor fixes and improvements (#1019)
Enhauncement: rework captcha policy, add documentation (#994)
Feature: rework password validation policy (#1006)
Feature: Add docs generated step in drone pipeline (#978)
Fix: changes in recaptcha verification behaviour (#1002)
Fix: Support new MaxmindDB download policy (#1000)
Fix: Support new MaxmindDB download policy
Fix dates in specs
Enhauncement: update sdk version
Co-authored-by: chumaknadya <chumaknadya19@gmail.com>
Refactor: push cloudflare IPs list to rails trusted proxies (#1046)
Session related improvements
Released 2020-06-04
Add private label otp enabled for user (#1076)
Enhancement: Add ability to use dots, ~ and – in city and address
Enhancement: remove lang param from APIs, stick to user.language logic
Enhancement: add management API - create profile, update :data field
Enhancement: remove api_key signature blacklisting
Enhancement: allow only latest requested token on reset_pass (#1054)
Enhancement: Add created_at and updated_at to profile entities
Feature: admin endpoint to retrieve user api keys
Feature: introduce category of restrictions, restrictions as firewall (#1061)
Feature: introduce akamai support, add barong_gateway switch
Feature: Add Sentry error tracking system (#1053)
Feature: PUT resource/users/me data field (#1050)
Fix: display only uniq list of users with profiles in search request (#1082)
Fix: remove failed login activity on empty otp (#1066)
Fix: Add docs && changelog generation on master branch (#1049)
Refactor: fix typo in emails, remove inline attachment (#1059)
Refactor: push cloudflare IPs list to rails trusted proxies (#1047)
Release: 2-4-stable :tada:
Released 2020-06-04
Enhancement: Add ability to use dots, ~ and – in city and address
Released 2020-06-03
Released 2020-06-01
Add private label otp enabled for user (#1084)
Bump master version to 2.5.0
Enhancement: remove lang param from APIs, stick to user.language logic
Enhancement: add management API - create profile, update :data field
Enhancement: remove api_key signature blacklisting
Enhancement: allow only latest requested token on reset_pass (#1054)
Enhancement: Add created_at and updated_at to profile entities
Feature: Add email filters (#1085)
Feature: admin endpoint to retrieve user api keys
Feature: introduce category of restrictions, restrictions as firewall (#1061)
Feature: introduce akamai support, add barong_gateway switch
Feature: Add Sentry error tracking system (#1053)
Feature: PUT resource/users/me data field (#1050)
Fix: display only uniq list of users with profiles in search request (#1081)
Fix: remove failed login activity on empty otp (#1066)
Fix: Add docs && changelog generation on master branch (#1049)
Refactor: fix typo in emails, remove inline attachment (#1059)
Refactor: push cloudflare IPs list to rails trusted proxies
Release: 2-4-stable :tada:
Update .drone.yml (#1073)
Add globbing for building any stable branch
Released 2020-06-01
Add private label otp enabled for user (#1076)
Enhancement: remove lang param from APIs, stick to user.language logic
Enhancement: add management API - create profile, update :data field
Enhancement: remove api_key signature blacklisting
Enhancement: allow only latest requested token on reset_pass (#1054)
Enhancement: Add created_at and updated_at to profile entities
Feature: admin endpoint to retrieve user api keys
Feature: introduce category of restrictions, restrictions as firewall (#1061)
Feature: introduce akamai support, add barong_gateway switch
Feature: Add Sentry error tracking system (#1053)
Feature: PUT resource/users/me data field (#1050)
Fix: display only uniq list of users with profiles in search request (#1082)
Fix: remove failed login activity on empty otp (#1066)
Fix: Add docs && changelog generation on master branch (#1049)
Refactor: fix typo in emails, remove inline attachment (#1059)
Refactor: push cloudflare IPs list to rails trusted proxies (#1047)
Release: 2-4-stable :tada:
Released 2020-05-28
Add private label otp enabled for user (#1084)
Fix: display only uniq list of users with profiles in search request (#1081)
Released 2020-05-18
Bump master version to 2.5.0
Enhancement: remove lang param from APIs, stick to user.language logic
Enhancement: add management API - create profile, update :data field
Enhancement: remove api_key signature blacklisting
Enhancement: allow only latest requested token on reset_pass (#1054)
Enhancement: Add created_at and updated_at to profile entities
Feature: admin endpoint to retrieve user api keys
Feature: introduce category of restrictions, restrictions as firewall (#1061)
Feature: introduce akamai support, add barong_gateway switch
Feature: Add Sentry error tracking system (#1053)
Feature: PUT resource/users/me data field (#1050)
Fix: remove failed login activity on empty otp (#1066)
Fix: Add docs && changelog generation on master branch (#1049)
Refactor: fix typo in emails, remove inline attachment (#1059)
Refactor: push cloudflare IPs list to rails trusted proxies
Release: 2-4-stable :tada:
Update .drone.yml (#1073)
Add globbing for building any stable branch
Released 2020-05-18
Feature: admin endpoint to retrieve user api keys
Released 2020-05-18
Feature: introduce category of restrictions, restrictions as firewall (#1061)
Released 2020-05-18
Enhancement: remove lang param from APIs, stick to user.language logic
Released 2020-05-18
Enhancement: add management API - create profile, update :data field
Released 2020-05-18
Fix: remove failed login activity on empty otp (#1066)
Released 2020-04-30
Enhancement: remove api_key signature blacklisting
Feature: introduce akamai support, add barong_gateway switch
Released 2020-04-30
Refactor: fix typo in emails, remove inline attachment (#1059)
Released 2020-04-30
Enhancement: allow only latest requested token on reset_pass (#1054)
Released 2020-04-20
Feature: Add Sentry error tracking system (#1053)
Feature: PUT resource/users/me data field (#1050)
Fix: Add docs && changelog generation on master branch (#1049)
Released 2020-04-01
Add ability to configure upload-related configuration (#1016)
Add description field to labels
Bump nokogiri from 1.10.5 to 1.10.8 (#1023)
Bumps nokogiri from 1.10.5 to 1.10.8.
Signed-off-by: dependabot[bot] <support@github.com>
Bump rack from 2.0.7 to 2.0.8 (#987)
Bumps rack from 2.0.7 to 2.0.8.
Signed-off-by: dependabot[bot] <support@github.com>
Bump puma from 3.12.1 to 3.12.2 (#982)
Bumps puma from 3.12.1 to 3.12.2.
Signed-off-by: dependabot[bot] <support@github.com>
Bump excon from 0.67.0 to 0.71.0 (#984)
Bumps excon from 0.67.0 to 0.71.0.
Signed-off-by: dependabot[bot] <support@github.com>
Create roadmap.md
Enhancement: Add created_at and updated_at to profile entities
Enhancement: Redeploy on master.devkube.com on every master push (#1038)
Enhancement: disallow using nonce in api key twice (#1030)
Enhancement: avoid errors on missing configurations (#1033)
Enhancement: raise fatal error if cant connect to redis in production (#1032)
Enhancement: security updates (#1021)
Enhancement: minor fixes and improvments (#1020)
Enhancement: improve log coverage, fix log_level config in prod env (#1008)
Enhancement: improve twilio client error mapping (#988)
Enhancement: referral_uid as optional param in users management API (#990)
Enhancement: improve date validation with :required_docs_expire false (#989)
Enhancement: always render 201 on reset_password API (#985)
Enhauncement: Configuration unifying & documentation (#1001)
Enhauncement: rework captcha policy, add documentation (#994)
Feature: new email templates (#1041)
Feature: Ability to send emails (#959)
Feature: Ability to send emails
Feature: new email template (#1036)
Co-authored-by: Yehor <ychumak@heliostech.fr> Co-authored-by: Andrew Peresada <kohelbekker@gmail.com> Co-authored-by: Louis <lbellet@openware.com>
Feature: Add ability to support multiple profiles (#1015)
Co-authored-by: Chumak Nadiia <chumaknadya19@gmail.com>
Feature: rework password validation policy (#1006)
Feature: Make processes and threads configurable (#1005)
Feature: introduce CSRF protection (#986)
Feature: GET /identity/configs - tiny configurations endpoint (#1004)
Feature: add DataStorages
Feature: new drone steps for telegram notification and docs (#974)
Fix: Association issue (#1039)
Fix: get rid of wrong unicode symbol
Fix: password_min_entropy expose in /configs issue
Fix: add missing redis_url in Barong::App.config (#1007)
Fix: changes in recaptcha verification behaviour (#1002)
Fix: Support new MaxmindDB download policy (#999)
Fix: Support new MaxmindDB download policy
Fix dates in specs
Enhauncement: update sdk version
Co-authored-by: chumaknadya <chumaknadya19@gmail.com>
Fix: Update Drone CI pipelines for master branch (#979)
Fix: Rake task for notification updated (#976)
fix: Gemfile & Gemfile.lock to reduce vulnerabilities (#1040)
The following vulnerabilities are fixed with an upgrade:
fix: Gemfile & Gemfile.lock to reduce vulnerabilities (#1027)
The following vulnerabilities are fixed with an upgrade:
Refactor: push cloudflare IPs list to rails trusted proxies (#1047)
Release: 2-4-stable :tada:
Session related improvements (#977)
Setup redeploy on devkube (#1035)
Released 2020-04-01
Add ability to configure upload-related configuration (#1017)
Enhancement: Minor fixes and improvements (#1019)
Enhauncement: rework captcha policy, add documentation (#994)
Feature: Add docs generated step in drone pipeline (#978)
Fix: changes in recaptcha verification behaviour (#1002)
Fix: Support new MaxmindDB download policy (#1000)
Fix: Support new MaxmindDB download policy
Fix dates in specs
Enhauncement: update sdk version
Co-authored-by: chumaknadya <chumaknadya19@gmail.com>
Refactor: push cloudflare IPs list to rails trusted proxies (#1046)
Session related improvements
Released 2020-03-31
Add ability to configure upload-related configuration (#1016)
Add description field to labels
Bump nokogiri from 1.10.5 to 1.10.8 (#1023)
Bumps nokogiri from 1.10.5 to 1.10.8.
Signed-off-by: dependabot[bot] <support@github.com>
Bump rack from 2.0.7 to 2.0.8 (#987)
Bumps rack from 2.0.7 to 2.0.8.
Signed-off-by: dependabot[bot] <support@github.com>
Bump puma from 3.12.1 to 3.12.2 (#982)
Bumps puma from 3.12.1 to 3.12.2.
Signed-off-by: dependabot[bot] <support@github.com>
Bump excon from 0.67.0 to 0.71.0 (#984)
Bumps excon from 0.67.0 to 0.71.0.
