cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
15438 commits 4 branches 1 tag 499 MiB
Commit graph

21 commits

Author SHA1 Message Date
Andy Allan
83425edd8d Move api error handling and timeouts to parent class 
Fixes #4861

Since the around_action is defined before authorize_resource is called,
the handler needs to pass on the CanCan::AccessDenied exception.

I've added the timeouts where I think they were missing (e.g. UserPreferencesController)
but I've kept the exception for changeset#upload and traces#create
 2024-10-02 16:37:32 +01:00
Andy Allan
c1cccd40fc Move check_api_readable to api_controller 
It's easier to skip the check in the two places that we need to, and
include it by default everywhere else.
 2024-05-29 14:54:16 +01:00
Andy Allan
f2aaec4735 Standardise on avoiding except lists for check_api_readable 
Although this is technically duplicative, it's much easier to read
and therefore to maintain, particularly if you put the _readable one
first.
 2024-05-29 14:51:47 +01:00
Anton Khorev
fba5528731 Remove require "xml/libxml" from controllers 2024-03-28 11:18:31 +03:00
Anton Khorev
604bba10ec Remove assert_method from api controllers 2024-03-25 07:15:16 +03:00
Tom Hughes
ba503e02d2 Enforce rate limit for API calls which make changes 2023-11-02 08:59:57 +00:00
Andy Allan
22946d703a Enable the ActionOrder cop for remaining controllers 
Where actions were reordered, the rails standard actions were
also moved to the top of each controller.
 2022-11-02 11:06:00 +00:00
Tom Hughes
7f619c6484 Check API status before authorizing access 
Fixes #3530
 2022-04-11 20:47:52 +01:00
Tom Hughes
582402ba8f Prefer keyword arguments when method has optional boolean arguments 2020-11-13 10:22:55 +00:00
Tom Hughes
aaf9d15d56 Rework set_default_request_format ast set_request_formats 
Instead of trying to work out the exact format, just figure
out the list of allowed formats and let rails do the rest.
 2020-02-29 15:28:23 +00:00
mmd-osm
03ca0b2c69 Added Accept header unit tests 2020-01-12 17:46:11 +01:00
mmd-osm
45a1d298a9 Move default_format_xml to api_controller 2019-12-30 17:26:00 +01:00
mmd-osm
75a49786f8 API JSON output 2019-12-30 16:37:52 +01:00
mmd-osm
84faaaf795 Rubocop 2019-06-28 22:05:38 +02:00
mmd-osm
fb953006a1 Replace respond_to with render xml format 2019-06-28 21:56:42 +02:00
mmd-osm
8ad1ce9798 Refactoring 2019-06-27 22:28:40 +02:00
mmd-osm
cf3cf5216f Avoid unnecessary arrays 2019-06-27 18:33:12 +02:00
mmd-osm
363155a2a8 Move xml gen. into view for (old) nodes, ways, relations, map 2019-05-07 22:16:22 +02:00
Andy Allan
742291a840 Simplify deny_access handling 
Now that we have all api controllers inheriting from a common base,
it's easier to override the deny_access handler without having to
switch between both.

Fixes #2064
 2019-03-20 14:39:17 +01:00
Andy Allan
3bb07e29ec Refactor api controllers to inherit from a common ApiController 2019-03-20 14:16:15 +01:00
Andy Allan
b38343e5bd Move node/way/relation/old_* controllers into the api namespace 2019-02-28 17:12:28 +01:00