cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
13737 commits 4 branches 1 tag 499 MiB
Commit graph

237 commits

Author SHA1 Message Date
Anton Khorev
bde2faac58 Remove assert_response when followed by assert_redirected_to 2024-03-03 10:56:50 +03:00
Andy Allan
52f755cb27
Merge pull request #4535 from tomhughes/rails-tokens 
Use rails generated tokens for emails
 2024-02-25 11:32:15 +01:00
Tom Hughes
1b5200b797 Treat github and wikipedia provided emails as confirmed 
Fixes #4270
 2024-02-25 10:04:18 +00:00
Tom Hughes
4dff06a629 Use rails tokens for signup confirmations 2024-02-24 13:53:05 +00:00
Anton Khorev
5411be6750 Test changeset commenting 2024-02-12 01:23:23 +03:00
Anton Khorev
61c32388a9 Test notices of disabled changeset commenting 2024-02-12 01:23:23 +03:00
Tom Hughes
db0a80e563 Test that mismatched passwords are rejected 2024-01-12 17:55:16 +00:00
Tom Hughes
1fd10c0935 Test that signups can be confirmed and can authenticate afterwards 2024-01-12 17:55:16 +00:00
Andy Allan
f22ecd6309 Avoid running integration tests in every locale 
We have over 200 locales, and so this takes a long time. This reduces
time taken from around 200 seconds to 6 to run these tests.
 2023-12-20 11:45:08 +00:00
Tom Hughes
12b4d11d44 Use SecureRandom to generate user tokens 2023-12-04 17:25:57 +00:00
Tom Hughes
3e3873a7c2 Fix test as rails no longer seems to return a body for redirects 2023-10-18 18:26:14 +01:00
Milan Cvetkovic
408f2918d0 Load openid signing key from endpoint during openid connect test 2023-10-03 18:55:10 +01:00
Milan Cvetkovic
2d5acd199b Add test for openid discovery 2023-10-03 18:55:10 +01:00
Milan Cvetkovic
1f62a2b342 Add a test for openid connect support 2023-10-03 18:55:10 +01:00
Tom Hughes
6759130cb3 Test that suspended and deleted users can't use OAuth tokens 2023-08-25 12:10:32 +01:00
Tom Hughes
477f700cfa Logout while testing OAuth 1 token usage 
This ensures we're not accidentally inheriting any session permissions.
 2023-08-25 09:44:25 +01:00
Tom Hughes
b9f9c0f3cc Separate authenticating user from application owner in OAuth 1 tests 2023-08-25 08:51:41 +01:00
Milan Cvetkovic
ad164d384e Change provider name to "microsoft" 2023-08-20 10:19:30 +01:00
Milan Cvetkovic
b3e13eb752 Update tests for microsoft_graph endpoints 2023-08-20 10:17:42 +01:00
Milan Cvetkovic
7428da74c2 Use omniauth-microsoft_graph instead of omniauth-windowslive 
Omniauth-microsoft_graph correctly populates 'email' and 'name' fields used by OpenStreetMap.
It also  uses updated endpoints for Microsoft identity provider.

Use email address returned by microsoft_graph provider as a verified address.

Upgrading exisiting users from windowslive to microsoft_graph:
 - upon next login existing `windowslive` users will have to authorizei
   OpenStreetMap application to "Read Your Profile," required for proper reading
   of display name field.

The name of the identity provider in OSM is kept to 'windowslive':
 - the entries in users table with `provider == 'windowslive'`
   can be reused for microsoft_graph provider, since
   the uid field is preserved. Users will not need to repeat the sign up process.
 - OAuth2 callback is still `/auth/windowslive`, no updates to Microsoft Identity Provider portal
   App registration are necessary.
 2023-08-17 13:01:15 +00:00
Andy Allan
e9e4b10473
Merge pull request #3907 from Dimitar5555/patch-1 
Facelift `offline.html` and use Bootstrap classes for "notifications" under the search bar
 2023-06-14 14:08:38 +01:00
Dimitar
318064b2a7 Facelift offline.html and use Bootstrap classes for "notifications" 
Update site_controller_test.rb

