cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
13737 commits 4 branches 1 tag 499 MiB
Commit graph

811 commits

Author SHA1 Message Date
Andy Allan
cb68450ac7 Simplify margins when showing diary entries 2021-11-24 12:24:16 +00:00
Tom Hughes
abbd5a30d4 Validate any origin passed the auth failure callback 
Fixes #3375
 2021-11-23 17:33:19 +00:00
Tom Hughes
e21b9b2bf1 Merge remote-tracking branch 'upstream/pull/3365' 2021-11-11 15:33:08 +00:00
Andy Allan
75749cc540 Convert remaining heading titles to use h1 
This makes them consistent with all the other pages that use h1
in the `content_for :heading` sections
 2021-11-11 15:12:23 +00:00
Andy Allan
3719e8defb Remove the userinformation ids from headings 
The style rule was removed in 3f8cf32272
and they were otherwise only used in the tests.
 2021-11-11 14:53:36 +00:00
Andy Allan
826a864e6c Remove the contact-activity class 
The margin-top is better replaced with a bottom margin on the
preceding element, and the width is unnecessary in the grid layout.
 2021-11-03 18:35:42 +00:00
Tom Hughes
5966acc207 Merge remote-tracking branch 'upstream/pull/3300' 2021-10-07 17:45:07 +01:00
Andy Allan
9ab15f38ea Move the tracepoint coordinate format test to the controller test 
This allows us to remove the model method
 2021-09-29 15:25:28 +01:00
Tom Hughes
e91c02f2ce Merge remote-tracking branch 'upstream/pull/3297' 2021-09-15 18:44:23 +01:00
Andy Allan
d07ce46929 Move the xml format test for old nodes to the controller test 
This allows us to remove the model method
 2021-09-15 17:05:34 +01:00
Andy Allan
76f1d7bc78 Use a builder to render changeset downloads 2021-09-15 16:33:04 +01:00
Andy Allan
fa7d64b788 Fix test 2021-09-15 14:36:08 +01:00
Tom Hughes
350ac303f1 Check that user email address are only returned with read_email 2021-08-26 17:22:25 +01:00
Tom Hughes
5723ba0624 Check that use of privileged scopes is restricted to administrators 2021-08-26 17:22:25 +01:00
Tom Hughes
6c6e8883f7 Introduce privileged scopes that only an administrator can enable 2021-08-26 17:22:24 +01:00
Tom Hughes
4389eff647 Improve testing of user details API responses 2021-08-24 18:41:07 +01:00
Andy Allan
cb7b79a58f Split the non-public information off of the profile page 
This opens up many possibilities for more interesting things to be
shown on the dashboard, as well as making it easier to find if
you have lots of content in your profile.
 2021-08-18 13:32:36 +01:00
Andy Allan
36f6d8d85d Fix redirect to terms path when not logged in 
This was missed during #3147 since it wasn't covered by a test.
 2021-07-28 16:36:13 +01:00
Tom Hughes
abd98757b6 Improve capitalisation of page titles 2021-07-22 19:00:08 +01:00
Tom Hughes
f1935b1c57 Merge remote-tracking branch 'upstream/pull/3257' 2021-07-21 19:24:31 +01:00
Josh Soref
8e951a8340 spelling: unknown 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2021-07-21 10:45:38 -04:00
Josh Soref
fc0aee74af spelling: success 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2021-07-21 10:45:38 -04:00
Josh Soref
7ff3d82c03 spelling: shouldn't 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2021-07-21 10:45:38 -04:00
Josh Soref
eee739356f spelling: modify 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2021-07-21 10:45:38 -04:00
Josh Soref
ff8e1b074a spelling: forbidden 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2021-07-21 10:45:38 -04:00
Andy Allan
37b03e47c6 Fix various code comments 
These were found as part of #3233
 2021-07-21 11:24:23 +01:00
Andy Allan
caf2e2a242 Move profile-related settings to their own form 
Refs #3167
 2021-07-14 17:45:19 +01:00
Andy Allan
2403630da8 Split user preferences into a separate page 
Refs #3167
 2021-07-14 17:40:20 +01:00
Tom Hughes
d3c800fdb4 Fix new rubocop warnings 2021-06-29 18:29:00 +01:00
Tom Hughes
608aafbf14 Make /api/0.6/permissions work for OAuth 2 clients 2021-06-27 00:38:16 +01:00
Tom Hughes
8d76be71bb Merge remote-tracking branch 'upstream/pull/3177' 2021-06-24 08:43:18 +01:00
Andy Allan
24f6aeda6a Use hash-based flash objects to render complex flash messages 
Since flash objects can only be String, Hash or Array (notably excluding SafeBuffers), then this approach is necessary to render complex html in a safe manner.