Signed-off-by: dependabot[bot] <support@github.com>
Create roadmap.md
Enhancement: Add created_at and updated_at to profile entities
Enhancement: Redeploy on master.devkube.com on every master push (#1038)
Enhancement: disallow using nonce in api key twice (#1030)
Enhancement: avoid errors on missing configurations (#1033)
Enhancement: raise fatal error if cant connect to redis in production (#1032)
Enhancement: security updates (#1021)
Enhancement: minor fixes and improvments (#1020)
Enhancement: improve log coverage, fix log_level config in prod env (#1008)
Enhancement: improve twilio client error mapping (#988)
Enhancement: referral_uid as optional param in users management API (#990)
Enhancement: improve date validation with :required_docs_expire false (#989)
Enhancement: always render 201 on reset_password API (#985)
Enhauncement: Configuration unifying & documentation (#1001)
Enhauncement: rework captcha policy, add documentation (#994)
Feature: new email templates (#1041)
Feature: Ability to send emails (#959)
Feature: Ability to send emails
Feature: new email template (#1036)
Co-authored-by: Yehor <ychumak@heliostech.fr> Co-authored-by: Andrew Peresada <kohelbekker@gmail.com> Co-authored-by: Louis <lbellet@openware.com>
Feature: Add ability to support multiple profiles (#1015)
Co-authored-by: Chumak Nadiia <chumaknadya19@gmail.com>
Feature: rework password validation policy (#1006)
Feature: Make processes and threads configurable (#1005)
Feature: introduce CSRF protection (#986)
Feature: GET /identity/configs - tiny configurations endpoint (#1004)
Feature: add DataStorages
Feature: new drone steps for telegram notification and docs (#974)
Fix: Association issue (#1039)
Fix: get rid of wrong unicode symbol
Fix: password_min_entropy expose in /configs issue
Fix: add missing redis_url in Barong::App.config (#1007)
Fix: changes in recaptcha verification behaviour (#1002)
Fix: Support new MaxmindDB download policy (#999)
Fix: Support new MaxmindDB download policy
Fix dates in specs
Enhauncement: update sdk version
Co-authored-by: chumaknadya <chumaknadya19@gmail.com>
Fix: Update Drone CI pipelines for master branch (#979)
Fix: Rake task for notification updated (#976)
fix: Gemfile & Gemfile.lock to reduce vulnerabilities (#1040)
The following vulnerabilities are fixed with an upgrade:
fix: Gemfile & Gemfile.lock to reduce vulnerabilities (#1027)
The following vulnerabilities are fixed with an upgrade:
Release: 2-4-stable :tada:
Session related improvements (#977)
Setup redeploy on devkube (#1035)
Released 2020-02-19
Enhancement: Minor fixes and improvements (#1019)
Released 2020-02-18
Add ability to configure upload-related configuration (#1017)
Released 2020-01-23
Enhauncement: rework captcha policy, add documentation (#994)
Fix: changes in recaptcha verification behaviour (#1002)
Released 2020-01-08
Fix: Support new MaxmindDB download policy (#1000)
Fix: Support new MaxmindDB download policy
Fix dates in specs
Enhauncement: update sdk version
Co-authored-by: chumaknadya <chumaknadya19@gmail.com>
Released 2019-11-22
Session related improvements
Released 2019-11-22
Feature: Add docs generated step in drone pipeline (#978)
Released 2019-11-19
Add cloudflare middleware to improve remote_ip (#965)
Feature: add configuration and troubleshooting docs (#970)
Feature: Update the CI to use SDK for version bumps (#969)
Reorganize docs && add password_hashing.md (#964)
Unify params by extending Grape::Helpers (#968)
Update loofah && nokogiri && rack-cors versions (#975)
Released 2019-10-30
Add topic to CU on admin/permissions
Released 2019-10-15
Protect superadmin against changes from non-superadmin users (#955)
Update storage-related gems (#957)
Released 2019-10-15
Add redis - hiredis dependency, specify driver in dev env (#951)
Remove redis-store
Released 2019-10-11
push test
Server side sessions via cache_store (#949)
Resolve session expiration and improve cookie hijacking issues by comparing ip network and user_agent
Released 2019-10-10
Feature: allow # \ () & ' : " in profile residental address field (#950)
Released 2019-10-07
Add ability to configure aws_signature_version && endpoint (#947)
Released 2019-10-02
Profile act as eventable on update
Update ruby to 2.6.5 for security reasons
Released 2019-09-26
Use uid instead of id on profile update && delete api
Released 2019-09-23
Use CGI::escape instead of pure url in documents event api
Released 2019-09-23
Introduce MockPhoneVerifyService (#941)
Introduce MockPhoneVerify service
Change verify_code returning value type to bool
Clean TwilioSmsSendService micro code
Make phone always accept code with 'mock' MockPhoneVerifyService
Released 2019-09-20
Add session autorenew
Add the support of twilio verify API (#928)
Released 2019-09-20
Add missing labels event api documentation
Released 2019-09-18
Make labels acts_as_eventable on: [create update] (#936)
Released 2019-09-18
Define DocumentTypes class for flexible doc type configuration (#935)
Released 2019-09-17
Event API changes: remove blocking check for on_update events (#933)
Get rid of 'serialize: JSON', accept 'metadata' as json instead of pure hash (#930)
Simple GET levels requirements endpoint for admin (#932)
Update seeds.yml (#934)
Released 2019-09-17
Add system.session.create event with user and request_ip data (#916)
Released 2019-09-12
Add AliCloud Uploader (#926)
Print backtrace on 500
Add Ali uploader
Disable fetching uploader from env
Allow blank doc_expire for documents controllers
Released 2019-09-07
Add ability to disable 2fa (#925)
Add ability to skip label creation on doc save (#922)
Avoid no method error UTC for nil entities (#921)
Use Barong::App.config.barong_uid_prefix in referral validation (#923)
Released 2019-09-05
Add ability to restrict by geoip (#920)
Add ability to restrict by geoip
Remove city
Update Dockerfile
Released 2019-09-05
Handle Vault errors on POST /api/v2/resource/api_keys (#918)
Released 2019-09-05
Fix structure of event API messages (#912)
Released 2019-09-05
Add :upload in list of params to be filtered
Released 2019-09-04
UPDATES: sessions delete, permissions update, log error on 500 (#917)
Add ability to change all fields in permissions
Return 404 on sessions delete if session is not valid
Log Error on 500
Released 2019-09-04
Add AliCloud Carrierwave storage provider (#911)
Fix rollback to pending state, add missing data in entities (#914)
Support 'with replace' policy on labels update (#915)
Released 2019-09-03
Flexible state - labels flow (#907)
Released 2019-09-03
Ability to update and delete users profiles (#913)
Update profile API
Co-authored-by: chumaknadya <chumaknadya19@gmail.com> Co-authored-by: mnaichuk <mnaichuk@heliostech.fr>
Released 2019-09-02
Add state to Profile model (#910)
Released 2019-09-02
Update Barong::App validations (#904)
Released 2019-08-26
Update nokogiri version (Command injection) (#906)
Released 2019-08-22
Add endpoint for delete restriction (#902)
Released 2019-08-19
Small fixes in document and profile model (#887) (#901)
Released 2019-08-19
Update models' annotations (#895)
Update to ruby 2.6.3 and rails 5.2.3, fix binstubs issue
Released 2019-08-19
Add Management API: push document for user
Add validation for referral && Add ability to get referral uid
Released 2019-08-15
Feature Ability to change UID prefix with BARONG_UID_PREFIX=ABC
Released 2019-08-15
Add Resctrictions (#891)
Updating gem multisign and jwt [ci skip]
Released 2019-08-09
Simple rake task to create users and api keys (#816)
Released 2019-08-02
Add rake task for load users and balances (#885)
Add ability to configure sms content for phone verification (#877)
Allow pending user to open session (#881)
Feature: Add redeploy on devkube step to drone (#874)
Released 2019-08-02
Small fixes in document and profile model (#887)
Released 2019-07-31
Extend doc_type inclusion list, make validation case insensitive (#884)
Released 2019-07-31
Add ability to configure sms content for phone verification (#877)
Update drone for build images for branch 2-2-stable
Released 2019-07-26
Add ability to configure sms content for phone verification (#877)
Allow pending user to open session (#881)
Released 2019-07-25
Feature: Add redeploy on devkube step to drone (#874)
Released 2019-07-17
Add optional :extended UserWithFullInfo entity in /get management API (#872)
Make documents act_as_eventable on create (#871)
Released 2019-07-16
Add filter/users in labels management api module (#864)
Add model.profile.created event (#865)
Add verb PATCH and ALL for admin audit && Update permission seeds (#870)
Support pagination && filtering on post '/list' management API (#861)
Update Readme
Replace Peatio.tech links with Openware.com
Released 2019-06-27
Fix /api/v2/admin/users/update (#857)
Released 2019-06-25
Generate docs in CI
Use JSON logs in production
Merge pull request #849 from rubykube/feature/json_logs
Released 2019-06-24
Added GET /identity/version endpoint
Released 2019-06-24
Changes in admin API module
Released 2019-06-24
Add missing data field in activity logger
Released 2019-06-23
Split and refactor auth spec, add sync auditor for test env
Released 2019-06-14
AUDIT: support PATCH, add default topic, action, seeds (#844)
Released 2019-06-13
Add admin activities based on audit logic (#835)
Released 2019-06-10
Disable APIKeys when user state or otp changes
Released 2019-06-10
Add configuration for :doc_expire
Released 2019-06-10
Fix nil language problem in case of empty string and upcased param
Remove activities from full_info entity
Return empty array instead of 404 error after filtering
Use FullInfo instead of WithProfile to add documents array in response
Released 2019-06-05
Update seeds.yml (#838)
Released 2019-06-04
Add filters feature support on doc pending endpoint
Released 2019-05-28
Add users filtering feature in admin module (#833)
Released 2019-05-28
Add metrics namespace in admin module
Released 2019-05-28
Add ability to get extended info of users with profile (#830)
Released 2019-05-28
Add GET admin/activities and filtering feature
Released 2019-05-27
Add management otp sign endpoint and specs (#827)
Add endpoint to list all user's phones (#831)
Avoid nil language bug on user creation event (#820)
GET /labels/list to return main attributes of existing labels
Permissions Model, Auth logic, Seed, CRUD admin API (#819)
Major Feature: Barong RBAC give the ability to create new roles and block specific routes, it is also recommended to verify roles at the microservice level.
Released 2019-05-13
Added API call to get users with pending documents (#826)
Added API call to get users with pending documents
Changed route for call to users/documents/pending
Added ordering by labels.updated_at
Released 2019-05-09
Add DELETE /resource/users/me to allow user to block his account (#811)
Released 2019-04-09
Add the ability to get list of users by management API & small refactoring (#815)
Add auto-generating doc support (#795)
Move event api jwt private key to Barong::App.config_store (#805)
Released 2019-03-19
API user activity sort desc (#804)
Add ability to search users by labels (#800)
Allow to list API Keys without providing OTP code (#807)
Improve language support in event api, add domain info inside event (#791)
Update rails-related gems versions in favor of github alerts (#809)
Released 2019-03-01
Use 'paginate' on api/v2/admin/users/search (#789)
Released 2019-03-01
Add Entities::Activity model, include it Entities::UserWithFullInfo (#786)
Released 2019-02-27
Start 2.1 development[ci skip] (#787)
Update REST API documentation to v2.0.51[ci skip] (#783)
Released 2019-02-26
Grape and Active Record validation errors handling and unifying (#774)
Released 2019-02-26
Remove -alpha from version name (#782)
Released 2019-02-25
Add v2/admin/users/search endpoint (#769)
Released 2019-02-25
Configure api-pagination tool, add api keys pagination (#780)
Released 2019-02-25
Use destroy instead of delete to enable missing validations (#776)
Released 2019-02-20
Split activity error to wrong topic and no activity (#772)
Released 2019-02-20
Add pagination on /resource/users/activity endpoint (#771)
Released 2019-02-18
Add more API Key validations, fix error on creating with invalid algo (#768)
Released 2019-02-15
User controller improvements (management module) (#763)
Released 2019-02-15
Add language field in reset pass and confirm acc events (#767)
Released 2019-02-07
Add additional error on login in case of banned user (#760)
Released 2019-02-07
Added event api documentation with examples (#745)
Phone API improvements (#747)
Unify errors format in API controllers and Auth lib (#741)
Released 2019-02-06
Take only data from Vault::Secret object && minor refactoring (#757)
Released 2019-02-05
Change default ActionDispatch::Session set-cookie header policy on authz to :skip (#753)
Released 2019-01-31
Fix session_id check & add bypass session lazy load
Released 2019-01-25
Add missing user details in 2fa login response
Released 2019-01-22
Fix Barong::CORS load problem in production env
Released 2019-01-21
Initialize and configure redis && fix reusable token bug (#734)
Released 2019-01-21
Add storage envs in config store and update fetch logic
Fix change code on phone initialize, remove code from logs (#730)
Released 2019-01-21
Add storage envs in config store and update fetch logic
Merge pull request #737 from rubykube/fix/storage-envs
Released 2019-01-16
Move ActionDispatch::Session::CookieStore to sessions controller
Update and split documentation to rest and management
Merge pull request #713 from rubykube/feature/split-docs
Released 2019-01-16
Move AuthZ endpoint to metal-based controller
Released 2019-01-16
Add an ability to specify CORS headers
Released 2019-01-16
Add admin api functionality on user update (#722)
Released 2019-01-16
Fix change password api action from post to put (#724)
Released 2019-01-16
Change regex validations to support non-eng characters (#726)
Released 2019-01-16
Update to ruby 2.6.0 (#707)
Released 2019-01-11
Add configurable session expire time (#720)
Released 2019-01-09
Add referral_id to users table && as an optional param on signup (#709)
Released 2019-01-03
Add users entity on login and /me (#706)
Released 2018-12-26
Small fixes (drone ci, event api updated_at bug) (#702)
Released 2018-12-25
Add carrierwave config for production
Merge pull request #699 from rubykube/fix/storage
Released 2018-12-24
Add update label update for admin module, CRUD for resource
Merge pull request #696 from rubykube/feature/user-labels
Released 2018-12-24
Add label on profile adding without level increase (#697)
Released 2018-12-24
Update the Drone CI to replace Travis and DockerHub (#695)
Remove Travis-related vars from rake release
Add a bump and tag CI job
Add a Docker build and push CI job
Update the CI to trigger tests only on pull-requests
Add bump and tag to drone
Add redeployment flow
Released 2018-12-20
Added missing event with confirmation token on signup * Fix codeclimate
Released 2018-12-19
Admin api module, basic functions coverage
Change multiple docs uploading logic from object to array
Merge pull request #681 from rubykube/feature/admin-api
Merge pull request #665 from bodiasuprun/master
Released 2018-12-17
Add change password enpoint, related activity record and spec
Merge pull request #688 from rubykube/feature/change_password_endpoint
Released 2018-12-12
Added swagger config and documentation for API
Update the production database configuration with DATABASE_NAME from env
Released 2018-12-11
Add link_config script
Released 2018-12-10
Changing done steps
Hotfix for whitelisting public peatio and barong routes
Released 2018-12-10
Add ability to upload multiple documents
Add ability to upload multiple documents
Released 2018-12-09
Drone job missing vault service
Released 2018-12-05
Improve activities coverage
Released 2018-12-05
Fix unhandled totp errors (#675)
Released 2018-12-05
APIKeys spec and related configuration
Add codeclimate config file (#678)
Add bump gem
Add password reset workflow
Add user confirmation workflow
Add Activity model, validations & base specs
Add Activity model & base specs
Add strong password validation Use strong_password gem to check simplicity Add a custom validator to check required symbols
Add managment_api Add jwt initializer Add entities Add tools Add Profile entity Modify user model Modify user factory * Fix spec for users and labels