Update site_controller_test.rb

Remove whitespace

Reset Settings.status after test is done

Update test for offline page

Update site_controller.rb

Fix indentation

Update offline controller

Update offline.html.erb

Remove flash CSS classes and fix missed tests

Updated tests

Address most PR comments

Update _flash.html.erb

Update _flash.html.erb

Update edit.html.erb

Update offline.html.erb
 2023-03-26 13:57:51 +03:00
Tom Hughes
2b3133d2e8 Fix new rubocop warnings 2023-02-28 15:20:33 +00:00
Andy Allan
415ac577f3 Remove some old debugging comments 2022-12-21 12:05:15 +00:00
Tom Hughes
f4749eccf1 Test that verified emails from OAuth signups are accepted automatically 2022-07-26 17:33:59 +01:00
Andy Allan
934d81aa55 Bootstrap 5: Replace all form-group classes with mb-3 2022-07-20 14:42:57 +01:00
Tom Hughes
03cad948e3 Fix new rubocop warnings 2022-03-15 19:24:09 +00:00
Harry Wood
02338a80e1 Make oauth register app link into button 
Cosmetic tweak. On the OAuth 1 setting tab, make "Register your app" into a button not a link

Also put the applications in a <ul>
 2022-03-08 15:18:53 +00:00
Tom Hughes
b5f06e06c1 Fix rubocop Rails/TimeZone warnings 2022-03-01 22:55:10 +00:00
Andy Allan
a8e8ba1a64 Refactor the account edit/update pages out into a separate accounts controller 2021-12-08 15:17:50 +00:00
Andy Allan
2b84452222 Remove custom margins on sidebar headings 
Margin-top in particular is best avoided. The removal of some top
margins required a few corresponding changes to add bottom margins
to other features, mostly done by converting bare text strings to
live within paragraphs.
 2021-11-03 18:16:38 +00:00
Tom Hughes
94b327ddfc Test third party logins to pending/suspended/blocked accounts 2021-10-24 10:36:30 +01:00
Andy Allan
6ab522b2b3 Convert account setting menu to tabs, and include on other pages 
This makes it easier to navigate around these pages. Since each tab
corresponds to a given controller, this makes the selection of active
tabs straightforward.
 2021-08-18 14:30:35 +01:00
Tom Hughes
e4ce1c5f2f Check that the permission is non-zero 
Fixes #3241
 2021-07-01 16:35:29 +01:00
Tom Hughes
a32b751fed Remove some references to webmaster 2021-06-29 19:22:31 +01:00
Tom Hughes
8d76be71bb Merge remote-tracking branch 'upstream/pull/3177' 2021-06-24 08:43:18 +01:00
Tom Hughes
f6818bb2ed Avoid accidental locale changes in tests 2021-06-22 19:05:55 +01:00
Tom Hughes
63e4a89323 Fix new ruboop warnings 2021-06-22 18:34:15 +01:00
Andy Allan
c8f0a81eb7 Rework sidebar to use padding on the sidebar_content div 
This saves every header, list, paragraph etc having to sort out their own padding. The couple of instances where we want edge-to-edge can be acheived using the negative margin spacing utilities.

The padding is based on $spacer so that it can be adjusted automatically via bootstrap configuration.

This also means that we can remove many (mis-)uses of the browse-section class, which is only supposed to be for cases where there are multiple browse-sections in sequence (e.g. multiple nodes in the node history browse pages).
 2021-06-16 15:45:58 +01:00
Tom Hughes
f064a18a16 Add tests for OAuth2 2021-05-18 12:05:33 +01:00
Andy Allan
094d6c8bb9 Move confirmation methods into ConfirmationsController 2021-04-07 16:05:32 +01:00
Andy Allan
f18baae22e Refactor login/logout into sessions controller 
Certain controller methods are shared with oauth-based logins, and these have been
moved to a concern.
 2021-03-24 11:32:46 +00:00
Tom Hughes
3512d6303c Fix new rubocop warnings 2021-03-23 19:48:13 +00:00
Andy Allan
38ad8fbc36 Use login_path instead of explicit controller and actions 
This makes future refactoring easier.
 2021-03-10 14:31:55 +00:00
Tom Hughes
1f136a84a6 Prevent CSRF bypass with login form 2021-02-10 20:39:23 +00:00
Tom Hughes
5912a8011b Update to Omniauth 2.x 
This requires converting all use of the /auth endpoints
to use the POST method as GET is no longer supported.
 2021-02-02 19:49:03 +00:00
Andy Allan
cc8bb7c6a5 Refactor user registration form to use bootstrap 2021-01-20 15:38:10 +00:00
Andy Allan
da2277505f Ensure that test utility methods are marked as private 
This allows us to enable the check for test method names.
 2020-10-28 11:49:01 +01:00
Andy Allan
86a5e198f7 Refactor test to use general basic_authorization_header method 
There's no need for this test to have its own version of the method.
 2020-10-28 11:33:51 +01:00
Tom Hughes
abca51e4d8 Fix some Style/StringConcatenation warnings 2020-08-09 19:48:16 +01:00