cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11229 commits 4 branches 1 tag 499 MiB
Commit graph

2033 commits

Author SHA1 Message Date
Andy Allan
5f59845575 Move the api trace methods into a separate controller under the api namespace 2019-02-28 17:12:28 +01:00
Andy Allan
46bc4650d2 Move the amf and swf controllers into the api namespace 2019-02-28 17:12:28 +01:00
Andy Allan
b4dbf6233c Move the notes api methods into a controller in the api namespace 2019-02-28 17:12:28 +01:00
Andy Allan
4b4c5aac2f Move the user api methods into a separate controller in the api namespace 2019-02-28 17:12:28 +01:00
Andy Allan
b38343e5bd Move node/way/relation/old_* controllers into the api namespace 2019-02-28 17:12:28 +01:00
Tom Hughes
d2ff1491b4 Avoid CSP issues with OpenID login 
To avoid Chrom getting upset about sending form data to sites
that our policy doesn't allow, even when it isn't, use Javascript
to jump straight to Omniauth as the direct OpenID based login
buttons were already doing.

Fixes #1909
 2019-02-25 11:46:12 +00:00
Andy Allan
9186a6155c Move the user preferences controller into the api namespace 2019-02-24 12:47:26 +01:00
Andy Allan
2b81437fcd Move the search controller to the api namespace 2019-02-24 12:42:07 +01:00
Andy Allan
947a41edee Move the api methods from changeset_comments_controller into the api namespaced controller 2019-02-24 12:38:09 +01:00
Andy Allan
1778fa3d9c Move the api methods from changesets_controller into the api namespaced controller 2019-02-24 12:18:31 +01:00
Andy Allan
f4e2990526 Move map method to its own controller 2019-02-24 11:44:10 +01:00
Andy Allan
d887252eeb Move the changes api to its own controller 2019-02-24 11:00:28 +01:00
Andy Allan
8383fd0928 Move the permissions call out of api_controller 2019-02-24 11:00:28 +01:00
Andy Allan
317b8f9d45 Move the trackpoints call into its own controller (and rename to tracepoints) 2019-02-24 11:00:28 +01:00
Andy Allan
6a4092bc16 Move the capabilities call out of api_controller 2019-02-24 11:00:20 +01:00
Tom Hughes
908324323e Merge remote-tracking branch 'upstream/pull/2136' 2019-02-06 18:30:41 +00:00
Andy Allan
35a2d66e19 Remove require_terms_agreed configuration option 
This has been set to true for 6 years in production. Refs #2097

As per other user settings, we set the terms as seen by default for tests,
and we can override that when necessary for specific tests.
 2019-02-06 15:50:57 +01:00
Andy Allan
3795da4014 Remove the require_terms_seen configuration option 
This option has been set to 'true' for over six years in production.

Refs #2097
 2019-02-06 14:54:56 +01:00
Andy Allan
c4a192f436 Remove unnecessary requires from app 2019-02-06 12:26:30 +01:00
Simon Poole
26102f581f Remove old MapQuest Directions routing support 2019-01-29 20:19:36 +00:00
Simon Poole
067290f19f Remove old OSRM routing support 2019-01-29 20:19:36 +00:00
Simon Poole
8937099429 Add support for FOSSGIS routing server 2019-01-29 20:19:36 +00:00
Tom Hughes
3e7bc943fe Merge remote-tracking branch 'upstream/pull/2120' 2019-01-28 19:04:02 +00:00
Tom Hughes
d021f7b625 Merge remote-tracking branch 'upstream/pull/2118' 2019-01-16 12:22:31 +00:00
Andy Allan
8a2df0e0b5 More resourceful routing for nodes, ways, relations and changesets controllers 2019-01-16 13:10:11 +01:00
Andy Allan
30a4fb85a9 Remove old authorization helpers 
These have been replaced by abilities and capabilities
 2019-01-16 11:55:01 +01:00
Andy Allan
131fd76cae Ensure authorization checks happen for all controller methods 2019-01-16 11:45:13 +01:00
Andy Allan
fc6209dc07 Skip authorization checks for the errors controller 2019-01-16 11:44:55 +01:00
Tom Hughes
11806a676f Merge remote-tracking branch 'upstream/pull/2116' 2019-01-16 10:23:27 +00:00
Andy Allan
581eca3bbe Add a configuration flag for using the job queue to import traces 
This will allow the code to be merged to master, even if osm.org
isn't ready to start using it yet.
 2019-01-16 11:13:55 +01:00
Andy Allan
e59f1b6108 Sketch out how to use the jobs queue for trace insertion and deletion 
Refs #1852
 2019-01-16 10:49:11 +01:00
Andy Allan
3e49e4a62a Use CanCanCan to control access to oauth controller actions 2019-01-16 10:17:55 +01:00
Andy Allan
bda8544d94 Mark non-action methods as protected 2019-01-16 10:17:55 +01:00
Andy Allan
e7f943c715 Use CanCanCan for nodes, ways, relations, old and api controllers 2019-01-16 10:12:19 +01:00
Tom Hughes
6c2432ae42 Merge remote-tracking branch 'upstream/pull/2109' 2019-01-09 17:27:16 +00:00
Tom Hughes
73fe5a13df Merge remote-tracking branch 'upstream/pull/2108' 2019-01-09 17:24:28 +00:00
Tom Hughes
74e1d7336e Merge remote-tracking branch 'upstream/pull/2107' 2019-01-09 17:20:08 +00:00
Tom Hughes
09b6560e81 Merge remote-tracking branch 'upstream/pull/2106' 2019-01-09 17:16:01 +00:00
Andy Allan
b184b39f34 Use CanCanCan for oauth clients controller 2019-01-09 15:34:54 +01:00
Andy Allan
425f42dd80 Use CanCanCan for messages controller 2019-01-09 15:27:29 +01:00
Andy Allan
58c101762e Use a builder view for the capabilities call 
This is easier to work with than building the XML document by hand
in the controller.
 2019-01-09 14:30:18 +01:00
Andy Allan
1774109311 Use CanCanCan for changesets controller 
The expand_bbox method now needs require_write_api capability on tokens.
 2019-01-09 12:41:33 +01:00
Andy Allan
414c4b2c36 Use CanCanCan for traces controller 2019-01-09 11:40:54 +01:00
Andy Allan
73201ca96b Use CanCanCan for swf controller 2019-01-09 10:32:57 +01:00
Andy Allan
18e418cc4c Skip authorization checks for amf controller 2019-01-09 10:26:12 +01:00
Andy Allan
89399c5ba1 Add missing authorize_resource declaration to geocoder controller 2019-01-09 10:14:52 +01:00
Andy Allan
7420479cde Use CanCanCan for directions controller 2019-01-09 10:12:14 +01:00
Andy Allan
1e30edba53 Use CanCanCan for browse controller 2019-01-09 10:10:12 +01:00
Andy Allan
44eea9dcaf Use CanCanCan for export controller 2019-01-02 19:21:10 +01:00
Andy Allan
ad68d4c634 Use CanCanCan for search controller 2019-01-02 19:17:32 +01:00