Add identity user api module && support of captcha Add signup logic Verify captcha serverside Require captcha on signup Optional captcha on signin
Add ability to use twilio in test and development
Add Labels API
Add JWT generator
Add JWT auth
Add sessions_spec
Add Dockerfile
Add Travis file
Add Event API
Co-authored-by: alinetskyi <artem.linetskyi@gmail.conf>
Added missing validations on password update func (#674)
Added Api Keys model, CRUD API, SecretStorage service
Adding Documents API
Adding profile grape resource
Adding KeyStore lib
Have fixed grape api spec helpers
Adding templates
Adding Label Model
Adding Base Grape API
with General Endpoint ping and time
Adding Document model (#3)
Adding Profile model
Adding Level model
Adding User model
Adding backend and db config
AuthZ modifications (#26)
Bump improvements
Change API prefix logic, fix specs, add vault doc
Delete send_real_sms.rb
Enabling sessions#authorize endpoint
Fix activities (#664)
Fix share cookies for development, fix Bump (#658)
Fixes for test and integration environment
Fixing an issue on route :any
Fixing password presence validation
Generate JWT token for apikeys
Hot fixing sessions
Initialize Vault, add TOTPService and Security(2FA) API
Make documents unvisible publicly by changing fog config (#672)
Minor improvements to middleware
Optimizing Dockerfile and removing asset pipeline
Phone model & related API & basic config store logic Add phone model Add class phones in resource api module Add test coverage for phone api Add Barong:App lib as secret key and config storage
rails generate rspec:install
rails new --database=mysql --skip-turbolinks --skip-coffee --skip-test barong
Record activity on session
Rework AuthZ endpoint
Sessions API
Updating bump script
Released 2018-12-04
API tuning: Add security definitions and status code, fixed wrong messages (#488)
Travis allow other branches
Add security definitions Add status codes
API: Added registration and account confirmation scopes
Account unlock logic improvments (#650)
Add filter by lvl (#657)
Add phone verification rate limit for API
Add rack-attack and some API usage limits
Add RabbitMQ middleware for event api
Add grape logger middleware
Add ROOT_DOMAIN for configure sessions (#612)
Add import accounts endpoint
Add endpoint to create accounts with managment api
Add health check actions
Add human errors for cases when vault is down or code was used multiple times
Add restrictions for expire_in
Add email for Event API system.account.reset_password_token, system.account.unlock_token events, system.document.verified, system.document.rejected (#550)
Add email for Event API system.account.reset_password_token and system.account.unlock_token events
Fix documentation for AccountMailer events
Document verification Event API payload and docs updated to have email included
Add validations to document
Add account uid to system.notification.account (#537)
Add account get endpoint for managment API (#486)
Add validations for profile fields (#477)
Fix document expire validation Add datepicker and country_select for admin panel Squish spaces
Add endpoint for resend confirmations
Add otp sign endpoint (#527)
Add localization for grape required fields (#515)
Add CORS middleware (#516)
Add vault logging (#513)
Add new document type (#502)
Add api_key resource and generate jwt session (#441)
Add sentry (#459)
Add condition for unconfirmed emails check (#448)
Add labels to admin panel with CRUD (#414)
Add reset password api (#371)
Extract api helpers to helpers module, style api according to peatio api module
Add specs for phone controller
Add '/v1' prefix for API::V1 routes
Add ability to define title
Add specs for confirmations controller, use public_suffix collection to find root level domain
Add confirmation api
Add shared context for doorkeeper auth, add spec for GET /api/account
Add .codeclimate.yml
Add 2FA docs (#251)
Add 2FA (#205)
Add bot envs in travis.yml (#232)
Add chrome in .travis.yml & update chromedriver-helper (closes #213) (#215)
Add link for enabling 2FA (#172)
Add document validation (#149)
Add UID for Account (#132)
return unless uid blank
Add JWT support to chart (#120)
Add JWT support to chart
Fix Dockerfile after adding JWT support (#103)
Bump docker image and chart versions
Add missing </div> (#104)
Add RAILS_LOG_TO_STDOUT to the chart
Add checking of account lvl
Add helm chart to docker ignore files
Add BS4 for admin & navigation. (#16)
Add admin panel boilerplate (closes #12). (#14)
Add TravisCI configuration & RSpec + Capybara boilerplate. (#8)
Add rubocop.yml (#7)
add checking of current level
add increase lvl function (#59)
Added password strength validation (#455)
Added link_config script (#434)
Added event_api specs (#412)
Added event_api specs
Update event_api.md
Added 2FA api, added otp_enabled to accounts, refactored Vault::TOTP
Added specs for registrations api
Added phone validation tests
Added state for GET profile (#273)
Added get profile API call (#271)
Added autoauthorized application (#156)
Added GCS credentials to helm chartm and charts improvements (#93)
Added GCS credentials to helm charts
Added sender's name (#92)
Added some validations (#82)
Added some validations
Fixed and skiped tests
Added custom logo, header, footer support (#55)
Added favicon (#66)
Added meta tag for mobile view (#62)
Added profiles section to the admin panel (#50)
Added profiles section to the admin panel
Added ability to connect phone number to account (#27)
Added listing of accounts with ability to delete or edit (#22)
added focus on password input (#249)
Adding level flow (#421)
Feature/level logic with labels
Adding level definition (#409)
Adding level definition
Update seeds.rb
Adding excepection for eligible bump
Adding sneaker gem
Adding layout for profiles and documents (#38)
Adding doorkeeper into the stack (#26)
Admin panel fixes (#165)
Fixes regarding with tables styles, Fixes regarding with redirecting in the application page, Fixes regarding with notifications styles
fixed table style on profile show, fixed notice on admin
fixed table styles, added email to profile show action
Allow pdf on barong form
Allow to use alpha2 and alpha3 country format in profile
Allow travis to build image without envs (#508)
Allow setting JWT secret key as pem file (#413)
change != to <
Change password security error message (#511)
Change license to Apache 2.0 (#79)
Changed devise logout path from delete to get request
Changed license in README (#95)
Changed datepicker and sms body (#69)
Changed datepicker and sms body
Fixed test
Changing seeds to users (#422)
Check 2FA on Barong session api (#522)
Check required environments on barong starting (#484)
Check required environments on barong starting
Travis allow other branches
Check vault health
Compute code coverage report (#542)
Configure codeclimate (#348)
Configure codeclimate
Confirm 2FA code before enable otp
Confirm account by devise controller with whitelisted domain
Continue implement features regarding PR #118 (#193)
added roles to the controller, fixed db:load:fake task
fixed db:load:fake task
Create jwt by session
Create correct labels when seed accounts (#560)
Created normal readme (#64)
Creating a role for managing only profiles (#118)
customer css helper (#52)
deleted icon from dropify input (#196)
Deploy (#37)
Deployment stuff improvements
Development & software operations: kite service, Dockerfile, charts, pipeline, Helm & other stuff. (#5)
Different gem subsets dynamic installation (#207)
Display cute notice when the registering email already taken (#70)
Do not trust public label when calculate level (#428)
Documents API
Dont let not active accounts to sign in (#600)
Downcase label key and value before save it (#472)
Downgrade fog-gem version (fix #311)
Enable devise lockable. (#467)
Fix db seed password, replace email validator
Enable devise lockable
Enable cops in .rubocop.yml
Events API, Plugins (#410)
Add ability to install Plugins
Add required gems
Extract api to user_api module (#407)
Add Label managment api
Feature: Add metadata to documents API (#464)
Added metadata field for document
Makes documents spec more readable
Feed existing account with labels corresponding their level [for migration from 1.7 to 1.8] (#498)
Fix phone verification rate limit for API
Fix message error
Fix doorkeeper CVE-2018-1000211 vulnerability
Fix CVE-2018-3760 bug
Fix wrong field in accounts/get (#552)
Fix labels bug with changing scope (#481)
Fix db:seed applications creation (#495)
Fix db:seed applications creation
Add tests for rake db:seed
Fix document types (#490)
Fix typo in phone exists message error (#487)
Fix typo in phone exists message error
Travis allow other branches
Fix issue with api datetime format (#453)
Fix function call (#426)
Fix API error messages (#416)
Fix domain to host (#424)
Fix errors in phones api (#393)
Fix missing PhoneUtils bug (#388)
Fix failing profile specs (#375)
Fix db:seed (#359)
Fix typo in error rescue (#357)
Fix vault specs, add capybara screenshot
Fix codeclimate
Fix codeclimate
Fix codeclimate
Fix phone verification issue
Fix specs
Fix travis version bump
Fix indentation and comments rubocop issues
Fix existing docs & Remove unused docs
Fix multiple issue with cloud storage configurations (#259)
Fix all entered data which is lost when submitting form with invalid data (#231)
Fix issue in travis configuration
Fix invalid number notification color (fix #216) (#222)
Fix issue with resending unlock instructions for #147 (#206)
Fix for index redirecting
Fix for login (#143)
Fix tests due to new forms (#128)
Fix url in Readme (#122)
Fix for button (#100)
Fix for approving profile (#97)
Fix for js (#98)
Fix production mailer & move to helios-public (#47)
Rails production mailer setup & k8s env variables
Use helios-public instead of helios-stage
fix specs
fix lvl buttons
fix code style
add lvl buttons
Fixed all rubocop issues
Fixed bin/setup to work in correct order (#194)
Fixed bin/setup to work in correct order
Updated seeds; added ability to use default creds with workbench
Fixed tests (#192)
Fixed background (#63)
Fixed k8s secrets.yaml
Fixed mail sender email (#61)
Fixed barong host in chart (#57)
fixed all issues related with: git rebase, the tests, the document uploading features (#58)
fixed the tests (#43)
fixed the tests (#42)
fixed the views tests
Fixes docker image build
Fixes for workbench (#142)
Generate api on bump stage
generate API documentation (#158)
Get all labels with managment api
Get international number from phonelib directly (#504)
Get international number from phonelib directly
Use international phone on api phone validation
Google cloud upload (#90)
handle SMS_CONTENT env variable
Handle file size and extension on front-end side with dropify (#209)
Hotfix for rack_attack (#671)
Ignore yarn files
implement lvl for phones
Implement send code API (#423)
Implemented API endpoind for receiving JWT by account and password
Implemented ability to change password by API
Implemented API JWT renewal (#264)
Improve some styles
improve lvl system
Include profile.state in jwt
Include name in jwt (#123)
Increase spec coverage (#378)
Add simplecov
Add specs for controllers
Add spec for vault totp
Fix tests
Increase max size of upload (#162)
increase to lvl 3 after confirmation
Initialize Devise missing views and routes (#9)
K8s (#15)
Update database secrets
K8s secret instance
Barong install or upgrade bash script
Use puma instead of rails s
Limit number of uploaded documents
Lockable in API (#544)
Lockable in API
add endpoint to send/resend unlock instructions
update docs
Profile validations update(fixes specs which was failing sometimes)
add endpoint to unlock account
Lockable for devise (closes #13) (#11)
Make db:seed more flexible (#404)
Make drag and drop for documents work (#154)
Management api config generation from template (#539)
Generate management api from config
Install plugins and make yml files from templates
Put plugins template in standart place
Mark account as discarded istead of delete it (#451)
Mark account as discarded instead of deleting it
Disabled reek
Merge branch 'master' into feature/profiles_api
Merge remote-tracking branch 'origin/master' into feature/2fa_api
Merge remote-tracking branch 'origin/master' into feature/2fa_api
Merge branch 'master' into bugfix/phone_verification_without_code
Merge branch 'master' into bugfix/phone_verification_without_code
Merge branch 'master' into fix/loofah-update
Migrate application levels logic to use labels (#430)
Minor fixes for phones/new form (#150)
Added loader Confirm button disables till the code is sent Check if the phone nubber wasn't modefied after the code was sent
Minor fixes (#141)
Minor fixes to index page (#106)
Minor gem updates
Modify email and sender name (#140)
Mons web verification design (#53)
Adding verification design
Move all logic from profile show to accounts show. Show Phones and Account info (#460)
Remove state from profile
Fix labels issues
after-review improvements
Move all logic from profile show to accounts show (close #449)
Update code with requirements
Disabled reek
Move account registration to account endpoint
moved specs to v1 folder
Moved documentation files (#549)
Moving database.yml file
Moving field role and adding level
Notify user by email when his state changes (#372)
Pass email along with uid to vault (#257)
Prepare initial configuration and gemset: (#6)
Profiles API
Added metadata field to Profiles, which stores JSON data and is using ActiveRecord::Store. Metadata fields are specified by env variable PROFILE_METADATA
Provide License (#21)
Put working links in footer
Made links in footer work Added basic layout on Change Password page
rails new --database=mysql --skip-turbolinks --skip-coffee barong
Rake task to generate swagger-slate docs (#204)
Rake task to generate swagger-slate docs
Run widdershins via 'node node_modules/widdershins/widdershins'
Refactor storages (#241)
Refactored phones
Release Barong v1.0.0
remove unneeded/useless tests/specs (#173)
Remove rack-cors (#519)
Remove identity from default configuration (#505)
Remove identity level from default configuration
Tune codeclimate
Remove env check. It does not work with docker build (#514)
Remove outdated deployment stuff (#452)
Remove invalid concourse pipeline and related stuff
Remove main-logo and useless <div>s (#182)
Removed minimum size limitation for document (#199)
Removed 'utility bill' from 'documents' dropdown options and changed notice for successeful email confirmation (#170)
Removed unused views (#139)
Removed unused controller
Removed unnecessary views (#56)
Removing logo
Replace Faker::Avatar.image to Faker::Company.logo due to server error
Rescue exception in managment api and application controller
Restify api endpoints (#368)
Return understandable vault error, log full message
Return if phone is already in db (#91)
Scaffold website table (#30)
bundle exec rails g model website domain:string:uniq title:string logo:string stylesheet:string header:text footer:text redirect_url:string state:string --force
bundle exec rails g scaffold admin/website domain:string title:string logo:string stylesheet:string header:text footer:text redirect_url:string state:string --model-name=website --no-migration --test-framework=rspec --stylesheet-engine=sass --no-javascripts --integration-tool=rspec
Scaffolding profile has_many documents
Send emails if they are enabled. Add SKIP_EMAILS env (#446)
Set events with correct devise tokens (#528)
Set correct document flash message (#474)
Set correct document flash message
Travis allow other branches
Set account state to active on email confirmation
Set account state along with profile state
Set new devise layout (#155)
Set devise secret on container build (#17)
Set device secret on container build
Docker DEVICE_SECRET_KEY env varible explanation
Show level and labels on account index page (#431)
Small fixes (#171)
Small improvements (#74)
Speed up docker build (#429)
Splitted profile-document form (#131)
Squish label fields (#535)
Add rake task for update level Show level mapping at admin panel
Start Barong 1.8.0 development! (#370)
Merge it after merge 1.7.0 Release branch
Start Barong 1.7.0 development!
Style improvements on documents, sign in/sign up, profiles, removing (#73)
header & fixing tests
Swapping migration version
Switch to grape (#153)
t # This is a combination of 2 commits.
