cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
14580 commits 4 branches 1 tag 499 MiB
Commit graph

65 commits

Author SHA1 Message Date
Andy Allan
ffda8d7ac5
Merge pull request #4680 from tomhughes/validate-page-numbers 
Add parameter validation to pagination
 2024-05-15 17:43:04 +01:00
Milan Cvetkovic
f8a606869e Remove email confirmation field in signup form 2024-04-27 12:44:09 +01:00
Milan Cvetkovic
1276fb944a Merge login and terms screens, assume TOU and contributor terms are accepted on /user/new form 
This eliminates the need for "terms" screen after /user/new form..
Terms screen is still required for legacy users who never accepted the terms.
 2024-04-27 12:44:09 +01:00
Tom Hughes
e3c43e4a1a Add validation for before/after parameters to pagination concern 2024-04-11 10:08:20 +01:00
Anton Khorev
9f8e4fd60a Use before/after pagination on users page 2024-03-26 05:44:35 +03:00
Anton Khorev
fa00a38664 Shorten user path helper calls in tests 2024-03-19 07:07:00 +03:00
Anton Khorev
0b901889da Count only tbody rows when testing tables 2024-03-18 01:31:12 +03:00
Anton Khorev
bde2faac58 Remove assert_response when followed by assert_redirected_to 2024-03-03 10:56:50 +03:00
Tom Hughes
4dff06a629 Use rails tokens for signup confirmations 2024-02-24 13:53:05 +00:00
Anton Khorev
caf49bb25d Show user id on profile pages to moderators and admins 2023-09-05 13:35:08 +03:00
Andy Allan
415ac577f3 Remove some old debugging comments 2022-12-21 12:05:15 +00:00
Andy Allan
934d81aa55 Bootstrap 5: Replace all form-group classes with mb-3 2022-07-20 14:42:57 +01:00
Tom Hughes
446837c351 Merge remote-tracking branch 'upstream/pull/3419' 2022-02-03 18:37:12 +00:00
Andy Allan
1a11c4dc19 Use a state machine for user status 
The user status is a bit complex, since there are various states and
not all transitions between them make sense.

