cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
16046 commits 4 branches 1 tag 499 MiB
Commit graph

27 commits

Author SHA1 Message Date
Anton Khorev
b8247478f4 Use resourceful routes for granting/revoking user roles 2024-11-06 18:38:26 +03:00
Andy Allan
f5db9cbb20 Avoid using _id in queries 
This makes the queries shorter and easier to read.
 2023-08-30 17:08:16 +01:00
Anton Khorev
4ceebefefa Move user lookup and error render to concerns 2023-08-21 17:29:55 +03:00
Tom Hughes
6982903ae7 Fix predicate method names in the user model 2023-08-15 18:53:14 +01:00
Andy Allan
a3a10237f7 Use CanCanCan for user_roles auth 2018-11-28 21:39:26 +01:00
Andy Allan
7b2af50f4a Refactor @this_user to @user 
Historically we used @user for the currently logged in user, but
this was changed to `current_user` in 2017.
 2018-04-11 11:42:33 +08:00
Andy Allan
9f84c6f46e Use user_path links. Fixes #1785 2018-03-21 11:33:45 +08:00
mmd-osm
e21c967fdd Revoking administrator role on current user should fail 
Fixes #1697
Closes #1701
 2017-12-19 17:31:34 +00:00
Andy Allan
d581f17665 Avoid using or comparing explicit model ids 
The code is easier to read using higher-level concepts.
 2017-10-22 21:58:09 +01:00
Andy Allan
6f89da05d1 Use current_user to represent the currently logged in user. 
This is already used by the oauth plugin, and is a general rails convention.
 2017-07-12 16:10:50 +01:00
Tom Hughes
9b89d4eefe Remove conditions from delete_all 
Passing conditions directory to delete_all is deprecated
in rails 5.0 so use a separate where instead.
 2017-06-02 16:33:48 +01:00
Tom Hughes
dbe165bbb3 Fix some rubocop rails style issues 2015-02-26 00:12:54 +00:00
Tom Hughes
dc2a2c8ebd Standardise on double quoted strings 2015-02-20 19:47:26 +00:00
Tom Hughes
ef7f3d800c Fix most auto-correctable rubocop issues 2015-02-20 08:56:16 +00:00
Tom Hughes
34e3e51456 Cleanup trailing whitespace 2015-02-20 08:56:16 +00:00
Tom Hughes
f0feca800d Replace attr_accessible with strong parameters 2013-09-21 11:35:46 +01:00
Tom Hughes
311f7ddd6e Factor out common code for looking up users 2012-03-21 22:22:33 +00:00
Tom Hughes
a9824dbc2e Use one "no_such_user" view everywhere 2012-03-21 21:47:09 +00:00
Tom Hughes
38a610fd31 Add functional tests for the user_roles controller 2012-03-20 17:21:13 +00:00
Tom Hughes
5f33656c8d Get rid of custom CSRF protection for user role changes 
By restricting role changes to POST requests, which they should be
anyway, we get all the rails CSRF protection for free.
 2012-03-20 17:21:13 +00:00
Tom Hughes
1340fca8f1 Turn on mass assignment protection 
Require any attribute that is going to be mass assigned to be
whitelisted, and whitelist those attributes which need it
 2012-03-06 08:54:45 +00:00
Tom Hughes
e23744bd8d Add :warning and :error flash messages which can be styled separately to 
the existing :notice messages.

Also reviewd all existing flash messages and changed them to be errors or
warnings when appropriate and checked that those which are not followed by
a redirect are done as flash.now[] instead of flash[].
 2009-11-01 13:07:46 +00:00
Tom Hughes
54649a39a0 Correct comment. 2009-10-01 20:22:52 +00:00
Matt Amos
1e3b3c1f10 Refactored user_role and controller. Now much more DRY. 2009-10-01 17:15:34 +00:00
Matt Amos
ca06b3c7b1 New migration to add better auditing to user_roles and better column names there and on user_blocks. Added a helper for displaying block status messages. 2009-09-29 16:44:03 +00:00
Matt Amos
30d5e783e4 Added a confirmation step to the process of granting and revoking user roles. 2009-09-28 17:35:39 +00:00
Matt Amos
daa2496024 First version of blocking feature. Allows both time-based (for map protection) and notice-based (for education) blocks on users. Also introduces user roles and a simple UI for displaying and administering these. 2009-09-28 16:01:00 +00:00