cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge remote-tracking branch 'upstream/pull/2177'

Browse source
This commit is contained in:
Tom Hughes 2019-03-16 15:39:03 +00:00
commit e3ed9988ce
73 changed files with 446 additions and 403 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/api/amf_controller.rb
View file

@ -131,7 +131,7 @@ module Api
def amf_handle_error_with_timeout(call, rootobj, rootid)
amf_handle_error(call, rootobj, rootid) do
OSM::Timer.timeout(API_TIMEOUT, OSM::APITimeoutError) do
OSM::Timer.timeout(Settings.api_timeout, OSM::APITimeoutError) do
yield
end
end

6
app/controllers/api/map_controller.rb
View file

@ -30,11 +30,11 @@ module Api
return
end
nodes = Node.bbox(bbox).where(:visible => true).includes(:node_tags).limit(MAX_NUMBER_OF_NODES + 1)
nodes = Node.bbox(bbox).where(:visible => true).includes(:node_tags).limit(Settings.max_number_of_nodes + 1)
node_ids = nodes.collect(&:id)
if node_ids.length > MAX_NUMBER_OF_NODES
report_error("You requested too many nodes (limit is #{MAX_NUMBER_OF_NODES}). Either request a smaller area, or use planet.osm")
if node_ids.length > Settings.max_number_of_nodes
report_error("You requested too many nodes (limit is #{Settings.max_number_of_nodes}). Either request a smaller area, or use planet.osm")
return
end

4
app/controllers/api/notes_controller.rb
View file

@ -37,7 +37,7 @@ module Api
bbox.check_boundaries
# Check the the bounding box is not too big
bbox.check_size(MAX_NOTE_REQUEST_AREA)
bbox.check_size(Settings.max_note_request_area)
# Find the notes we want to return
@notes = notes.bbox(bbox).order("updated_at DESC").limit(result_limit).preload(:comments)
@ -190,7 +190,7 @@ module Api
bbox = BoundingBox.from_bbox_params(params)
bbox.check_boundaries
bbox.check_size(MAX_NOTE_REQUEST_AREA)
bbox.check_size(Settings.max_note_request_area)
notes = notes.bbox(bbox)
end

4
app/controllers/api/tracepoints_controller.rb
View file

@ -19,7 +19,7 @@ module Api
return
end
offset = page * TRACEPOINTS_PER_PAGE
offset = page * Settings.tracepoints_per_page
# Figure out the bbox
# check boundary is sane and area within defined
@ -36,7 +36,7 @@ module Api
# get all the points
ordered_points = Tracepoint.bbox(bbox).joins(:trace).where(:gpx_files => { :visibility => %w[trackable identifiable] }).order("gpx_id DESC, trackid ASC, timestamp ASC")
unordered_points = Tracepoint.bbox(bbox).joins(:trace).where(:gpx_files => { :visibility => %w[public private] }).order("gps_points.latitude", "gps_points.longitude", "gps_points.timestamp")
points = ordered_points.union_all(unordered_points).offset(offset).limit(TRACEPOINTS_PER_PAGE)
points = ordered_points.union_all(unordered_points).offset(offset).limit(Settings.tracepoints_per_page)
doc = XML::Document.new
doc.encoding = XML::Encoding::UTF_8

14
app/controllers/application_controller.rb
View file

@ -52,7 +52,7 @@ class ApplicationController < ActionController::Base
end
def require_oauth
@oauth = current_user.access_token(OAUTH_KEY) if current_user && defined? OAUTH_KEY
@oauth = current_user.access_token(Settings.oauth_key) if current_user && Settings.key?(:oauth_key)
end
##
@ -272,7 +272,7 @@ class ApplicationController < ActionController::Base
##
# wrap an api call in a timeout
def api_call_timeout
OSM::Timer.timeout(API_TIMEOUT, Timeout::Error) do
OSM::Timer.timeout(Settings.api_timeout, Timeout::Error) do
yield
end
rescue Timeout::Error
@ -282,7 +282,7 @@ class ApplicationController < ActionController::Base
##
# wrap a web page in a timeout
def web_timeout
OSM::Timer.timeout(WEB_TIMEOUT, Timeout::Error) do
OSM::Timer.timeout(Settings.web_timeout, Timeout::Error) do
yield
end
rescue ActionView::Template::Error => ex
@ -333,7 +333,7 @@ class ApplicationController < ActionController::Base
append_content_security_policy_directives(
:child_src => %w[http://127.0.0.1:8111 https://127.0.0.1:8112],
:frame_src => %w[http://127.0.0.1:8111 https://127.0.0.1:8112],
:connect_src => [NOMINATIM_URL, OVERPASS_URL, FOSSGIS_OSRM_URL, GRAPHHOPPER_URL],
:connect_src => [Settings.nominatim_url, Settings.overpass_url, Settings.fossgis_osrm_url, Settings.graphhopper_url],
:form_action => %w[render.openstreetmap.org],
:style_src => %w['unsafe-inline']
)
@ -357,7 +357,7 @@ class ApplicationController < ActionController::Base
elsif current_user&.preferred_editor
current_user.preferred_editor
else
DEFAULT_EDITOR
Settings.default_editor
end
editor
@ -366,9 +366,9 @@ class ApplicationController < ActionController::Base
helper_method :preferred_editor
def update_totp
if defined?(TOTP_KEY)
if Settings.key?(:totp_key)
cookies["_osm_totp_token"] = {
:value => ROTP::TOTP.new(TOTP_KEY, :interval => 3600).now,
:value => ROTP::TOTP.new(Settings.totp_key, :interval => 3600).now,
:domain => "openstreetmap.org",
:expires => 1.hour.from_now
}