Each local can be treated as an (unsafe) string, and therefore escaped normally when rendered into the template. The template (and translation strings) can
contain html since they are no longer stored in the flash as a plain string.

Fixes #3215
 2021-06-23 20:10:55 +01:00
Tom Hughes
f064a18a16 Add tests for OAuth2 2021-05-18 12:05:33 +01:00
Andy Allan
7158426ebb
Merge pull request #3169 from harry-wood/empty-lists 
Display message when the there are no notes/comments to display
 2021-04-28 10:36:09 +01:00
Tom Hughes
914ec8723c Fix new rubocop warnings 2021-04-20 18:29:41 +01:00
Andy Allan
28af501924 Merge branch 'pull/3164' 2021-04-14 16:13:29 +01:00
Andy Allan
6bb18436a3 Add tests for routing and to ensure output format 
This avoids the tests passing if the json output is an array of kv pairs,
instead of the desired hash of attributes.
 2021-04-14 16:11:57 +01:00
Harry Wood
95d682119a Display no diary comments message when empty 
Display a 'No diary comments' message when there are no diary comments to display, rather than an empty table.
 2021-04-10 00:47:20 +01:00
Michal Migurski
a968c1b923 Added test for user prefs JSON response 2021-04-09 14:28:13 -07:00
Harry Wood
de8ee536b1 Display no notes message when empty 
Display a 'No notes' message when there are no notes to display, rather than an empty table with pagination features.
 2021-04-09 19:21:09 +01:00
Andy Allan
094d6c8bb9 Move confirmation methods into ConfirmationsController 2021-04-07 16:05:32 +01:00
Andy Allan
7a66c6d4eb Split password reset functionality into PasswordsController 2021-04-07 16:05:28 +01:00
Tom Hughes
e0d501f832 Don't allow deleted users to be confirmed 2021-04-01 17:28:03 +01:00
Andy Allan
9fd96cfb87 Move sessions-related tests out of UsersControllerTest 2021-03-24 11:40:17 +00:00
Andy Allan
f18baae22e Refactor login/logout into sessions controller 
Certain controller methods are shared with oauth-based logins, and these have been
moved to a concern.
 2021-03-24 11:32:46 +00:00
Andy Allan
a08fe1c291 Use list-inline to achieve spacing between elements on a line 
This is a better solution than spans and margins. Additionally, rework
to use mb-* instead of my-* (bootstrap advises against using margin-top)
and get rid of <br>s by using paragraphs instead.
 2021-03-17 18:57:36 +00:00
Andy Allan
4dc584421a Refactor traces list display 
Ideas taken from #3036
 2021-03-17 18:04:00 +00:00
Andy Allan
38ad8fbc36 Use login_path instead of explicit controller and actions 
This makes future refactoring easier.
 2021-03-10 14:31:55 +00:00
Tom Hughes
1f136a84a6 Prevent CSRF bypass with login form 2021-02-10 20:39:23 +00:00
Tom Hughes
51af102c00 Prevent CSRF bypass with password reset form 2021-02-09 23:00:21 +00:00