Changed document reference from profile to account
Refactored documents api
Two Factor Auth (#78)
Unifying styles in the admin panel (#105)
Unifying styles in the admin panel (#102)
Unified styling in the admin panel, added default filter for profiles section in the admin panel
Unified styling in the admin panel, added default filter for profiles section in the admin panel
Update gem dependences (#595)
Update api_keys.md
Update travis CI and fix version bumping (#507)
Update ci/bump.rb: add pagination for GitHub API (fixes bumping for older branches). (#458)
Update 1.7.0 migration steps notes (#405)
Update .travis.yml
Update Gemfile
Update the JWT Session payload (closes #245) (#250)
Update chart
Update oauth callback (#127)
update bootstrap gem : 4.1.2 instead 4.0.0
Updated loofah to 2.2.2
Updated documentation (#190)
Use SecureRandom in db:seed (#425)
Use simple serialize instead of Store for metadata field
Use JWT token for authentication (#103)
User level is downgraded to 2 when his profile is rejected (#360)
Validate dates (#228)
Verify captcha after 3 failed attempts on sign in
Verify captcha serverside is it's enabled
Generate api on bump stage
Merge pull request #609 from mnaichuk/fix/messages
Merge pull request #575 from rxx/fix_api_key_1_8
Merge pull request #569 from rxx/bugfix/fix_bump
Merge pull request #567 from rxx/feature/generate_api_from_bump
Merge pull request #568 from rxx/feature/pdf_upload
Merge pull request #566 from rxx/feature/vault_security
Merge pull request #564 from rxx/feature/managment_labels_list
Merge pull request #565 from rxx/bugfix/fix_expires_in
Merge pull request #561 from maksim-litvinov/bugfix/fix_vault_errors
Merge pull request #563 from maksim-litvinov/countries_alpha2_alpha3
Merge pull request #558 from maksim-litvinov/sprokets_bug_fix_18
Merge pull request #551 from maksim-litvinov/feature/add_document_validations
Merge pull request #554 from shingonoide/fixes_image_build
Merge pull request #336 from rubykube/feature/profiles_api
Merge pull request #327 from rubykube/feature/2fa_api
Merge pull request #341 from rubykube/bugfix/phone_verification_without_code
Merge pull request #352 from andreymakovenko/master
Merge pull request #287 from gfedorenko/fix/loofah-update
Merge pull request #279 from gfedorenko/fix/default-state
Merge pull request #270 from rubykube/fix/account-state
Merge pull request #233 from ashanaakh/bugfix/travis-fix
Merge pull request #180 from gfedorenko/fix/routing
Merge pull request #133 from gfedorenko/fix/footer
Merge pull request #134 from ashanaakh/fix/chart
Merge pull request #135 from mafarain/include_state
Merge pull request #81 from ashanaakh/logs
Merge pull request #71 from spavlishak/fixes/styles
Merge pull request #65 from vpetrusenko/level
Merge pull request #68 from ashanaakh/dockerignore/fix
Released 2018-12-04
APIKeys spec and related configuration
Add bump gem
Add password reset workflow
Add user confirmation workflow
Add Activity model, validations & base specs
Add Activity model & base specs
Add strong password validation Use strong_password gem to check simplicity Add a custom validator to check required symbols
Add managment_api Add jwt initializer Add entities Add tools Add Profile entity Modify user model Modify user factory * Fix spec for users and labels
Add identity user api module && support of captcha Add signup logic Verify captcha serverside Require captcha on signup Optional captcha on signin
Add ability to use twilio in test and development
Add Labels API
Add JWT generator
Add JWT auth
Add sessions_spec
Add Dockerfile
Add Travis file
Add Event API
Co-authored-by: alinetskyi <artem.linetskyi@gmail.conf>
Added Api Keys model, CRUD API, SecretStorage service
Adding Documents API
Adding profile grape resource
Adding KeyStore lib
Have fixed grape api spec helpers
Adding templates
Adding Label Model
Adding Base Grape API
with General Endpoint ping and time
Adding Document model (#3)
Adding Profile model
Adding Level model
Adding User model
Adding backend and db config
AuthZ modifications (#26)
Bump improvements
Change API prefix logic, fix specs, add vault doc
Delete send_real_sms.rb
Enabling sessions#authorize endpoint
Fix activities (#664)
Fix share cookies for development, fix Bump (#658)
Fixes for test and integration environment
Fixing an issue on route :any
Fixing password presence validation
Generate JWT token for apikeys
Hot fixing sessions
Initialize Vault, add TOTPService and Security(2FA) API
Make documents unvisible publicly by changing fog config (#672)
Minor improvements to middleware
Optimizing Dockerfile and removing asset pipeline
Phone model & related API & basic config store logic Add phone model Add class phones in resource api module Add test coverage for phone api Add Barong:App lib as secret key and config storage
rails generate rspec:install
rails new --database=mysql --skip-turbolinks --skip-coffee --skip-test barong
Record activity on session
Rework AuthZ endpoint
Sessions API
Updating bump script
Released 2018-12-04
API tuning: Add security definitions and status code, fixed wrong messages (#488)
Travis allow other branches
Add security definitions Add status codes
Add phone verification rate limit for API
Add rack-attack and some API usage limits
Add grape logger middleware
Add a stronger validation for passwords
Add ROOT_DOMAIN for configure sessions (#611)
Add import accounts endpoint
Add endpoint to create accounts with managment api
Add health check actions
Add human errors for cases when vault is down or code was used multiple times
Add restrictions for expire_in
Add validations to document
Add SMTP_ADDRESS and SMTP_PORT environment variable in development
Add email for Event API system.account.reset_password_token, system.account.unlock_token events, system.document.verified, system.document.rejected (#550)
Add email for Event API system.account.reset_password_token and system.account.unlock_token events
Fix documentation for AccountMailer events
Document verification Event API payload and docs updated to have email included
Add account uid to system.notification.account (#537)
Add account get endpoint for managment API (#486)
Add validations for profile fields (#477)
Fix document expire validation Add datepicker and country_select for admin panel Squish spaces
Add endpoint for resend confirmations
Add otp sign endpoint (#527)
Add localization for grape required fields (#515)
Add CORS middleware (#516)
Add vault logging (#513)
Add new document type (#502)
Allow to configure scopes from env (#618)
Allow to configure smtp url address (#616)
Allow pdf on barong form
Allow to use alpha2 and alpha3 country format in profile
Allow to configure multiple CORS at barong
Allow travis to build image without envs (#508)
barong fixing security flags in docs (#596)
Change password security error message (#511)
Check 2FA on Barong session api (#522)
Check required environments on barong starting (#484)
Check required environments on barong starting
Travis allow other branches
Compute code coverage report (#542)
Create jwt by session
Create correct labels when seed accounts (#579)
Define minimum password length in ENV (#626)
Dont let not active accounts to sign in (#608)
Downcase label key and value before save it (#472)
Feed existing account with labels corresponding their level [for migration from 1.7 to 1.8] (#498)
Fix: DEPRECATION WARNING
Fix issue with jwt in dev mode (#630)
Fix issue with hardcoded JWT_SHARED_SECRET_KEY (#629)
Fix message error
Fix doorkeeper CVE-2018-1000211 vulnerability
Fix CVE-2018-3760 bug
Fix rubocop
Fix wrong field in accounts/get (#552)
Fix labels bug with changing scope (#481)
Fix db:seed applications creation (#495)
Fix db:seed applications creation
Add tests for rake db:seed
Fix document types (#490)
Fix typo in phone exists message error (#487)
Fix typo in phone exists message error
Travis allow other branches
Fixes docker image build
Generate api on bump stage
Get all labels with managment api
Get international number from phonelib directly (#504)
Get international number from phonelib directly
Use international phone on api phone validation
Limit number of uploaded documents
Lockable in API (#544)
Lockable in API
add endpoint to send/resend unlock instructions
update docs
Profile validations update(fixes specs which was failing sometimes)
add endpoint to unlock account
Make documents invisible publicly by changing fog config (#673)
Management api config generation from template (#539)
Generate management api from config
Install plugins and make yml files from templates
Put plugins template in standart place
Merge branch 'master' into fix-messages
Moved documentation files (#549)
Release Barong v1.9
Remove rack-cors (#519)
Remove identity from default configuration (#505)
Remove identity level from default configuration
Tune codeclimate
Remove env check. It does not work with docker build (#514)
Replace Faker::Avatar.image to Faker::Company.logo due to server error
Rescue exception in managment api and application controller
Return understandable vault error, log full message
Save scopes in APIKey as serialized array (closes #585) (#597)
Set cookies from /api/sessions
Set events with correct devise tokens (#528)
Set correct document flash message (#474)
Set correct document flash message
Travis allow other branches
Squish label fields (#535)
Add rake task for update level Show level mapping at admin panel
Unlock account after 1 hour of being locked (#649)
update bootstrap gem : 4.1.2 instead 4.0.0
Update api_keys.md (#592)
Update gem dependences (#595)
Update docs api_keys
Update project to rails v5.2.1
Update rails version to v5.2.1
Update ruby version to v2.5.1
Update api_keys.md
Update travis CI and fix version bumping (#507)
Verify captcha serverside if it's enabled (#617)
Verify captcha serverside is it's enabled
Verify captcha after 3 failed attempts on sign in
Don't check captcha is password is valid
Generate api on bump stage
Merge pull request #601 from mnaichuk/fix-messages
Merge pull request #557 from maksim-litvinov/sprocket_bug_fix
Merge pull request #543 from maksim-litvinov/master_update
Released 2018-12-03
API tuning: Add security definitions and status code, fixed wrong messages (#488)
Travis allow other branches
Add security definitions Add status codes
API: Added registration and account confirmation scopes
Add filter by lvl (#657)
Add phone verification rate limit for API
Add rack-attack and some API usage limits
Add RabbitMQ middleware for event api
Add grape logger middleware
Add ROOT_DOMAIN for configure sessions (#612)
Add import accounts endpoint
Add endpoint to create accounts with managment api
Add health check actions
Add human errors for cases when vault is down or code was used multiple times
Add restrictions for expire_in
Add email for Event API system.account.reset_password_token, system.account.unlock_token events, system.document.verified, system.document.rejected (#550)
Add email for Event API system.account.reset_password_token and system.account.unlock_token events
Fix documentation for AccountMailer events
Document verification Event API payload and docs updated to have email included
Add validations to document
Add account uid to system.notification.account (#537)
Add account get endpoint for managment API (#486)
Add validations for profile fields (#477)
Fix document expire validation Add datepicker and country_select for admin panel Squish spaces
Add endpoint for resend confirmations
Add otp sign endpoint (#527)
Add localization for grape required fields (#515)
Add CORS middleware (#516)
Add vault logging (#513)
Add new document type (#502)
Add api_key resource and generate jwt session (#441)
Add sentry (#459)
Add condition for unconfirmed emails check (#448)
Add labels to admin panel with CRUD (#414)
Add reset password api (#371)
Extract api helpers to helpers module, style api according to peatio api module
Add specs for phone controller
Add '/v1' prefix for API::V1 routes
Add ability to define title
Add specs for confirmations controller, use public_suffix collection to find root level domain
Add confirmation api
Add shared context for doorkeeper auth, add spec for GET /api/account
Add .codeclimate.yml
Add 2FA docs (#251)
Add 2FA (#205)
Add bot envs in travis.yml (#232)
Add chrome in .travis.yml & update chromedriver-helper (closes #213) (#215)
Add link for enabling 2FA (#172)
Add document validation (#149)
Add UID for Account (#132)
return unless uid blank
Add JWT support to chart (#120)
Add JWT support to chart
Fix Dockerfile after adding JWT support (#103)
Bump docker image and chart versions
Add missing </div> (#104)
Add RAILS_LOG_TO_STDOUT to the chart
Add checking of account lvl
Add helm chart to docker ignore files
Add BS4 for admin & navigation. (#16)
Add admin panel boilerplate (closes #12). (#14)
Add TravisCI configuration & RSpec + Capybara boilerplate. (#8)
Add rubocop.yml (#7)
add checking of current level
add increase lvl function (#59)
added focus on password input (#249)
Added password strength validation (#455)
Added link_config script (#434)
Added event_api specs (#412)
Added event_api specs
Update event_api.md
Added 2FA api, added otp_enabled to accounts, refactored Vault::TOTP
Added specs for registrations api
Added phone validation tests
Added state for GET profile (#273)
Added get profile API call (#271)
Added autoauthorized application (#156)
Added GCS credentials to helm chartm and charts improvements (#93)
Added GCS credentials to helm charts
Added sender's name (#92)
Added some validations (#82)
Added some validations
Fixed and skiped tests
Added custom logo, header, footer support (#55)
Added favicon (#66)
Added meta tag for mobile view (#62)
Added profiles section to the admin panel (#50)
Added profiles section to the admin panel
Added ability to connect phone number to account (#27)
Added listing of accounts with ability to delete or edit (#22)
Adding level flow (#421)
Feature/level logic with labels
Adding level definition (#409)
Adding level definition
Update seeds.rb
Adding excepection for eligible bump
Adding sneaker gem
Adding layout for profiles and documents (#38)
Adding doorkeeper into the stack (#26)
Admin panel fixes (#165)
Fixes regarding with tables styles, Fixes regarding with redirecting in the application page, Fixes regarding with notifications styles
fixed table style on profile show, fixed notice on admin
fixed table styles, added email to profile show action
Allow pdf on barong form
Allow to use alpha2 and alpha3 country format in profile
Allow travis to build image without envs (#508)
Allow setting JWT secret key as pem file (#413)
Change password security error message (#511)
Change license to Apache 2.0 (#79)
change != to <
Changed devise logout path from delete to get request
Changed license in README (#95)
Changed datepicker and sms body (#69)
Changed datepicker and sms body
Fixed test
Changing seeds to users (#422)
Check 2FA on Barong session api (#522)
Check required environments on barong starting (#484)
Check required environments on barong starting
Travis allow other branches
Check vault health
Compute code coverage report (#542)
Configure codeclimate (#348)
Configure codeclimate
Confirm 2FA code before enable otp
Confirm account by devise controller with whitelisted domain
Continue implement features regarding PR #118 (#193)
added roles to the controller, fixed db:load:fake task
fixed db:load:fake task
Create jwt by session
Create correct labels when seed accounts (#560)
Created normal readme (#64)
Creating a role for managing only profiles (#118)
customer css helper (#52)
deleted icon from dropify input (#196)
Deploy (#37)
Deployment stuff improvements
Development & software operations: kite service, Dockerfile, charts, pipeline, Helm & other stuff. (#5)
Different gem subsets dynamic installation (#207)
Display cute notice when the registering email already taken (#70)
Do not trust public label when calculate level (#428)
Documents API
Dont let not active accounts to sign in (#600)
Downcase label key and value before save it (#472)
Downgrade fog-gem version (fix #311)
Enable devise lockable. (#467)
Fix db seed password, replace email validator
Enable devise lockable
Enable cops in .rubocop.yml
Events API, Plugins (#410)
Add ability to install Plugins
Add required gems
Extract api to user_api module (#407)
Add Label managment api
Feature: Add metadata to documents API (#464)
Added metadata field for document
Makes documents spec more readable
Feed existing account with labels corresponding their level [for migration from 1.7 to 1.8] (#498)
Fix phone verification rate limit for API
Fix message error
Fix doorkeeper CVE-2018-1000211 vulnerability
Fix CVE-2018-3760 bug
Fix wrong field in accounts/get (#552)
Fix labels bug with changing scope (#481)
Fix db:seed applications creation (#495)
Fix db:seed applications creation
Add tests for rake db:seed
Fix document types (#490)
Fix typo in phone exists message error (#487)
Fix typo in phone exists message error
Travis allow other branches
Fix issue with api datetime format (#453)
Fix function call (#426)
Fix API error messages (#416)
Fix domain to host (#424)
Fix errors in phones api (#393)
Fix missing PhoneUtils bug (#388)
Fix failing profile specs (#375)
Fix db:seed (#359)
Fix typo in error rescue (#357)
Fix vault specs, add capybara screenshot
Fix codeclimate
Fix codeclimate
Fix codeclimate
Fix phone verification issue
Fix specs
Fix travis version bump
Fix indentation and comments rubocop issues
Fix existing docs & Remove unused docs
Fix multiple issue with cloud storage configurations (#259)
Fix all entered data which is lost when submitting form with invalid data (#231)
Fix issue in travis configuration
