sartography
/
cr-connect-workflow
mirror of https://github.com/sartography/cr-connect-workflow.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,030 Commits 18 Branches 0 Tags 8.3 MiB
Commit Graph

9 Commits

Author SHA1 Message Date
Aaron Louie 1f454536e3 Renames TOKEN_AUTH_SECRET_KEY to SECRET_KEY 2020-07-10 11:26:15 -04:00
Aaron Louie 561e254315 Prevents non-admin users from editing each others' tasks. Fixes bug where test user uid was not being set from token. Moves complete form and get workflow API test utility methods into BaseTest. 2020-06-12 13:46:10 -04:00
Aaron Louie cccff9b856 Fixes broken unit tests. But still broken. 2020-06-11 11:29:58 -04:00
Dan Funk 148e86bb42 Building out the boilerplate code to make pushing forward on this a little friendlier. 
There is an approval api file, and approval model file and an approval test file.
 2020-05-22 18:25:00 -04:00
Dan Funk 992a85e9a5 Rough idea of what the Approvals model will look like. 2020-05-22 11:56:43 -04:00
Dan Funk f4342fc785 It became impossible to use the Swagger ui when we started adding authentication to all of the calls. I discovered Connexion and Swagger have a default way of handing JTW authentication and this cleans up our code quite a bit, moves the securing of endpoints into the API Definition, which is quite nice, and removes a whole library dependency (I never get to do that!) I added a SWAGGER_AUTH_KEY that can be used in non-production environments to allow users to quickly authenticate from the Swagger ui. I also removed all api calls to simple little happy api services, because that is just mean and pointless. 2020-03-24 14:15:21 -04:00
Aaron Louie 40e12f5ab5 Resolves marshmallow_sqlalchemy.ModelSchema deprecation warning 2020-03-16 13:37:31 -04:00
Aaron Louie 581434b453 Adds SSO header attributes 2020-02-20 15:43:29 -05:00
Dan Funk a642593e3d Adding support to handle Single Sign On (Shibboleth) authentication using Flask SSO and an attribute map that has worked in the past with UVA's implementation. Aside from the new user endpoint, nothing requires authentication, but soon everything will expect it. I'm setting up a backdoor we can use for development and staging that will cause a round-robin affair that should make this relatively painless. Dropped "RestException" as we had two ways or raising errors, and that was silly. 2020-02-18 16:38:56 -05:00