6
app/controllers/diary_entries_controller.rb
View file

@ -158,7 +158,7 @@ class DiaryEntriesController < ApplicationController
@entries = user.diary_entries
@title = t("diary_entries.feed.user.title", :user => user.display_name)
@description = t("diary_entries.feed.user.description", :user => user.display_name)
@link = url_for :action => "index", :display_name => user.display_name, :host => SERVER_URL, :protocol => SERVER_PROTOCOL
@link = url_for :action => "index", :display_name => user.display_name, :host => Settings.server_url, :protocol => Settings.server_protocol
else
head :not_found
return
@ -170,11 +170,11 @@ class DiaryEntriesController < ApplicationController
@entries = @entries.where(:language_code => params[:language])
@title = t("diary_entries.feed.language.title", :language_name => Language.find(params[:language]).english_name)
@description = t("diary_entries.feed.language.description", :language_name => Language.find(params[:language]).english_name)
@link = url_for :action => "index", :language => params[:language], :host => SERVER_URL, :protocol => SERVER_PROTOCOL
@link = url_for :action => "index", :language => params[:language], :host => Settings.server_url, :protocol => Settings.server_protocol
else
@title = t("diary_entries.feed.all.title")
@description = t("diary_entries.feed.all.description")
@link = url_for :action => "index", :host => SERVER_URL, :protocol => SERVER_PROTOCOL
@link = url_for :action => "index", :host => Settings.server_url, :protocol => Settings.server_protocol
end
end

18
app/controllers/geocoder_controller.rb
View file

@ -15,7 +15,7 @@ class GeocoderController < ApplicationController
if @params[:lat] && @params[:lon]
@sources.push "latlon"
@sources.push "osm_nominatim_reverse"
@sources.push "geonames_reverse" if defined?(GEONAMES_USERNAME)
@sources.push "geonames_reverse" if Settings.key?(:geonames_username)
elsif @params[:query]
if @params[:query] =~ /^\d{5}(-\d{4})?$/
@sources.push "osm_nominatim"
@ -26,7 +26,7 @@ class GeocoderController < ApplicationController
@sources.push "osm_nominatim"
else
@sources.push "osm_nominatim"
@sources.push "geonames" if defined?(GEONAMES_USERNAME)
@sources.push "geonames" if Settings.key?(:geonames_username)
end
end
@ -93,7 +93,7 @@ class GeocoderController < ApplicationController
if response.get_elements("geodata/error").empty?
@results.push(:lat => response.text("geodata/latt"),
:lon => response.text("geodata/longt"),
:zoom => POSTCODE_ZOOM,
:zoom => Settings.postcode_zoom,
:name => query.upcase)
end
@ -118,7 +118,7 @@ class GeocoderController < ApplicationController
exclude = "&exclude_place_ids=#{params[:exclude]}" if params[:exclude]
# ask nominatim
response = fetch_xml("#{NOMINATIM_URL}search?format=xml&extratags=1&q=#{escape_query(query)}#{viewbox}#{exclude}&accept-language=#{http_accept_language.user_preferred_languages.join(',')}")
response = fetch_xml("#{Settings.nominatim_url}search?format=xml&extratags=1&q=#{escape_query(query)}#{viewbox}#{exclude}&accept-language=#{http_accept_language.user_preferred_languages.join(',')}")
# extract the results from the response
results = response.elements["searchresults"]
@ -182,7 +182,7 @@ class GeocoderController < ApplicationController
@results = []
# ask geonames.org
response = fetch_xml("http://api.geonames.org/search?q=#{escape_query(query)}&lang=#{lang}&maxRows=20&username=#{GEONAMES_USERNAME}")
response = fetch_xml("http://api.geonames.org/search?q=#{escape_query(query)}&lang=#{lang}&maxRows=20&username=#{Settings.geonames_username}")
# parse the response
response.elements.each("geonames/geoname") do |geoname|
@ -192,7 +192,7 @@ class GeocoderController < ApplicationController
country = geoname.text("countryName")
@results.push(:lat => lat, :lon => lon,
:zoom => GEONAMES_ZOOM,
:zoom => Settings.geonames_zoom,
:name => name,
:suffix => ", #{country}")
end
@ -213,7 +213,7 @@ class GeocoderController < ApplicationController
@results = []
# ask nominatim
response = fetch_xml("#{NOMINATIM_URL}reverse?lat=#{lat}&lon=#{lon}&zoom=#{zoom}&accept-language=#{http_accept_language.user_preferred_languages.join(',')}")
response = fetch_xml("#{Settings.nominatim_url}reverse?lat=#{lat}&lon=#{lon}&zoom=#{zoom}&accept-language=#{http_accept_language.user_preferred_languages.join(',')}")
# parse the response
response.elements.each("reversegeocode/result") do |result|
@ -247,7 +247,7 @@ class GeocoderController < ApplicationController
@results = []
# ask geonames.org
response = fetch_xml("http://api.geonames.org/countrySubdivision?lat=#{lat}&lng=#{lon}&lang=#{lang}&username=#{GEONAMES_USERNAME}")
response = fetch_xml("http://api.geonames.org/countrySubdivision?lat=#{lat}&lng=#{lon}&lang=#{lang}&username=#{Settings.geonames_username}")
# parse the response
response.elements.each("geonames/countrySubdivision") do |geoname|
@ -255,7 +255,7 @@ class GeocoderController < ApplicationController
country = geoname.text("countryName")
@results.push(:lat => lat, :lon => lon,
:zoom => GEONAMES_ZOOM,
:zoom => Settings.geonames_zoom,
:name => name,
:suffix => ", #{country}")
end