Fix invalid number notification color (fix #216) (#222)
Fix issue with resending unlock instructions for #147 (#206)
Fix for index redirecting
Fix for login (#143)
Fix tests due to new forms (#128)
Fix url in Readme (#122)
Fix for button (#100)
Fix for approving profile (#97)
Fix for js (#98)
Fix production mailer & move to helios-public (#47)
Rails production mailer setup & k8s env variables
Use helios-public instead of helios-stage
fix specs
fix lvl buttons
fix code style
add lvl buttons
Fixed all rubocop issues
Fixed bin/setup to work in correct order (#194)
Fixed bin/setup to work in correct order
Updated seeds; added ability to use default creds with workbench
Fixed tests (#192)
Fixed background (#63)
Fixed k8s secrets.yaml
Fixed mail sender email (#61)
Fixed barong host in chart (#57)
fixed all issues related with: git rebase, the tests, the document uploading features (#58)
fixed the tests (#43)
fixed the tests (#42)
fixed the views tests
Fixes docker image build
Fixes for workbench (#142)
Generate api on bump stage
generate API documentation (#158)
Get all labels with managment api
Get international number from phonelib directly (#504)
Get international number from phonelib directly
Use international phone on api phone validation
Google cloud upload (#90)
Handle file size and extension on front-end side with dropify (#209)
handle SMS_CONTENT env variable
Hotfix for rack_attack (#671)
Ignore yarn files
Implement send code API (#423)
implement lvl for phones
Implemented API endpoind for receiving JWT by account and password
Implemented ability to change password by API
Implemented API JWT renewal (#264)
improve lvl system
Improve some styles
Include profile.state in jwt
Include name in jwt (#123)
increase to lvl 3 after confirmation
Increase spec coverage (#378)
Add simplecov
Add specs for controllers
Add spec for vault totp
Fix tests
Increase max size of upload (#162)
Initialize Devise missing views and routes (#9)
K8s (#15)
Update database secrets
K8s secret instance
Barong install or upgrade bash script
Use puma instead of rails s
Limit number of uploaded documents
Lockable in API (#544)
Lockable in API
add endpoint to send/resend unlock instructions
update docs
Profile validations update(fixes specs which was failing sometimes)
add endpoint to unlock account
Lockable for devise (closes #13) (#11)
Make db:seed more flexible (#404)
Make drag and drop for documents work (#154)
Management api config generation from template (#539)
Generate management api from config
Install plugins and make yml files from templates
Put plugins template in standart place
Mark account as discarded istead of delete it (#451)
Mark account as discarded instead of deleting it
Disabled reek
Merge branch 'master' into feature/profiles_api
Merge remote-tracking branch 'origin/master' into feature/2fa_api
Merge remote-tracking branch 'origin/master' into feature/2fa_api
Merge branch 'master' into bugfix/phone_verification_without_code
Merge branch 'master' into bugfix/phone_verification_without_code
Merge branch 'master' into fix/loofah-update
Migrate application levels logic to use labels (#430)
Minor fixes for phones/new form (#150)
Added loader Confirm button disables till the code is sent Check if the phone nubber wasn't modefied after the code was sent
Minor fixes (#141)
Minor fixes to index page (#106)
Minor gem updates
Modify email and sender name (#140)
Mons web verification design (#53)
Adding verification design
Move all logic from profile show to accounts show. Show Phones and Account info (#460)
Remove state from profile
Fix labels issues
after-review improvements
Move all logic from profile show to accounts show (close #449)
Update code with requirements
Disabled reek
Move account registration to account endpoint
Moved documentation files (#549)
moved specs to v1 folder
Moving database.yml file
Moving field role and adding level
Notify user by email when his state changes (#372)
Pass email along with uid to vault (#257)
Prepare initial configuration and gemset: (#6)
Profiles API
Added metadata field to Profiles, which stores JSON data and is using ActiveRecord::Store. Metadata fields are specified by env variable PROFILE_METADATA
Provide License (#21)
Put working links in footer
Made links in footer work Added basic layout on Change Password page
rails new --database=mysql --skip-turbolinks --skip-coffee barong
Rake task to generate swagger-slate docs (#204)
Rake task to generate swagger-slate docs
Run widdershins via 'node node_modules/widdershins/widdershins'
Refactor storages (#241)
Refactored phones
Release Barong v1.0.0
Remove rack-cors (#519)
Remove identity from default configuration (#505)
Remove identity level from default configuration
Tune codeclimate
Remove env check. It does not work with docker build (#514)
Remove outdated deployment stuff (#452)
Remove invalid concourse pipeline and related stuff
Remove main-logo and useless <div>s (#182)
remove unneeded/useless tests/specs (#173)
Removed minimum size limitation for document (#199)
Removed 'utility bill' from 'documents' dropdown options and changed notice for successeful email confirmation (#170)
Removed unused views (#139)
Removed unused controller
Removed unnecessary views (#56)
Removing logo
Replace Faker::Avatar.image to Faker::Company.logo due to server error
Rescue exception in managment api and application controller
Restify api endpoints (#368)
Return understandable vault error, log full message
Return if phone is already in db (#91)
Scaffold website table (#30)
bundle exec rails g model website domain:string:uniq title:string logo:string stylesheet:string header:text footer:text redirect_url:string state:string --force
bundle exec rails g scaffold admin/website domain:string title:string logo:string stylesheet:string header:text footer:text redirect_url:string state:string --model-name=website --no-migration --test-framework=rspec --stylesheet-engine=sass --no-javascripts --integration-tool=rspec
Scaffolding profile has_many documents
Send emails if they are enabled. Add SKIP_EMAILS env (#446)
Set events with correct devise tokens (#528)
Set correct document flash message (#474)
Set correct document flash message
Travis allow other branches
Set account state to active on email confirmation
Set account state along with profile state
Set new devise layout (#155)
Set devise secret on container build (#17)
Set device secret on container build
Docker DEVICE_SECRET_KEY env varible explanation
Show level and labels on account index page (#431)
Small fixes (#171)
Small improvements (#74)
Speed up docker build (#429)
Splitted profile-document form (#131)
Squish label fields (#535)
Add rake task for update level Show level mapping at admin panel
Start Barong 1.8.0 development! (#370)
Merge it after merge 1.7.0 Release branch
Start Barong 1.7.0 development!
Style improvements on documents, sign in/sign up, profiles, removing (#73)
header & fixing tests
Swapping migration version
Switch to grape (#153)
t # This is a combination of 2 commits.
Changed document reference from profile to account
Refactored documents api
Two Factor Auth (#78)
Unifying styles in the admin panel (#105)
Unifying styles in the admin panel (#102)
Unified styling in the admin panel, added default filter for profiles section in the admin panel
Unified styling in the admin panel, added default filter for profiles section in the admin panel
update bootstrap gem : 4.1.2 instead 4.0.0
Update gem dependences (#595)
Update api_keys.md
Update travis CI and fix version bumping (#507)
Update ci/bump.rb: add pagination for GitHub API (fixes bumping for older branches). (#458)
Update 1.7.0 migration steps notes (#405)
Update .travis.yml
Update Gemfile
Update the JWT Session payload (closes #245) (#250)
Update chart
Update oauth callback (#127)
Updated loofah to 2.2.2
Updated documentation (#190)
Use SecureRandom in db:seed (#425)
Use simple serialize instead of Store for metadata field
Use JWT token for authentication (#103)
User level is downgraded to 2 when his profile is rejected (#360)
Validate dates (#228)
Verify captcha after 3 failed attempts on sign in
Verify captcha serverside is it's enabled
Generate api on bump stage
Merge pull request #609 from mnaichuk/fix/messages
Merge pull request #575 from rxx/fix_api_key_1_8
Merge pull request #569 from rxx/bugfix/fix_bump
Merge pull request #567 from rxx/feature/generate_api_from_bump
Merge pull request #568 from rxx/feature/pdf_upload
Merge pull request #566 from rxx/feature/vault_security
Merge pull request #564 from rxx/feature/managment_labels_list
Merge pull request #565 from rxx/bugfix/fix_expires_in
Merge pull request #561 from maksim-litvinov/bugfix/fix_vault_errors
Merge pull request #563 from maksim-litvinov/countries_alpha2_alpha3
Merge pull request #558 from maksim-litvinov/sprokets_bug_fix_18
Merge pull request #551 from maksim-litvinov/feature/add_document_validations
Merge pull request #554 from shingonoide/fixes_image_build
Merge pull request #336 from rubykube/feature/profiles_api
Merge pull request #327 from rubykube/feature/2fa_api
Merge pull request #341 from rubykube/bugfix/phone_verification_without_code
Merge pull request #352 from andreymakovenko/master
Merge pull request #287 from gfedorenko/fix/loofah-update
Merge pull request #279 from gfedorenko/fix/default-state
Merge pull request #270 from rubykube/fix/account-state
Merge pull request #233 from ashanaakh/bugfix/travis-fix
Merge pull request #180 from gfedorenko/fix/routing
Merge pull request #133 from gfedorenko/fix/footer
Merge pull request #134 from ashanaakh/fix/chart
Merge pull request #135 from mafarain/include_state
Merge pull request #81 from ashanaakh/logs
Merge pull request #71 from spavlishak/fixes/styles
Merge pull request #65 from vpetrusenko/level
Merge pull request #68 from ashanaakh/dockerignore/fix
Released 2018-11-29
APIKeys spec and related configuration
Add bump gem
Add password reset workflow
Add user confirmation workflow
Add Activity model, validations & base specs
Add Activity model & base specs
Add strong password validation Use strong_password gem to check simplicity Add a custom validator to check required symbols
Add managment_api Add jwt initializer Add entities Add tools Add Profile entity Modify user model Modify user factory * Fix spec for users and labels
Add identity user api module && support of captcha Add signup logic Verify captcha serverside Require captcha on signup Optional captcha on signin
Add ability to use twilio in test and development
Add Labels API
Add JWT generator
Add JWT auth
Add sessions_spec
Add Dockerfile
Add Travis file
Add Event API
Co-authored-by: alinetskyi <artem.linetskyi@gmail.conf>
Added Api Keys model, CRUD API, SecretStorage service
Adding Documents API
Adding profile grape resource
Adding KeyStore lib
Have fixed grape api spec helpers
Adding templates
Adding Label Model
Adding Base Grape API
with General Endpoint ping and time
Adding Document model (#3)
Adding Profile model
Adding Level model
Adding User model
Adding backend and db config
AuthZ modifications (#26)
Bump improvements
Change API prefix logic, fix specs, add vault doc
Delete send_real_sms.rb
Enabling sessions#authorize endpoint
Fix activities (#664)
Fix share cookies for development, fix Bump (#658)
Fixes for test and integration environment
Fixing an issue on route :any
Fixing password presence validation
Generate JWT token for apikeys
Hot fixing sessions
Initialize Vault, add TOTPService and Security(2FA) API
Minor improvements to middleware
Optimizing Dockerfile and removing asset pipeline
Phone model & related API & basic config store logic Add phone model Add class phones in resource api module Add test coverage for phone api Add Barong:App lib as secret key and config storage
rails generate rspec:install
rails new --database=mysql --skip-turbolinks --skip-coffee --skip-test barong
Record activity on session
Rework AuthZ endpoint
Sessions API
Updating bump script
Released 2018-11-27
API tuning: Add security definitions and status code, fixed wrong messages (#488)
Travis allow other branches
Add security definitions Add status codes
API: Added registration and account confirmation scopes
Add filter by lvl (#657)
Add phone verification rate limit for API
Add rack-attack and some API usage limits
Add RabbitMQ middleware for event api
Add grape logger middleware
Add ROOT_DOMAIN for configure sessions (#612)
Add import accounts endpoint
Add endpoint to create accounts with managment api
Add health check actions
Add human errors for cases when vault is down or code was used multiple times
Add restrictions for expire_in
Add email for Event API system.account.reset_password_token, system.account.unlock_token events, system.document.verified, system.document.rejected (#550)
Add email for Event API system.account.reset_password_token and system.account.unlock_token events
Fix documentation for AccountMailer events
Document verification Event API payload and docs updated to have email included
Add validations to document
Add account uid to system.notification.account (#537)
Add account get endpoint for managment API (#486)
Add validations for profile fields (#477)
Fix document expire validation Add datepicker and country_select for admin panel Squish spaces
Add endpoint for resend confirmations
Add otp sign endpoint (#527)
Add localization for grape required fields (#515)
Add CORS middleware (#516)
Add vault logging (#513)
Add new document type (#502)
Add api_key resource and generate jwt session (#441)
Add sentry (#459)
Add condition for unconfirmed emails check (#448)
Add labels to admin panel with CRUD (#414)
Add reset password api (#371)
Extract api helpers to helpers module, style api according to peatio api module
Add specs for phone controller
Add '/v1' prefix for API::V1 routes
Add ability to define title
Add specs for confirmations controller, use public_suffix collection to find root level domain
Add confirmation api
Add shared context for doorkeeper auth, add spec for GET /api/account
Add .codeclimate.yml
Add 2FA docs (#251)
Add 2FA (#205)
Add bot envs in travis.yml (#232)
Add chrome in .travis.yml & update chromedriver-helper (closes #213) (#215)
Add link for enabling 2FA (#172)
Add document validation (#149)
Add UID for Account (#132)
return unless uid blank
Add JWT support to chart (#120)
Add JWT support to chart
Fix Dockerfile after adding JWT support (#103)
Bump docker image and chart versions
Add missing </div> (#104)
Add RAILS_LOG_TO_STDOUT to the chart
Add checking of account lvl
Add helm chart to docker ignore files
Add BS4 for admin & navigation. (#16)
Add admin panel boilerplate (closes #12). (#14)
Add TravisCI configuration & RSpec + Capybara boilerplate. (#8)
Add rubocop.yml (#7)
add checking of current level
add increase lvl function (#59)
added focus on password input (#249)
Added password strength validation (#455)
Added link_config script (#434)
Added event_api specs (#412)
Added event_api specs
Update event_api.md
Added 2FA api, added otp_enabled to accounts, refactored Vault::TOTP
Added specs for registrations api
Added phone validation tests
Added state for GET profile (#273)
Added get profile API call (#271)
Added autoauthorized application (#156)
Added GCS credentials to helm chartm and charts improvements (#93)
Added GCS credentials to helm charts
Added sender's name (#92)
Added some validations (#82)
Added some validations
Fixed and skiped tests
Added custom logo, header, footer support (#55)
Added favicon (#66)
Added meta tag for mobile view (#62)
Added profiles section to the admin panel (#50)
Added profiles section to the admin panel
Added ability to connect phone number to account (#27)
Added listing of accounts with ability to delete or edit (#22)
Adding level flow (#421)
Feature/level logic with labels
Adding level definition (#409)
Adding level definition
Update seeds.rb
Adding excepection for eligible bump
Adding sneaker gem
Adding layout for profiles and documents (#38)
Adding doorkeeper into the stack (#26)
Admin panel fixes (#165)
Fixes regarding with tables styles, Fixes regarding with redirecting in the application page, Fixes regarding with notifications styles
fixed table style on profile show, fixed notice on admin
fixed table styles, added email to profile show action
Allow pdf on barong form
Allow to use alpha2 and alpha3 country format in profile
Allow travis to build image without envs (#508)
Allow setting JWT secret key as pem file (#413)
change != to <
Change password security error message (#511)
Change license to Apache 2.0 (#79)
Changed devise logout path from delete to get request
Changed license in README (#95)
Changed datepicker and sms body (#69)
Changed datepicker and sms body
Fixed test
Changing seeds to users (#422)
Check 2FA on Barong session api (#522)
Check required environments on barong starting (#484)
Check required environments on barong starting
Travis allow other branches
Check vault health
Compute code coverage report (#542)
Configure codeclimate (#348)
Configure codeclimate
Confirm 2FA code before enable otp
Confirm account by devise controller with whitelisted domain
Continue implement features regarding PR #118 (#193)
added roles to the controller, fixed db:load:fake task
fixed db:load:fake task
Create jwt by session
Create correct labels when seed accounts (#560)
Created normal readme (#64)
Creating a role for managing only profiles (#118)
customer css helper (#52)
deleted icon from dropify input (#196)
Deploy (#37)
Deployment stuff improvements
Development & software operations: kite service, Dockerfile, charts, pipeline, Helm & other stuff. (#5)
Different gem subsets dynamic installation (#207)
