1. 03 Aug, 2015 7 commits
  2. 31 Jul, 2015 12 commits
    • Randall Leeds's avatar
      Upgrade showdown and vendorize it with npm · e028a05e
      Randall Leeds authored
      e028a05e
    • Randall Leeds's avatar
      Refactor auth in the client · 63c442fd
      Randall Leeds authored
      Start to take better control over the authentication and authorization
      systems of the front end.
      
      - Remove dependency on Annotator Auth plugin. With this change,
        Annotator is completely gone from the Angular application.
      
      - Use angular-jwt and its http interceptor to ensure that auth tokens
        are up-to-date and auth token requests block store requests.
      
      - With the interceptor in place, it's no longer necessary to resolve
        auth before the ng-view controllers.
      
      - Use the session directly for getting the current user. This is in
        line with what is likely to happen for groups, too, soon.
      63c442fd
    • Randall Leeds's avatar
      Switch out jschannel for frame-rpc · f1b019f0
      Randall Leeds authored
      The frame-rpc module is a proper CommonJS module and it's footprint
      is really tiny. Its protocol is simpler. It doesn't handle connection
      and buffering, but with our onConnect callback we don't need buffering.
      The connection handshake that jschannel did was so trivial it's been
      re-implemented here (each side tries to connect to the other once).
      
      We have to handle timeouts ourselves, but that's all hidden in the
      bridge code. In exchange, we get a simpler API, we get rid of the
      call/notify distinction in favor of just passing a callback or not
      and we avoid the excess overhead of the recursion guard in the
      serialization code that was giving us false positive issues with
      the document title.
      
      This is one step toward removing all the browserify-shim requiring
      libraries from the injected bundle, which will eventually fix #2397.
      f1b019f0
    • Randall Leeds's avatar
      Merge pull request #2426 from hypothesis/vendor-assets-from-npm · 7372f1b7
      Randall Leeds authored
      Remove vendored assets: install from NPM
      7372f1b7
    • Nick Stenning's avatar
      Remove vendored assets: install from NPM · 03a08300
      Nick Stenning authored
      Replaces our vendored dependencies with dependencies on packages
      installed from NPM. This makes it substantially easier to find out
      what versions of 3rd-party packages are installed, and substantially
      easier to upgrade them as and when necessary.
      
      Libraries have been installed pinned at the version available on NPM
      nearest that installed in the repository. This means:
      
      - angular remains v1.2.28
      - angular-animate was upgraded from v1.2.25 -> v1.2.28
      - angular-resource was upgraded from v1.2.25 -> v1.2.28
      - angular-route was upgraded from v1.2.25 -> v1.2.28
      - angulartics remains v0.17.2
      - bootstrap remains v3.3.5
      - jquery remains v1.11.1
      - jstimezonedetect remains v1.0.5
      - moment remains v2.5.0
      - moment-timezone remains v0.0.1
      - ng-tags-input remains v2.2.0
      
      Unfortunately, the following modules don't appear to be available on NPM
      and so remain in the repository:
      
      - angular-bootstrap
      - angular-sanitize
      - angular-toastr (at a version early enough)
      03a08300
    • Randall Leeds's avatar
      Merge pull request #2402 from hypothesis/new-group · 41d2d3b2
      Randall Leeds authored
      Enable users to create groups
      41d2d3b2
    • Nick Stenning's avatar
      Add groupList directive to display user's groups · 86c58c80
      Nick Stenning authored
      This commit adds a list of groups to the "topbar" when the groups
      feature flag is enabled.
      86c58c80
    • Randall Leeds's avatar
      Merge pull request #2424 from hypothesis/limit-what-admins-can-do · 0dede511
      Randall Leeds authored
      Limit what admins can do
      0dede511
    • Randall Leeds's avatar
      Merge pull request #2423 from hypothesis/ng-annotate · 098ba85e
      Randall Leeds authored
      Use browserify-ngannotate to provide injection annotations
      098ba85e
    • Sean Hammond's avatar
      Merge pull request #2419 from hypothesis/fix-broken-uri-query · 600d69fc
      Sean Hammond authored
      Only update stream filter when we have >0 URIs
      600d69fc
    • Nick Stenning's avatar
      Use browserify-ngannotate to provide injection annotations · eca47188
      Nick Stenning authored
      Rather than trying to keep injection annotations up-to-date manually, we
      can use the computer to do it for us.
      