2
app/controllers/messages_controller.rb
View file

@ -26,7 +26,7 @@ class MessagesController < ApplicationController
@message.sender = current_user
@message.sent_on = Time.now.getutc
if current_user.sent_messages.where("sent_on >= ?", Time.now.getutc - 1.hour).count >= MAX_MESSAGES_PER_HOUR
if current_user.sent_messages.where("sent_on >= ?", Time.now.getutc - 1.hour).count >= Settings.max_messages_per_hour
flash[:error] = t ".limit_exceeded"
render :action => "new"
elsif @message.save

2
app/controllers/oauth_controller.rb
View file

@ -39,7 +39,7 @@ class OauthController < ApplicationController
end
def oauth1_authorize
override_content_security_policy_directives(:form_action => []) if CSP_ENFORCE || defined?(CSP_REPORT_URL)
override_content_security_policy_directives(:form_action => []) if Settings.csp_enforce || Settings.key?(:csp_report_url)
if @token.invalidated?
@message = t "oauth.authorize_failure.invalid"

4
app/controllers/traces_controller.rb
View file

@ -121,7 +121,7 @@ class TracesController < ApplicationController
flash[:notice] = t ".trace_uploaded"
flash[:warning] = t ".traces_waiting", :count => current_user.traces.where(:inserted => false).count if current_user.traces.where(:inserted => false).count > 4
TraceImporterJob.perform_later(@trace) if TRACE_USE_JOB_QUEUE
TraceImporterJob.perform_later(@trace) if Settings.trace_use_job_queue
redirect_to :action => :index, :display_name => current_user.display_name
else
flash[:error] = t("traces.create.upload_failed") if @trace.valid?
@ -205,7 +205,7 @@ class TracesController < ApplicationController
trace.visible = false
trace.save
flash[:notice] = t ".scheduled_for_deletion"
TraceDestroyerJob.perform_later(trace) if TRACE_USE_JOB_QUEUE
TraceDestroyerJob.perform_later(trace) if Settings.trace_use_job_queue
redirect_to :action => :index, :display_name => trace.user.display_name
end
rescue ActiveRecord::RecordNotFound

8
app/controllers/users_controller.rb
View file

@ -16,7 +16,7 @@ class UsersController < ApplicationController
before_action :allow_thirdparty_images, :only => [:show, :account]
def terms
@legale = params[:legale] || OSM.ip_to_country(request.remote_ip) || DEFAULT_LEGALE
@legale = params[:legale] || OSM.ip_to_country(request.remote_ip) || Settings.default_legale
@text = OSM.legal_text_for_country(@legale)
if request.xhr?
@ -332,7 +332,7 @@ class UsersController < ApplicationController
flash[:error] = t "users.confirm_resend.failure", :name => params[:display_name]
else
Notifier.signup_confirm(user, user.tokens.create).deliver_later
flash[:notice] = t("users.confirm_resend.success", :email => user.email, :sender => SUPPORT_EMAIL).html_safe
flash[:notice] = t("users.confirm_resend.success", :email => user.email, :sender => Settings.support_email).html_safe
end
redirect_to :action => "login"
@ -521,7 +521,7 @@ class UsersController < ApplicationController
when "active", "confirmed" then
successful_login(user, request.env["omniauth.params"]["referer"])
when "suspended" then
failed_login t("users.login.account is suspended", :webmaster => "mailto:#{SUPPORT_EMAIL}").html_safe
failed_login t("users.login.account is suspended", :webmaster => "mailto:#{Settings.support_email}").html_safe
else
failed_login t("users.login.auth failure")
end
@ -549,7 +549,7 @@ class UsersController < ApplicationController
elsif user = User.authenticate(:username => username, :password => password, :pending => true)
unconfirmed_login(user)
elsif User.authenticate(:username => username, :password => password, :suspended => true)
failed_login t("users.login.account is suspended", :webmaster => "mailto:#{SUPPORT_EMAIL}").html_safe, username
failed_login t("users.login.account is suspended", :webmaster => "mailto:#{Settings.support_email}").html_safe, username
else
failed_login t("users.login.auth failure"), username
end