Display cute notice when the registering email already taken (#70)
Do not trust public label when calculate level (#428)
Documents API
Dont let not active accounts to sign in (#600)
Downcase label key and value before save it (#472)
Downgrade fog-gem version (fix #311)
Enable devise lockable. (#467)
Fix db seed password, replace email validator
Enable devise lockable
Enable cops in .rubocop.yml
Events API, Plugins (#410)
Add ability to install Plugins
Add required gems
Extract api to user_api module (#407)
Add Label managment api
Feature: Add metadata to documents API (#464)
Added metadata field for document
Makes documents spec more readable
Feed existing account with labels corresponding their level [for migration from 1.7 to 1.8] (#498)
fix specs
fix lvl buttons
fix code style
add lvl buttons
Fix phone verification rate limit for API
Fix message error
Fix doorkeeper CVE-2018-1000211 vulnerability
Fix CVE-2018-3760 bug
Fix wrong field in accounts/get (#552)
Fix labels bug with changing scope (#481)
Fix db:seed applications creation (#495)
Fix db:seed applications creation
Add tests for rake db:seed
Fix document types (#490)
Fix typo in phone exists message error (#487)
Fix typo in phone exists message error
Travis allow other branches
Fix issue with api datetime format (#453)
Fix function call (#426)
Fix API error messages (#416)
Fix domain to host (#424)
Fix errors in phones api (#393)
Fix missing PhoneUtils bug (#388)
Fix failing profile specs (#375)
Fix db:seed (#359)
Fix typo in error rescue (#357)
Fix vault specs, add capybara screenshot
Fix codeclimate
Fix codeclimate
Fix codeclimate
Fix phone verification issue
Fix specs
Fix travis version bump
Fix indentation and comments rubocop issues
Fix existing docs & Remove unused docs
Fix multiple issue with cloud storage configurations (#259)
Fix all entered data which is lost when submitting form with invalid data (#231)
Fix issue in travis configuration
Fix invalid number notification color (fix #216) (#222)
Fix issue with resending unlock instructions for #147 (#206)
Fix for index redirecting
Fix for login (#143)
Fix tests due to new forms (#128)
Fix url in Readme (#122)
Fix for button (#100)
Fix for approving profile (#97)
Fix for js (#98)
Fix production mailer & move to helios-public (#47)
Rails production mailer setup & k8s env variables
Use helios-public instead of helios-stage
fixed all issues related with: git rebase, the tests, the document uploading features (#58)
fixed the tests (#43)
fixed the tests (#42)
fixed the views tests
Fixed all rubocop issues
Fixed bin/setup to work in correct order (#194)
Fixed bin/setup to work in correct order
Updated seeds; added ability to use default creds with workbench
Fixed tests (#192)
Fixed background (#63)
Fixed k8s secrets.yaml
Fixed mail sender email (#61)
Fixed barong host in chart (#57)
Fixes docker image build
Fixes for workbench (#142)
generate API documentation (#158)
Generate api on bump stage
Get all labels with managment api
Get international number from phonelib directly (#504)
Get international number from phonelib directly
Use international phone on api phone validation
Google cloud upload (#90)
handle SMS_CONTENT env variable
Handle file size and extension on front-end side with dropify (#209)
Ignore yarn files
Implement send code API (#423)
implement lvl for phones
Implemented API endpoind for receiving JWT by account and password
Implemented ability to change password by API
Implemented API JWT renewal (#264)
Improve some styles
improve lvl system
Include profile.state in jwt
Include name in jwt (#123)
increase to lvl 3 after confirmation
Increase spec coverage (#378)
Add simplecov
Add specs for controllers
Add spec for vault totp
Fix tests
Increase max size of upload (#162)
Initialize Devise missing views and routes (#9)
K8s (#15)
Update database secrets
K8s secret instance
Barong install or upgrade bash script
Use puma instead of rails s
Limit number of uploaded documents
Lockable in API (#544)
Lockable in API
add endpoint to send/resend unlock instructions
update docs
Profile validations update(fixes specs which was failing sometimes)
add endpoint to unlock account
Lockable for devise (closes #13) (#11)
Make db:seed more flexible (#404)
Make drag and drop for documents work (#154)
Management api config generation from template (#539)
Generate management api from config
Install plugins and make yml files from templates
Put plugins template in standart place
Mark account as discarded istead of delete it (#451)
Mark account as discarded instead of deleting it
Disabled reek
Merge branch 'master' into feature/profiles_api
Merge remote-tracking branch 'origin/master' into feature/2fa_api
Merge remote-tracking branch 'origin/master' into feature/2fa_api
Merge branch 'master' into bugfix/phone_verification_without_code
Merge branch 'master' into bugfix/phone_verification_without_code
Merge branch 'master' into fix/loofah-update
Migrate application levels logic to use labels (#430)
Minor fixes for phones/new form (#150)
Added loader Confirm button disables till the code is sent Check if the phone nubber wasn't modefied after the code was sent
Minor fixes (#141)
Minor fixes to index page (#106)
Minor gem updates
Modify email and sender name (#140)
Mons web verification design (#53)
Adding verification design
Move all logic from profile show to accounts show. Show Phones and Account info (#460)
Remove state from profile
Fix labels issues
after-review improvements
Move all logic from profile show to accounts show (close #449)
Update code with requirements
Disabled reek
Move account registration to account endpoint
moved specs to v1 folder
Moved documentation files (#549)
Moving database.yml file
Moving field role and adding level
Notify user by email when his state changes (#372)
Pass email along with uid to vault (#257)
Prepare initial configuration and gemset: (#6)
Profiles API
Added metadata field to Profiles, which stores JSON data and is using ActiveRecord::Store. Metadata fields are specified by env variable PROFILE_METADATA
Provide License (#21)
Put working links in footer
Made links in footer work Added basic layout on Change Password page
rails new --database=mysql --skip-turbolinks --skip-coffee barong
Rake task to generate swagger-slate docs (#204)
Rake task to generate swagger-slate docs
Run widdershins via 'node node_modules/widdershins/widdershins'
Refactor storages (#241)
Refactored phones
Release Barong v1.0.0
Remove rack-cors (#519)
Remove identity from default configuration (#505)
Remove identity level from default configuration
Tune codeclimate
Remove env check. It does not work with docker build (#514)
Remove outdated deployment stuff (#452)
Remove invalid concourse pipeline and related stuff
Remove main-logo and useless <div>s (#182)
remove unneeded/useless tests/specs (#173)
Removed minimum size limitation for document (#199)
Removed 'utility bill' from 'documents' dropdown options and changed notice for successeful email confirmation (#170)
Removed unused views (#139)
Removed unused controller
Removed unnecessary views (#56)
Removing logo
Replace Faker::Avatar.image to Faker::Company.logo due to server error
Rescue exception in managment api and application controller
Restify api endpoints (#368)
Return understandable vault error, log full message
Return if phone is already in db (#91)
Scaffold website table (#30)
bundle exec rails g model website domain:string:uniq title:string logo:string stylesheet:string header:text footer:text redirect_url:string state:string --force
bundle exec rails g scaffold admin/website domain:string title:string logo:string stylesheet:string header:text footer:text redirect_url:string state:string --model-name=website --no-migration --test-framework=rspec --stylesheet-engine=sass --no-javascripts --integration-tool=rspec
Scaffolding profile has_many documents
Send emails if they are enabled. Add SKIP_EMAILS env (#446)
Set events with correct devise tokens (#528)
Set correct document flash message (#474)
Set correct document flash message
Travis allow other branches
Set account state to active on email confirmation
Set account state along with profile state
Set new devise layout (#155)
Set devise secret on container build (#17)
Set device secret on container build
Docker DEVICE_SECRET_KEY env varible explanation
Show level and labels on account index page (#431)
Small fixes (#171)
Small improvements (#74)
Speed up docker build (#429)
Splitted profile-document form (#131)
Squish label fields (#535)
Add rake task for update level Show level mapping at admin panel
Start Barong 1.8.0 development! (#370)
Merge it after merge 1.7.0 Release branch
Start Barong 1.7.0 development!
Style improvements on documents, sign in/sign up, profiles, removing (#73)
header & fixing tests
Swapping migration version
Switch to grape (#153)
t # This is a combination of 2 commits.
Changed document reference from profile to account
Refactored documents api
Two Factor Auth (#78)
Unifying styles in the admin panel (#105)
Unifying styles in the admin panel (#102)
Unified styling in the admin panel, added default filter for profiles section in the admin panel
Unified styling in the admin panel, added default filter for profiles section in the admin panel
Update gem dependences (#595)
Update api_keys.md
Update travis CI and fix version bumping (#507)
Update ci/bump.rb: add pagination for GitHub API (fixes bumping for older branches). (#458)
Update 1.7.0 migration steps notes (#405)
Update .travis.yml
Update Gemfile
Update the JWT Session payload (closes #245) (#250)
Update chart
Update oauth callback (#127)
update bootstrap gem : 4.1.2 instead 4.0.0
Updated loofah to 2.2.2
Updated documentation (#190)
Use SecureRandom in db:seed (#425)
Use simple serialize instead of Store for metadata field
Use JWT token for authentication (#103)
User level is downgraded to 2 when his profile is rejected (#360)
Validate dates (#228)
Verify captcha after 3 failed attempts on sign in
Verify captcha serverside is it's enabled
Generate api on bump stage
Merge pull request #609 from mnaichuk/fix/messages
Merge pull request #575 from rxx/fix_api_key_1_8
Merge pull request #569 from rxx/bugfix/fix_bump
Merge pull request #567 from rxx/feature/generate_api_from_bump
Merge pull request #568 from rxx/feature/pdf_upload
Merge pull request #566 from rxx/feature/vault_security
Merge pull request #564 from rxx/feature/managment_labels_list
Merge pull request #565 from rxx/bugfix/fix_expires_in
Merge pull request #561 from maksim-litvinov/bugfix/fix_vault_errors
Merge pull request #563 from maksim-litvinov/countries_alpha2_alpha3
Merge pull request #558 from maksim-litvinov/sprokets_bug_fix_18
Merge pull request #551 from maksim-litvinov/feature/add_document_validations
Merge pull request #554 from shingonoide/fixes_image_build
Merge pull request #336 from rubykube/feature/profiles_api
Merge pull request #327 from rubykube/feature/2fa_api
Merge pull request #341 from rubykube/bugfix/phone_verification_without_code
Merge pull request #352 from andreymakovenko/master
Merge pull request #287 from gfedorenko/fix/loofah-update
Merge pull request #279 from gfedorenko/fix/default-state
Merge pull request #270 from rubykube/fix/account-state
Merge pull request #233 from ashanaakh/bugfix/travis-fix
Merge pull request #180 from gfedorenko/fix/routing
Merge pull request #133 from gfedorenko/fix/footer
Merge pull request #134 from ashanaakh/fix/chart
Merge pull request #135 from mafarain/include_state
Merge pull request #81 from ashanaakh/logs
Merge pull request #71 from spavlishak/fixes/styles
Merge pull request #65 from vpetrusenko/level
Merge pull request #68 from ashanaakh/dockerignore/fix
Released 2018-11-26
Set cookie for all subdomains
Released 2018-11-25
Released 2018-11-25
APIKeys spec and related configuration
Add bump gem
Add password reset workflow
Add user confirmation workflow
Add Activity model, validations & base specs
Add Activity model & base specs
Add strong password validation Use strong_password gem to check simplicity Add a custom validator to check required symbols
Add managment_api Add jwt initializer Add entities Add tools Add Profile entity Modify user model Modify user factory * Fix spec for users and labels
Add identity user api module && support of captcha Add signup logic Verify captcha serverside Require captcha on signup Optional captcha on signin
Add ability to use twilio in test and development
Add Labels API
Add JWT generator
Add JWT auth
Add sessions_spec
Add Dockerfile
Add Travis file
Add Event API
Co-authored-by: alinetskyi <artem.linetskyi@gmail.conf>
Added Api Keys model, CRUD API, SecretStorage service
Adding Documents API
Adding profile grape resource
Adding KeyStore lib
Have fixed grape api spec helpers
Adding templates
Adding Label Model
Adding Base Grape API
with General Endpoint ping and time
Adding Document model (#3)
Adding Profile model
Adding Level model
Adding User model
Adding backend and db config
AuthZ modifications (#26)
Bump improvements
Change API prefix logic, fix specs, add vault doc
Delete send_real_sms.rb
Enabling sessions#authorize endpoint
Fixes for test and integration environment
Fixing an issue on route :any
Fixing password presence validation
Generate JWT token for apikeys
Hot fixing sessions
Initialize Vault, add TOTPService and Security(2FA) API
Minor improvements to middleware
Optimizing Dockerfile and removing asset pipeline
Phone model & related API & basic config store logic Add phone model Add class phones in resource api module Add test coverage for phone api Add Barong:App lib as secret key and config storage
rails generate rspec:install
rails new --database=mysql --skip-turbolinks --skip-coffee --skip-test barong
Record activity on session
Rework AuthZ endpoint
Sessions API
Updating bump script
Released 2018-11-24
API tuning: Add security definitions and status code, fixed wrong messages (#488)
Travis allow other branches
Add security definitions Add status codes
Add phone verification rate limit for API
Add rack-attack and some API usage limits
Add grape logger middleware
Add a stronger validation for passwords
Add ROOT_DOMAIN for configure sessions (#611)
Add import accounts endpoint
Add endpoint to create accounts with managment api
Add health check actions
Add human errors for cases when vault is down or code was used multiple times
Add restrictions for expire_in
Add validations to document
Add SMTP_ADDRESS and SMTP_PORT environment variable in development
Add email for Event API system.account.reset_password_token, system.account.unlock_token events, system.document.verified, system.document.rejected (#550)
Add email for Event API system.account.reset_password_token and system.account.unlock_token events
Fix documentation for AccountMailer events
Document verification Event API payload and docs updated to have email included
Add account uid to system.notification.account (#537)
Add account get endpoint for managment API (#486)
Add validations for profile fields (#477)
Fix document expire validation Add datepicker and country_select for admin panel Squish spaces
Add endpoint for resend confirmations
Add otp sign endpoint (#527)
Add localization for grape required fields (#515)
Add CORS middleware (#516)
Add vault logging (#513)
Add new document type (#502)
Allow to configure scopes from env (#618)
Allow to configure smtp url address (#616)
Allow pdf on barong form
Allow to use alpha2 and alpha3 country format in profile
Allow to configure multiple CORS at barong
Allow travis to build image without envs (#508)
barong fixing security flags in docs (#596)
Change password security error message (#511)
Check 2FA on Barong session api (#522)
Check required environments on barong starting (#484)
Check required environments on barong starting
Travis allow other branches
Compute code coverage report (#542)
Create jwt by session
Create correct labels when seed accounts (#579)
Define minimum password length in ENV (#626)
Dont let not active accounts to sign in (#608)
Downcase label key and value before save it (#472)
Feed existing account with labels corresponding their level [for migration from 1.7 to 1.8] (#498)
Fix: DEPRECATION WARNING
Fix issue with jwt in dev mode (#630)
Fix issue with hardcoded JWT_SHARED_SECRET_KEY (#629)
Fix message error
Fix doorkeeper CVE-2018-1000211 vulnerability
Fix CVE-2018-3760 bug
Fix rubocop
Fix wrong field in accounts/get (#552)
Fix labels bug with changing scope (#481)
Fix db:seed applications creation (#495)
Fix db:seed applications creation
Add tests for rake db:seed
Fix document types (#490)
Fix typo in phone exists message error (#487)
Fix typo in phone exists message error
Travis allow other branches
Fixes docker image build
Generate api on bump stage
Get all labels with managment api
Get international number from phonelib directly (#504)
Get international number from phonelib directly
Use international phone on api phone validation
Limit number of uploaded documents
Lockable in API (#544)
Lockable in API
add endpoint to send/resend unlock instructions
update docs
Profile validations update(fixes specs which was failing sometimes)
add endpoint to unlock account
Management api config generation from template (#539)
Generate management api from config
Install plugins and make yml files from templates
Put plugins template in standart place
Merge branch 'master' into fix-messages
Moved documentation files (#549)
Release Barong v1.9
Remove rack-cors (#519)
Remove identity from default configuration (#505)
Remove identity level from default configuration
Tune codeclimate
Remove env check. It does not work with docker build (#514)
Replace Faker::Avatar.image to Faker::Company.logo due to server error