      [browserify-ngannotate][1] is a browserify transform plugin that uses
      [ng-annotate][2] to automatically generate injection annotations for the
      Angular injector.
      
      [1]: https://github.com/omsmith/browserify-ngannotate
      [2]: https://github.com/olov/ng-annotate
      eca47188
    • Nick Stenning's avatar
      Only update stream filter when we have >0 URIs · c64b184d
      Nick Stenning authored
      The backend code in `h.streamer` assumes that the arguments to "one_of"
      are either a non-empty list or a single value. Passing an empty list
      causes the generation of a bogus query.
      
      So, don't update the stream filter until we have at least one URI to
      stream from.
      
      Fixes #2257.
      c64b184d
  3. 30 Jul, 2015 7 commits
  4. 29 Jul, 2015 5 commits
  5. 28 Jul, 2015 1 commit
  6. 27 Jul, 2015 6 commits
    • Randall Leeds's avatar
      Pass a string to the features http request · 2eefaa55
      Randall Leeds authored
      While the URL object stringifies nicely, meaning this does work,
      it is liable to confuse request interceptors that expect a string.
      2eefaa55
    • Randall Leeds's avatar
      Why do I care so much? · 881c1575
      Randall Leeds authored
      881c1575
    • Randall Leeds's avatar
      Clean up comment · b643be3e
      Randall Leeds authored
      b643be3e
    • Nick Stenning's avatar
      Consolidate and style the admin interface · f7faf653
      Nick Stenning authored
      This commit brings together "administrator" views into one place -- the
      Hypothesis admin console, found at /admin.
      
      So far, the only to admin views we have are for flagging/unflagging
      users as NIPSA, and for administering administrative user status. In the
      near future, we may also have a feature flag console in here.
      
      - I've moved all the admin views into `h.admin` so that we don't
        confused business logic view functions with administrative view
        functions, and so that in future it is easier to treat the `/admin`
        tree as a single entity for the purposes of permissions, etc.
      - I've added an "admin" page layout, which uses Twitter Bootstrap for
        basic styling.
      - I've rejigged both the NIPSA and the administrator users pages to make
        use of bootstrap.
      f7faf653
    • Nick Stenning's avatar
      Merge pull request #2399 from hypothesis/jpm · 891d612a
      Nick Stenning authored
      Update Firefox extension for Jetpack Manager tool
      891d612a
    • Randall Leeds's avatar
      Merge pull request #2403 from hypothesis/simpler-session-service · f4e9e5de
      Randall Leeds authored
      Simpler session service
      f4e9e5de
  7. 24 Jul, 2015 2 commits
    • Nick Stenning's avatar
      Roll xsrf value into session service · 3ed424cb
      Nick Stenning authored
      Rather than using a separate named value to keep track of the current
      CSRF token, simply treat this as part of the session state.
      3ed424cb
    • Nick Stenning's avatar
      Consolidate session service and session helpers · ed44cb77
      Nick Stenning authored
      This commit does three things. In order of importance:
      
      - wraps the ngResource for managing session state in a service, which
        allows us to expose current session state as `session.state` on that
        instance. This means that components of the application that don't
        want to alter or explicitly fetch session state, but wish to display
        some part of it (such as the current authenticated userid, etc.) can
        do so more easily.
      - moves configuration of the session resources into the session service
        rather than requiring configuration from outside via a
        sessionProvider.
      - translates the session service to JavaScript from CoffeeScript.
      ed44cb77