cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2718 commits 4 branches 1 tag 499 MiB
Commit graph

1503 commits

Author SHA1 Message Date
Ævar Arnfjörð Bjarmason
1cea0df3d8 title/heading & XSS fix for /edit 2009-10-01 19:45:36 +00:00
Ævar Arnfjörð Bjarmason
c6f844603d Add <title> to /blocks and don't Camel Case headings 2009-10-01 19:27:15 +00:00
Ævar Arnfjörð Bjarmason
1a2ccfbb8f Set title on /blocks/:id and link to usernames 2009-10-01 19:18:23 +00:00
Ævar Arnfjörð Bjarmason
8d6d7b51e8 When a user hasn't made any blocks or been blocked don't display a 
skeleton table. Just a <p> saying there's nothing here.
 2009-10-01 19:04:38 +00:00
Ævar Arnfjörð Bjarmason
268a2cd474 * use h() on username to avoid XSS 
* Link to username in <h1>
 * Set <title> on /blocks and /blocks_by
 2009-10-01 18:49:38 +00:00
Matt Amos
9b82acded9 Adding title for role icons when viewing user isn't an admin, re-adding translations for those. 2009-10-01 18:09:31 +00:00
Ævar Arnfjörð Bjarmason
8a7040e155 Set title/h1 to something sensible when granting/revoking roles 2009-10-01 18:02:08 +00:00
Ævar Arnfjörð Bjarmason
1d59359202 Add title="" to the revoke/grant icons that indicate what they're about to do 2009-10-01 17:57:20 +00:00
Matt Amos
1e3b3c1f10 Refactored user_role and controller. Now much more DRY. 2009-10-01 17:15:34 +00:00
Matt Amos
77851bac7b Added better messages and error handling in a couple of places. Added integration checks to ensure that the blocking is actually working. Tests FTW. 2009-09-30 17:39:42 +00:00
Matt Amos
95c3d640a4 Tried to DRY the user_blocks controller. Moved the configuration of the blocking periods into application.yml. 2009-09-30 15:44:29 +00:00
Matt Amos
ca06b3c7b1 New migration to add better auditing to user_roles and better column names there and on user_blocks. Added a helper for displaying block status messages. 2009-09-29 16:44:03 +00:00
Matt Amos
09c5740b5b Merging 17824:17845 from trunk to blocking branch. 2009-09-29 10:23:31 +00:00
Ævar Arnfjörð Bjarmason
801182d2ea Actually make the last commit work. I thought Ruby's string interpolation syntax worked differently 2009-09-29 10:12:01 +00:00
Ævar Arnfjörð Bjarmason
0197460689 Escape user-supplied JavaScript. Fixes http://lists.openstreetmap.org/pipermail/talk/2009-September/042846.ht 2009-09-29 09:23:11 +00:00
Thomas Wood
ec26e06706 5 character patch to only output duplicated nodes once in a way/full call 
Unit tests not run - problems on this system
Fixes #2327
 2009-09-29 02:55:35 +00:00
Matt Amos
30d5e783e4 Added a confirmation step to the process of granting and revoking user roles. 2009-09-28 17:35:39 +00:00
Matt Amos
ab1444f338 Truncate long reason texts to not overwhelm the browser window. 2009-09-28 17:30:10 +00:00
Matt Amos
daa2496024 First version of blocking feature. Allows both time-based (for map protection) and notice-based (for education) blocks on users. Also introduces user roles and a simple UI for displaying and administering these. 2009-09-28 16:01:00 +00:00
Tom Hughes
b8afd4fbf3 Fix comment typo. 2009-09-24 23:27:45 +00:00
Tom Hughes
77ce1b2809 Ignore empty tags. Closes #2311. 2009-09-24 23:27:13 +00:00
Tom Hughes
2297dc9074 Wrap GPX API calls with the API error handler, and make sure the create 
method throws on error so it can be trapped and reported. Closes #2310.
 2009-09-24 23:15:35 +00:00
Ævar Arnfjörð Bjarmason
9b7e39dc49 I moved Potlatch's locales but didn't update this, which broke all i18n 2009-09-23 23:34:43 +00:00
Ævar Arnfjörð Bjarmason
5a76b08868 oops, removing debugging code 2009-09-23 17:36:51 +00:00
Ævar Arnfjörð Bjarmason
65eec82978 [2304]: Split the default English i18n parameter in Potlatch out to a YAML file 2009-09-23 17:08:46 +00:00
Tom Hughes
fc5261ece5 Remove remaining trailing spaces from translations. 2009-09-22 20:15:09 +00:00
Ævar Arnfjörð Bjarmason
421b611389 Use i18n() parameters for this JavaScript message instead of ad-hoc 
string concatenation.