Using AASM means that we can name and restrict the transitions, which
hopefully makes them easier to reason about.
 2022-01-12 18:16:14 +00:00
Andy Allan
4436099e31 Remove params from user deletion test 
They have no effect, and are likely a copy-paste error from when
the test was first written in 39a54f8c14
 2022-01-12 16:45:58 +00:00
Andy Allan
a8e8ba1a64 Refactor the account edit/update pages out into a separate accounts controller 2021-12-08 15:17:50 +00:00
Tom Hughes
abbd5a30d4 Validate any origin passed the auth failure callback 
Fixes #3375
 2021-11-23 17:33:19 +00:00
Andy Allan
3719e8defb Remove the userinformation ids from headings 
The style rule was removed in 3f8cf32272
and they were otherwise only used in the tests.
 2021-11-11 14:53:36 +00:00
Andy Allan
fa7d64b788 Fix test 2021-09-15 14:36:08 +01:00
Andy Allan
cb7b79a58f Split the non-public information off of the profile page 
This opens up many possibilities for more interesting things to be
shown on the dashboard, as well as making it easier to find if
you have lots of content in your profile.
 2021-08-18 13:32:36 +01:00
Andy Allan
36f6d8d85d Fix redirect to terms path when not logged in 
This was missed during #3147 since it wasn't covered by a test.
 2021-07-28 16:36:13 +01:00
Andy Allan
caf2e2a242 Move profile-related settings to their own form 
Refs #3167
 2021-07-14 17:45:19 +01:00
Andy Allan
2403630da8 Split user preferences into a separate page 
Refs #3167
 2021-07-14 17:40:20 +01:00
Andy Allan
094d6c8bb9 Move confirmation methods into ConfirmationsController 2021-04-07 16:05:32 +01:00
Andy Allan
7a66c6d4eb Split password reset functionality into PasswordsController 2021-04-07 16:05:28 +01:00
Tom Hughes
e0d501f832 Don't allow deleted users to be confirmed 2021-04-01 17:28:03 +01:00
Andy Allan
9fd96cfb87 Move sessions-related tests out of UsersControllerTest 2021-03-24 11:40:17 +00:00
Andy Allan
f18baae22e Refactor login/logout into sessions controller 
Certain controller methods are shared with oauth-based logins, and these have been
moved to a concern.
 2021-03-24 11:32:46 +00:00
Andy Allan
38ad8fbc36 Use login_path instead of explicit controller and actions 
This makes future refactoring easier.
 2021-03-10 14:31:55 +00:00
Tom Hughes
1f136a84a6 Prevent CSRF bypass with login form 2021-02-10 20:39:23 +00:00
Tom Hughes
51af102c00 Prevent CSRF bypass with password reset form 2021-02-09 23:00:21 +00:00
Tom Hughes
7810734ac4 Prevent CSRF bypass updating account details 
Fixes #3089
 2021-02-08 12:24:43 +00:00
Andy Allan
a7d959e588 Refactor account form to use bootstrap 
There's further refactoring that could be done, but this is sufficient for now.
 2021-01-27 17:59:58 +00:00
Andy Allan
cc8bb7c6a5 Refactor user registration form to use bootstrap 2021-01-20 15:38:10 +00:00
Tom Hughes
812f5b44e8 Redirect after saving settings in case the username has changed 
Fixes #3059
 2021-01-19 18:57:34 +00:00
Tom Hughes
0ff89c31e4 Remove both Potlatch versions 
Fixes #2622
 2021-01-05 21:18:45 +00:00
Tom Hughes
21adea321b Convert password reset forms to use bootstrap 2020-09-04 00:36:43 +01:00
Tom Hughes
c11142d5c0 Convert logout form to use bootstrap 2020-09-03 23:52:59 +01:00
Andy Allan
600812f6ad Rework user#set_status and #delete to avoid GET requests 
This renames the delete action to destroy, and starts using resourceful
routing for user actions.
 2020-06-10 11:49:18 +02:00
Andy Allan
59c90aa023 Move friendship related tests to separate file 2020-06-03 17:51:11 +02:00
Andy Allan
3a16c465f7 Refactor user controller tests 
Because we don't have direct access to the session and cookies, some
of the tests need more setup e.g. by moving through the signup process
to get the session tokens into the right place for the confirmation
steps to work.
 2020-05-13 18:08:22 +02:00
Tom Hughes
7a1615bc55 Fix rubocop-minitest warnings 2020-04-15 19:07:13 +01:00
Andy Allan
f885cfe0f5 Rename form-row to standard-form-row to avoid clashing with a bootstrap class 2020-01-15 17:16:11 +01:00
Tom Hughes
e72acaca9b Merge remote-tracking branch 'upstream/pull/2495' 2020-01-15 10:11:30 +00:00
Andy Allan
9643e3393d Update tests to ensure referer is working 
This reinstates the form tests in the controller test, but uses
the system tests to actually click the button and make sure that
it works
 2020-01-08 18:26:57 +01:00
Andy Allan
8a774e7519 Use a post link to logout 
This avoids needing to access the session id, which is currently
only working with the memcache store.

The fallback page is preserved for anyone who wants to logout without
using javascript.

Refs #2488
 2020-01-08 14:03:05 +01:00
Tom Hughes
473da378b7 Remove fallback to hostip.info 
We haven't used hostip.info in production for years, except
for when we did so by accident, leading to a two hour partial
outage when it went down.
 2020-01-06 19:14:12 +00:00
Tom Hughes
e219916dcb When overriding setup make sure to call the superclass 2019-09-05 21:24:20 +01:00
Tom Hughes
91a37235ac Remove support for old style user images 2019-07-16 22:33:26 +01:00
Tom Hughes
6c202448ad Move user images to Active Storage with paperclip as a fallback 2019-07-09 19:17:30 +01:00