Rescue exception in managment api and application controller
Return understandable vault error, log full message
Save scopes in APIKey as serialized array (closes #585) (#597)
Set cookies from /api/sessions
Set events with correct devise tokens (#528)
Set correct document flash message (#474)
Set correct document flash message
Travis allow other branches
Squish label fields (#535)
Add rake task for update level Show level mapping at admin panel
Unlock account after 1 hour of being locked (#649)
update bootstrap gem : 4.1.2 instead 4.0.0
Update api_keys.md (#592)
Update gem dependences (#595)
Update docs api_keys
Update project to rails v5.2.1
Update rails version to v5.2.1
Update ruby version to v2.5.1
Update api_keys.md
Update travis CI and fix version bumping (#507)
Verify captcha serverside if it's enabled (#617)
Verify captcha serverside is it's enabled
Verify captcha after 3 failed attempts on sign in
Don't check captcha is password is valid
Generate api on bump stage
Merge pull request #601 from mnaichuk/fix-messages
Merge pull request #557 from maksim-litvinov/sprocket_bug_fix
Merge pull request #543 from maksim-litvinov/master_update
Released 2018-11-21
Add phone verification rate limit for API
Add rack-attack and some API usage limits
Fix phone verification rate limit for API
Released 2018-11-21
Add RabbitMQ middleware for event api
Released 2018-11-17
Add grape logger middleware
handle SMS_CONTENT env variable
Replace Faker::Avatar.image to Faker::Company.logo due to server error
Released 2018-10-17
update bootstrap gem : 4.1.2 instead 4.0.0
Released 2018-09-21
Add ROOT_DOMAIN for configure sessions (#612)
Dont let not active accounts to sign in (#600)
Released 2018-09-21
Released 2018-09-21
Verify captcha after 3 failed attempts on sign in
Verify captcha serverside is it's enabled
Released 2018-09-20
Fix message error
Merge pull request #609 from mnaichuk/fix/messages
Released 2018-09-19
Add import accounts endpoint
Add endpoint to create accounts with managment api
Released 2018-09-15
Create jwt by session
Fix doorkeeper CVE-2018-1000211 vulnerability
Update gem dependences (#595)
Released 2018-07-23
Update api_keys.md
Merge pull request #575 from rxx/fix_api_key_1_8
Released 2018-07-18
Add health check actions
Add human errors for cases when vault is down or code was used multiple times
Allow pdf on barong form
Generate api on bump stage
Rescue exception in managment api and application controller
Generate api on bump stage
Merge pull request #569 from rxx/bugfix/fix_bump
Merge pull request #567 from rxx/feature/generate_api_from_bump
Merge pull request #568 from rxx/feature/pdf_upload
Merge pull request #566 from rxx/feature/vault_security
Released 2018-07-16
Add restrictions for expire_in
Get all labels with managment api
Limit number of uploaded documents
Merge pull request #564 from rxx/feature/managment_labels_list
Merge pull request #565 from rxx/bugfix/fix_expires_in
Released 2018-07-10
Allow to use alpha2 and alpha3 country format in profile
Return understandable vault error, log full message
Merge pull request #561 from maksim-litvinov/bugfix/fix_vault_errors
Merge pull request #563 from maksim-litvinov/countries_alpha2_alpha3
Released 2018-07-06
Create correct labels when seed accounts (#560)
Released 2018-07-04
Fix CVE-2018-3760 bug
Merge pull request #558 from maksim-litvinov/sprokets_bug_fix_18
Released 2018-07-03
Add validations to document
Merge pull request #551 from maksim-litvinov/feature/add_document_validations
Released 2018-06-26
Fix wrong field in accounts/get (#552)
Lockable in API (#544)
Lockable in API
add endpoint to send/resend unlock instructions
update docs
Profile validations update(fixes specs which was failing sometimes)
add endpoint to unlock account
Released 2018-06-25
Fixes docker image build
Merge pull request #554 from shingonoide/fixes_image_build
Released 2018-06-22
Add email for Event API system.account.reset_password_token, system.account.unlock_token events, system.document.verified, system.document.rejected (#550)
Add email for Event API system.account.reset_password_token and system.account.unlock_token events
Fix documentation for AccountMailer events
Document verification Event API payload and docs updated to have email included
Released 2018-06-22
Compute code coverage report (#542)
Moved documentation files (#549)
Released 2018-06-21
Management api config generation from template (#539)
Generate management api from config
Install plugins and make yml files from templates
Put plugins template in standart place
Released 2018-06-15
Get international number from phonelib directly (#504)
Get international number from phonelib directly
Use international phone on api phone validation
Released 2018-06-15
Add account uid to system.notification.account (#537)
Released 2018-06-14
Add account get endpoint for managment API (#486)
Check 2FA on Barong session api (#522)
Released 2018-06-14
Add validations for profile fields (#477)
Fix document expire validation Add datepicker and country_select for admin panel Squish spaces
Released 2018-06-12
Add endpoint for resend confirmations
Add otp sign endpoint (#527)
Squish label fields (#535)
Add rake task for update level Show level mapping at admin panel
Released 2018-06-11
Add localization for grape required fields (#515)
Fix labels bug with changing scope (#481)
Set events with correct devise tokens (#528)
Released 2018-06-06
Remove rack-cors (#519)
Released 2018-06-06
Add CORS middleware (#516)
Released 2018-06-05
API tuning: Add security definitions and status code, fixed wrong messages (#488)
Travis allow other branches
Add security definitions Add status codes
API: Added registration and account confirmation scopes
Add vault logging (#513)
Add new document type (#502)
Add api_key resource and generate jwt session (#441)
Add sentry (#459)
Add condition for unconfirmed emails check (#448)
Add labels to admin panel with CRUD (#414)
Add reset password api (#371)
Extract api helpers to helpers module, style api according to peatio api module
Add specs for phone controller
Add '/v1' prefix for API::V1 routes
Add ability to define title
Add specs for confirmations controller, use public_suffix collection to find root level domain
Add confirmation api
Add shared context for doorkeeper auth, add spec for GET /api/account
Add .codeclimate.yml
Added password strength validation (#455)
Added link_config script (#434)
Added event_api specs (#412)
Added event_api specs
Update event_api.md
Added 2FA api, added otp_enabled to accounts, refactored Vault::TOTP
Added specs for registrations api
Added phone validation tests
Adding level flow (#421)
Feature/level logic with labels
Adding level definition (#409)
Adding level definition
Update seeds.rb
Adding excepection for eligible bump
Allow travis to build image without envs (#508)
Allow setting JWT secret key as pem file (#413)
Change password security error message (#511)
Changed devise logout path from delete to get request
Changing seeds to users (#422)
Check required environments on barong starting (#484)
Check required environments on barong starting
Travis allow other branches
Check vault health
Configure codeclimate (#348)
Configure codeclimate
Confirm 2FA code before enable otp
Confirm account by devise controller with whitelisted domain
Do not trust public label when calculate level (#428)
Documents API
Downcase label key and value before save it (#472)
Downgrade fog-gem version (fix #311)
Enable devise lockable. (#467)
Fix db seed password, replace email validator
Enable devise lockable
Enable cops in .rubocop.yml
Events API, Plugins (#410)
Add ability to install Plugins
Add required gems
Extract api to user_api module (#407)
Add Label managment api
Feature: Add metadata to documents API (#464)
Added metadata field for document
Makes documents spec more readable
Feed existing account with labels corresponding their level [for migration from 1.7 to 1.8] (#498)
Fix db:seed applications creation (#495)
Fix db:seed applications creation
Add tests for rake db:seed
Fix document types (#490)
Fix typo in phone exists message error (#487)
Fix typo in phone exists message error
Travis allow other branches
Fix issue with api datetime format (#453)
Fix function call (#426)
Fix API error messages (#416)
Fix domain to host (#424)
Fix errors in phones api (#393)
Fix missing PhoneUtils bug (#388)
Fix failing profile specs (#375)
Fix db:seed (#359)
Fix typo in error rescue (#357)
Fix vault specs, add capybara screenshot
Fix codeclimate
Fix codeclimate
Fix codeclimate
Fix phone verification issue
Fix specs
Fix travis version bump
Fix indentation and comments rubocop issues
Fix existing docs & Remove unused docs
Fixed all rubocop issues
Ignore yarn files
Implement send code API (#423)
Implemented API endpoind for receiving JWT by account and password
Implemented ability to change password by API
Implemented API JWT renewal (#264)
Increase spec coverage (#378)
Add simplecov
Add specs for controllers
Add spec for vault totp
Fix tests
Make db:seed more flexible (#404)
Mark account as discarded istead of delete it (#451)
Mark account as discarded instead of deleting it
Disabled reek
Merge branch 'master' into feature/profiles_api
Merge remote-tracking branch 'origin/master' into feature/2fa_api
Merge remote-tracking branch 'origin/master' into feature/2fa_api
Merge branch 'master' into bugfix/phone_verification_without_code
Merge branch 'master' into bugfix/phone_verification_without_code
Merge branch 'master' into fix/loofah-update
Migrate application levels logic to use labels (#430)
Move all logic from profile show to accounts show. Show Phones and Account info (#460)
Remove state from profile
Fix labels issues
after-review improvements
Move all logic from profile show to accounts show (close #449)
Update code with requirements
Disabled reek
Move account registration to account endpoint
moved specs to v1 folder
Moving database.yml file
Notify user by email when his state changes (#372)
Profiles API
Added metadata field to Profiles, which stores JSON data and is using ActiveRecord::Store. Metadata fields are specified by env variable PROFILE_METADATA
Refactored phones
Remove identity from default configuration (#505)
Remove identity level from default configuration
Tune codeclimate
Remove env check. It does not work with docker build (#514)
Remove outdated deployment stuff (#452)
Remove invalid concourse pipeline and related stuff
Restify api endpoints (#368)
Send emails if they are enabled. Add SKIP_EMAILS env (#446)
Set correct document flash message (#474)
Set correct document flash message
Travis allow other branches
Show level and labels on account index page (#431)
Speed up docker build (#429)
Start Barong 1.8.0 development! (#370)
Merge it after merge 1.7.0 Release branch
Start Barong 1.7.0 development!
t # This is a combination of 2 commits.
Changed document reference from profile to account
Refactored documents api
Update travis CI and fix version bumping (#507)
Update ci/bump.rb: add pagination for GitHub API (fixes bumping for older branches). (#458)
Update 1.7.0 migration steps notes (#405)
Update .travis.yml
Update Gemfile
Updated loofah to 2.2.2
Use SecureRandom in db:seed (#425)
Use simple serialize instead of Store for metadata field
User level is downgraded to 2 when his profile is rejected (#360)
Merge pull request #336 from rubykube/feature/profiles_api
Merge pull request #327 from rubykube/feature/2fa_api
Merge pull request #341 from rubykube/bugfix/phone_verification_without_code
Merge pull request #352 from andreymakovenko/master
Merge pull request #287 from gfedorenko/fix/loofah-update
Released 2018-06-04
Adding excepection for eligible bump (#381)
Apply Patch: Fix phone verification issue Apply related changes
Changed devise logout path from delete to get request
Downgrade fog-gem version (fix #311)
Fix phones controller (#383)
Fix failing profile specs (#377)
Merge branch 'master' into account_signout
Moving database.yml file
Notify user by email when his state changes (#374)
Trying to fix bump (#379)
Update ci/bump.rb: add pagination for GitHub API (fixes bumping for older branches). (#458) (#471)
Update .travis.yml
Update Gemfile
User level is downgraded to 2 when his profile is rejected (#366)
Merge pull request #354 from rubykube/bugfix/phone_verification_without_code_1-5
Merge pull request #269 from andreymakovenko/account_signout
Released 2018-06-04
Change password security error message (#511)
Released 2018-06-04
Add vault logging (#513)
Remove env check. It does not work with docker build (#514)
Released 2018-06-04
Add vault logging
Released 2018-06-03
Released 2018-06-03
API tuning: Add security definitions and status code, fixed wrong messages (#488)
Travis allow other branches
Add security definitions Add status codes
Add new document type (#502)
Allow travis to build image without envs (#508)
Check required environments on barong starting (#484)
Check required environments on barong starting
Travis allow other branches
Downcase label key and value before save it (#472)
Feed existing account with labels corresponding their level [for migration from 1.7 to 1.8] (#498)
Fix db:seed applications creation (#495)
Fix db:seed applications creation
Add tests for rake db:seed
Fix document types (#490)
Fix typo in phone exists message error (#487)
Fix typo in phone exists message error
Travis allow other branches
Set correct document flash message (#474)
Set correct document flash message
Travis allow other branches
Update travis CI and fix version bumping (#507)
Released 2018-05-31
Released 2018-05-31
Add new document type (#502)
Released 2018-05-30
API tuning: Add security definitions and status code, fixed wrong messages (#488)
Travis allow other branches
Add security definitions Add status codes
Check required environments on barong starting (#484)
Check required environments on barong starting
Travis allow other branches
Downcase label key and value before save it (#472)
Set correct document flash message (#474)
Set correct document flash message
Travis allow other branches
Released 2018-05-30
Feed existing account with labels corresponding their level [for migration from 1.7 to 1.8] (#498)
Fix db:seed applications creation (#495)
Fix db:seed applications creation
Add tests for rake db:seed
Fix document types (#490)
Fix typo in phone exists message error (#487)
Fix typo in phone exists message error
Travis allow other branches
Released 2018-05-16
Add api_key resource and generate jwt session (#441)
Add sentry (#459)
Add condition for unconfirmed emails check (#448)
Add labels to admin panel with CRUD (#414)
Added password strength validation (#455)
Added link_config script (#434)
Added event_api specs (#412)
Added event_api specs
Update event_api.md
Adding level flow (#421)
Feature/level logic with labels
Adding level definition (#409)
Adding level definition
Update seeds.rb
Adding excepection for eligible bump
Allow setting JWT secret key as pem file (#413)
Changing seeds to users (#422)
Do not trust public label when calculate level (#428)
Enable devise lockable. (#467)
Fix db seed password, replace email validator
Enable devise lockable
Events API, Plugins (#410)
Add ability to install Plugins
Add required gems
Extract api to user_api module (#407)
Add Label managment api
Feature: Add metadata to documents API (#464)
Added metadata field for document
Makes documents spec more readable
Fix issue with api datetime format (#453)
Fix function call (#426)
Fix API error messages (#416)
Fix domain to host (#424)
Fix errors in phones api (#393)
Implement send code API (#423)
Make db:seed more flexible (#404)
Mark account as discarded istead of delete it (#451)
Mark account as discarded instead of deleting it
Disabled reek
Migrate application levels logic to use labels (#430)
Move all logic from profile show to accounts show. Show Phones and Account info (#460)
Remove state from profile
Fix labels issues
after-review improvements
Move all logic from profile show to accounts show (close #449)
Update code with requirements
Disabled reek
Remove outdated deployment stuff (#452)
Send emails if they are enabled. Add SKIP_EMAILS env (#446)
Show level and labels on account index page (#431)
Speed up docker build (#429)
Start Barong 1.8.0 development! (#370)
Merge it after merge 1.7.0 Release branch
Update ci/bump.rb: add pagination for GitHub API (fixes bumping for older branches). (#458)
Update 1.7.0 migration steps notes (#405)
Use SecureRandom in db:seed (#425)
Released 2018-04-20
Add reset password api (#371)
Extract api helpers to helpers module, style api according to peatio api module
Add specs for phone controller
Added 2FA api, added otp_enabled to accounts, refactored Vault::TOTP
Check vault health
Confirm 2FA code before enable otp
Fix missing PhoneUtils bug (#388)
Fix failing profile specs (#375)
Fix db:seed (#359)
Fix typo in error rescue (#357)
Fix vault specs, add capybara screenshot
Fix codeclimate
Fix codeclimate
Fix codeclimate
Fix phone verification issue
Increase spec coverage (#378)
Add simplecov
Add specs for controllers
Add spec for vault totp
Fix tests
Merge branch 'master' into feature/profiles_api
Merge remote-tracking branch 'origin/master' into feature/2fa_api
Merge remote-tracking branch 'origin/master' into feature/2fa_api
Merge branch 'master' into bugfix/phone_verification_without_code
Merge branch 'master' into bugfix/phone_verification_without_code
Notify user by email when his state changes (#372)
Profiles API
Added metadata field to Profiles, which stores JSON data and is using ActiveRecord::Store. Metadata fields are specified by env variable PROFILE_METADATA
Restify api endpoints (#368)
Start Barong 1.7.0 development!