See [17712] for why I'm changing this.
 2009-09-20 10:41:57 +00:00
Ævar Arnfjörð Bjarmason
185c7c24ae See [17712] for why I'm changing this 
The 'user.view.mapper since' message is broken. It should be done with
translation parameters. But messages can't include HTML like <b> and I
don't want to experiment with making that work or changing this into a
HTML table that doesn't look crappy.
 2009-09-20 10:25:31 +00:00
Richard Fairhurst
00332614f9 add ability to specify custom background in the query string 2009-09-18 14:11:18 +00:00
Ævar Arnfjörð Bjarmason
658a34714f When displaying objects in /browse/* and in the JavaScript "Data" 
feature use the name key corresponding to the user's
locale. E.g. "name:is" for Icelandic.

This will fall back on "name". The interface will be equivalent unless
the user has selected another language than English in the preferences
and objects with localized name:* tags corresponding to the user's
language are being displayed.
 2009-09-17 23:36:54 +00:00
Tom Hughes
6fafe7f309 Display the changeset comment (if any) as part of the description of 
any object in the data browser. Closes #2282.
 2009-09-15 22:03:09 +00:00
Ævar Arnfjörð Bjarmason
da28349f51 So the way [17620] did it sucked but [17624] broke it unless you 
didn't have any changes because .item_count is the number of edits,
not pages.

Using .page_count works though, Whee!
 2009-09-14 23:36:21 +00:00
Ævar Arnfjörð Bjarmason
835e12925e auto_link() changeset comments in the global/user/bbox/etc history too 
(as well as in changeset detail & atom feeds)
 2009-09-14 23:26:36 +00:00
Tom Hughes
26bd59a1da Output tags to the feed as raw HTML so that links are not escaped (any 
real HTML in the tag has already been escaped). Closes #2264.
 2009-09-14 23:17:52 +00:00
Tom Hughes
9200520395 Escape tag values - there is no reason at all to render things which 
might look like HTML tags in a tag value.
 2009-09-14 23:17:02 +00:00
Tom Hughes
253e8a272d Improve handling of the case where there is only one page of changesets. 2009-09-14 23:04:06 +00:00
Ævar Arnfjörð Bjarmason
466f640138 While we don't have the sanitizing backend to safely solve ticket 
#2264 I'm going to remove the auto_link feature of changeset tags. The
links are broken in all conforming Atom readers at the moment.
 2009-09-14 21:08:17 +00:00
Ævar Arnfjörð Bjarmason
332f8d3a4f Now when all the entries fit on one page a trailing slash won't be 
included after "Showing page %d (%d of %d)"
 2009-09-14 19:42:32 +00:00
Ævar Arnfjörð Bjarmason
2118dd06af Link to username in "Send message to" message 2009-09-14 19:32:29 +00:00
Tom Hughes
06a17b6bc6 Treat an explicit public=0 argument as meaning private. 2009-09-12 16:46:25 +00:00
Ævar Arnfjörð Bjarmason
b3ff342e6b There was no "Sorry not found" message for changesets so 
/browse/changeset/123456789 would return the message "Sorry, the with
the id 123456789, could not be found.". It now says "Sorry, the
changeset with the id 123456789, could not be found."
 2009-09-07 12:16:17 +00:00
Tom Hughes
63b399c9b2 Update to rails 2.3.4 for security fixes. 2009-09-04 08:45:38 +00:00
Tom Hughes
73340e1780 Add support for reloading the language table. 2009-09-03 21:55:42 +00:00
Matt Amos
69ab396f08 Fixed bug when oauthorizing with a token which no longer exists (merged 17416 from oauth branch). 2009-09-01 10:25:53 +00:00
Tom Hughes
e72ebb7eac Fix file_column plugin to generate absolute URLs without falling over 
in a heap and then use that in the user details view.
 2009-08-31 23:43:15 +00:00
Tom Hughes
783748b1e5 Tidy up. 2009-08-31 23:32:03 +00:00
Tom Hughes
543e8c5503 Fix backwards compatibility code to handle an old style public 
attribute correctly. Closes #2242.
 2009-08-31 23:28:51 +00:00
Matt Amos
ade96da19f Added user ID, description, languages and image link to the user details API call. 2009-08-31 23:11:15 +00:00
Tom Hughes
096459404c Format dates in the changeset list so the year is shown. Closes #2232. 2009-08-28 07:55:34 +00:00
Matt Amos
b34b898451 Added referer URL in user_token so that redirections (e.g: from oauth token requests) are followed after the user has confirmed the sign-up. Added test for the same. 2009-08-25 15:00:32 +00:00