uclibs / application_portfolio / 25232206028

Builds Branch Commit Type Ran Committer Via Coverage
25232206028 LIBAPPO1-23-implement-sso Rubocop fix Pull #421 Janell-Huyck circleci
73.02
25230646295 LIBAPPO1-23-implement-sso Harden Shibboleth attribute reads and gate local email sign-in. Trust only canonical HTTP_* Shibboleth headers by default; optional allow_legacy_shibboleth_env_keys restores redirect/unscoped env compatibility. Require allow_email_sign_in for pas... Pull #421 Janell-Huyck circleci
72.7
25229996487 LIBAPPO1-23-implement-sso Use stubbed users in profile view specs to avoid uniqueness collisions. Switch current_user fixtures to build_stubbed so route generation keeps an id without inserting duplicate email/eppn rows between examples. Co-authored-by: Cursor <cursorage... Pull #421 Janell-Huyck circleci
72.68
25217821878 LIBAPPO1-23-implement-sso Handle null-like Shibboleth identity values during account provisioning. Treat nil/null/undefined string payloads as missing when normalizing names and emails so fallback generation is reliable, and align first-login existence checks with normali... Pull #421 Janell-Huyck circleci
71.85
25217277046 LIBAPPO1-23-implement-sso Allow Shibboleth provisioning without UC-domain emails. Trust SSO-provided identity by removing UC-domain restrictions, add deterministic fallback name/email generation for missing attributes, and update Shibboleth coverage for the new onboarding... Pull #421 Janell-Huyck circleci
71.65
25216465457 LIBAPPO1-23-implement-sso Improve Shibboleth onboarding diagnostics for new domains. Allow qamail.uc.edu identities during first-time login and surface exact validation failures on a dedicated troubleshooting page with coverage to prevent regressions. Made-with: Cursor Pull #421 Janell-Huyck circleci
71.69
25188945433 LIBAPPO1-23-implement-sso Add focused coverage for first-login profile completion gating. Verify that only newly provisioned Shibboleth users are redirected for profile completion and that the session flag clears once profile data is complete. Made-with: Cursor Pull #421 Janell-Huyck circleci
71.47
25188412317 LIBAPPO1-23-implement-sso Harden edit-user return path handling to satisfy Brakeman XSS checks. Move return_to sanitization into UsersController via url_from and consume only trusted paths in the edit view and related spec. Made-with: Cursor Pull #421 Janell-Huyck circleci
71.05
25186014135 LIBAPPO1-23-implement-sso Add view coverage for readonly profile identity fields and cancel action. Assert the edit user view renders readonly name/email inputs, preserves return_to context, and shows both Save and Cancel controls. Made-with: Cursor Pull #421 Janell-Huyck circleci
70.98
25185926688 LIBAPPO1-23-implement-sso Improve readonly field clarity and add profile edit cancel action. Strengthen locked-field visual styling for SSO-managed identity inputs and add a context-aware Cancel button to the profile edit form so users can exit without saving. Made-with:... push Janell-Huyck circleci
70.98
25185760899 LIBAPPO1-23-implement-sso Preserve self-profile redirect context after update. Carry return_to through the edit form and fall back self-updates to the profile page so viewer profile saves do not redirect into admin-only user views. Made-with: Cursor Pull #421 Janell-Huyck circleci
70.98
25185094717 LIBAPPO1-23-implement-sso Allow self-profile updates for user role and mark locked fields visually. Permit edit/update for the default user role while preserving self-or-admin restrictions, and style readonly name/email fields so disabled identity inputs are clearly visib... Pull #421 Janell-Huyck circleci
70.95
25183153495 LIBAPPO1-23-implement-sso Add return_to-aware profile update redirects. Send first-login profile completion back to dashboard while allowing profile-initiated edits to return to the profile page via a validated return_to parameter. Made-with: Cursor Pull #421 Janell-Huyck circleci
70.95
25182869674 LIBAPPO1-23-implement-sso Redirect profile updates to dashboard and remove password wording. Send users to the dashboard after profile edits and update the profile page action label to remove the remaining change-password reference. Made-with: Cursor push Janell-Huyck circleci
70.85
25182665638 LIBAPPO1-23-implement-sso Allow profile updates without passwords in Devise registrations. Override registration updates to use update_without_password so users can edit profile fields in the passwordless flow, and add a controller spec to prevent regressions. Made-with:... push Janell-Huyck circleci
70.8