Use simple serialize instead of Store for metadata field
User level is downgraded to 2 when his profile is rejected (#360)
Merge pull request #336 from rubykube/feature/profiles_api
Merge pull request #327 from rubykube/feature/2fa_api
Merge pull request #341 from rubykube/bugfix/phone_verification_without_code
Merge pull request #352 from andreymakovenko/master
Released 2018-04-12
API: Added registration and account confirmation scopes
Add '/v1' prefix for API::V1 routes
Add ability to define title
Add specs for confirmations controller, use public_suffix collection to find root level domain
Add confirmation api
Add shared context for doorkeeper auth, add spec for GET /api/account
Add .codeclimate.yml
Add 2FA docs (#251)
Add 2FA (#205)
added focus on password input (#249)
Added specs for registrations api
Added phone validation tests
Added state for GET profile (#273)
Added get profile API call (#271)
Changed devise logout path from delete to get request
Configure codeclimate (#348)
Configure codeclimate
Confirm account by devise controller with whitelisted domain
Different gem subsets dynamic installation (#207)
Documents API
Downgrade fog-gem version (fix #311)
Enable cops in .rubocop.yml
Fix specs
Fix travis version bump
Fix indentation and comments rubocop issues
Fix existing docs & Remove unused docs
Fix multiple issue with cloud storage configurations (#259)
Fix all entered data which is lost when submitting form with invalid data (#231)
Fixed all rubocop issues
Ignore yarn files
Implemented API endpoind for receiving JWT by account and password
Implemented ability to change password by API
Implemented API JWT renewal (#264)
Merge branch 'master' into fix/loofah-update
Move account registration to account endpoint
moved specs to v1 folder
Moving database.yml file
Pass email along with uid to vault (#257)
Refactor storages (#241)
Refactored phones
Remove invalid concourse pipeline and related stuff
Set account state to active on email confirmation
Set account state along with profile state
t # This is a combination of 2 commits.
Changed document reference from profile to account
Refactored documents api
Update .travis.yml
Update Gemfile
Update the JWT Session payload (closes #245) (#250)
Updated loofah to 2.2.2
Validate dates (#228)
Merge pull request #287 from gfedorenko/fix/loofah-update
Merge pull request #279 from gfedorenko/fix/default-state
Merge pull request #270 from rubykube/fix/account-state
Merge pull request #233 from ashanaakh/bugfix/travis-fix
Released 2018-04-11
Add 2FA docs (#251)
Add 2FA (#205)
Added state for GET profile (#273)
Added get profile API call (#271)
added focus on password input (#249)
Changed devise logout path from delete to get request
Different gem subsets dynamic installation (#207)
Fix multiple issue with cloud storage configurations (#259)
Fix all entered data which is lost when submitting form with invalid data (#231)
Pass email along with uid to vault (#257)
Refactor storages (#241)
Set account state to active on email confirmation
Set account state along with profile state
Updated loofah to 2.2.2
Validate dates (#228)
Merge pull request #290 from gfedorenko/fix/loofah-update
Merge pull request #288 from akhlopiachyi/1-3-stable-pull-request
Released 2018-04-05
Downgrade fog-gem version (fix #311)
Update Gemfile
Released 2018-03-23
Add 2FA docs (#251)
Add 2FA (#205)
added focus on password input (#249)
Added state for GET profile (#273)
Added get profile API call (#271)
Changed devise logout path from delete to get request
Different gem subsets dynamic installation (#207)
Fix multiple issue with cloud storage configurations (#259)
Fix all entered data which is lost when submitting form with invalid data (#231)
Merge branch 'master' into account_signout
Pass email along with uid to vault (#257)
Refactor storages (#241)
Set account state to active on email confirmation
Set account state along with profile state
Update the JWT Session payload (closes #245) (#250)
Validate dates (#228)
Merge pull request #269 from andreymakovenko/account_signout
Merge pull request #279 from gfedorenko/fix/default-state
Merge pull request #270 from rubykube/fix/account-state
Merge pull request #233 from ashanaakh/bugfix/travis-fix
Released 2018-03-22
Add 2FA docs (#251)
Add 2FA (#205)
Added state for GET profile (#273)
Added get profile API call (#271)
added focus on password input (#249)
Different gem subsets dynamic installation (#207)
Fix multiple issue with cloud storage configurations (#259)
Fix all entered data which is lost when submitting form with invalid data (#231)
Pass email along with uid to vault (#257)
Refactor storages (#241)
Set account state to active on email confirmation
Set account state along with profile state
Validate dates (#228)
Released 2018-03-20
Added state for GET profile (#273)
Added get profile API call (#271)
Set account state along with profile state
Merge pull request #270 from rubykube/fix/account-state
Released 2018-03-16
Fix multiple issue with cloud storage configurations (#259)
Released 2018-03-13
added focus on password input (#249)
Pass email along with uid to vault (#257)
Released 2018-03-09
Refactor storages (#241)
Released 2018-03-07
Add 2FA docs (#251)
Released 2018-03-07
Update the JWT Session payload (closes #245) (#250)
Released 2018-03-05
Different gem subsets dynamic installation (#207)
Released 2018-03-05
Released 2018-03-05
Validate dates (#228)
Released 2018-03-05
Fix all entered data which is lost when submitting form with invalid data (#231)
Released 2018-03-05
Add 2FA (#205)
Released 2018-03-05
Add bot envs in travis.yml (#232)
Add chrome in .travis.yml & update chromedriver-helper (closes #213) (#215)
Continue implement features regarding PR #118 (#193)
added roles to the controller, fixed db:load:fake task
fixed db:load:fake task
deleted icon from dropify input (#196)
Fix issue in travis configuration
Fix invalid number notification color (fix #216) (#222)
Fix issue with resending unlock instructions for #147 (#206)
Fixed bin/setup to work in correct order (#194)
Fixed bin/setup to work in correct order
Updated seeds; added ability to use default creds with workbench
Fixed tests (#192)
Handle file size and extension on front-end side with dropify (#209)
Rake task to generate swagger-slate docs (#204)
Rake task to generate swagger-slate docs
Run widdershins via 'node node_modules/widdershins/widdershins'
Removed minimum size limitation for document (#199)
Updated documentation (#190)
Merge pull request #233 from ashanaakh/bugfix/travis-fix
Released 2018-02-26
Added autoauthorized application (#156)
Admin panel fixes (#165)
Fixes regarding with tables styles, Fixes regarding with redirecting in the application page, Fixes regarding with notifications styles
fixed table style on profile show, fixed notice on admin
fixed table styles, added email to profile show action
Creating a role for managing only profiles (#118)
Remove main-logo and useless <div>s (#182)
Released 2018-02-23
Add link for enabling 2FA (#172)
Add document validation (#149)
Adding sneaker gem
Fix for index redirecting
Fixes for workbench (#142)
generate API documentation (#158)
Increase max size of upload (#162)
Make drag and drop for documents work (#154)
Minor fixes for phones/new form (#150)
Added loader Confirm button disables till the code is sent Check if the phone nubber wasn't modefied after the code was sent
remove unneeded/useless tests/specs (#173)
Removed 'utility bill' from 'documents' dropdown options and changed notice for successeful email confirmation (#170)
Removed unused views (#139)
Removing logo
Set new devise layout (#155)
Small fixes (#171)
Switch to grape (#153)
Merge pull request #180 from gfedorenko/fix/routing
Released 2018-02-19
add checking of current level
add increase lvl function (#59)
Add UID for Account (#132)
return unless uid blank
Add JWT support to chart (#120)
Add JWT support to chart
Fix Dockerfile after adding JWT support (#103)
Bump docker image and chart versions
Add missing </div> (#104)
Add RAILS_LOG_TO_STDOUT to the chart
Add checking of account lvl
Add helm chart to docker ignore files
Add BS4 for admin & navigation. (#16)
Add admin panel boilerplate (closes #12). (#14)
Add TravisCI configuration & RSpec + Capybara boilerplate. (#8)
Add rubocop.yml (#7)
Added GCS credentials to helm chartm and charts improvements (#93)
Added GCS credentials to helm charts
Added sender's name (#92)
Added some validations (#82)
Added some validations
Fixed and skiped tests
Added custom logo, header, footer support (#55)
Added favicon (#66)
Added meta tag for mobile view (#62)
Added profiles section to the admin panel (#50)
Added profiles section to the admin panel
Added ability to connect phone number to account (#27)
Added listing of accounts with ability to delete or edit (#22)
Adding layout for profiles and documents (#38)
Adding doorkeeper into the stack (#26)
Change license to Apache 2.0 (#79)
change != to <
Changed license in README (#95)
Changed datepicker and sms body (#69)
Changed datepicker and sms body
Fixed test
Created normal readme (#64)
customer css helper (#52)
Deploy (#37)
Deployment stuff improvements
Development & software operations: kite service, Dockerfile, charts, pipeline, Helm & other stuff. (#5)
Display cute notice when the registering email already taken (#70)
Fix for login (#143)
Fix tests due to new forms (#128)
Fix url in Readme (#122)
Fix for button (#100)
Fix for approving profile (#97)
Fix for js (#98)
Fix production mailer & move to helios-public (#47)
Rails production mailer setup & k8s env variables
Use helios-public instead of helios-stage
fix specs
fix lvl buttons
fix code style
add lvl buttons
Fixed background (#63)
Fixed k8s secrets.yaml
Fixed mail sender email (#61)
Fixed barong host in chart (#57)
fixed all issues related with: git rebase, the tests, the document uploading features (#58)
fixed the tests (#43)
fixed the tests (#42)
fixed the views tests
Google cloud upload (#90)
implement lvl for phones
improve lvl system
Improve some styles
Include profile.state in jwt
Include name in jwt (#123)
increase to lvl 3 after confirmation
Initialize Devise missing views and routes (#9)
K8s (#15)
Update database secrets
K8s secret instance
Barong install or upgrade bash script
Use puma instead of rails s
Lockable for devise (closes #13) (#11)
Minor fixes (#141)
Minor fixes to index page (#106)
Minor gem updates
Modify email and sender name (#140)
Mons web verification design (#53)
Adding verification design
Moving field role and adding level
Prepare initial configuration and gemset: (#6)
Provide License (#21)
Put working links in footer
Made links in footer work Added basic layout on Change Password page
rails new --database=mysql --skip-turbolinks --skip-coffee barong
Release Barong v1.0.0
Removed unused controller
Removed unnecessary views (#56)
Return if phone is already in db (#91)
Scaffold website table (#30)
bundle exec rails g model website domain:string:uniq title:string logo:string stylesheet:string header:text footer:text redirect_url:string state:string --force
bundle exec rails g scaffold admin/website domain:string title:string logo:string stylesheet:string header:text footer:text redirect_url:string state:string --model-name=website --no-migration --test-framework=rspec --stylesheet-engine=sass --no-javascripts --integration-tool=rspec
Scaffolding profile has_many documents
Set devise secret on container build (#17)
Set device secret on container build
Docker DEVICE_SECRET_KEY env varible explanation
Small improvements (#74)
Splitted profile-document form (#131)
Style improvements on documents, sign in/sign up, profiles, removing (#73)
header & fixing tests
Swapping migration version
Two Factor Auth (#78)
Unifying styles in the admin panel (#105)
Unifying styles in the admin panel (#102)
Unified styling in the admin panel, added default filter for profiles section in the admin panel
Unified styling in the admin panel, added default filter for profiles section in the admin panel
Update chart
Update oauth callback (#127)
Use JWT token for authentication (#103)
Merge pull request #133 from gfedorenko/fix/footer
Merge pull request #134 from ashanaakh/fix/chart
Merge pull request #135 from mafarain/include_state
Merge pull request #81 from ashanaakh/logs
Merge pull request #71 from spavlishak/fixes/styles
Merge pull request #65 from vpetrusenko/level
Merge pull request #68 from ashanaakh/dockerignore/fix