cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11229 commits 4 branches 1 tag 499 MiB
Commit graph

5883 commits

Author SHA1 Message Date
Chris Flipse
060c686c19 Use cancancan to authorize user_preference_controller 2018-06-17 13:57:06 -04:00
Chris Flipse
5232914427 Implement the cancan filters for diary entries 
Access logic is not _entirely_ exported from the controller,
unfortunately.  For interface reasons, some actions which require admin
have to be listed within the controller's deny_access method.

This is required because, being a default-deny system, cancancan
_cannot_ tell you the reason you were denied access; and so
the "nice" feedback presenting next steps can't be gleaned from
the exception
 2018-06-17 13:57:06 -04:00
Chris Flipse
6b44a1976c use a controller method to handle cancan denials 
This will let controllers override for specific circumstances
 2018-06-17 13:57:06 -04:00
Chris Flipse
6da3ece683 use token in ability checks 2018-06-17 13:56:23 -04:00
Chris Flipse
b16aa11f65 fix tests for site controller 2018-06-17 13:56:23 -04:00
Chris Flipse
2ab3d56102 don't check authorization everywhere 2018-06-17 13:56:23 -04:00
Andy Allan
ffa65d4d72 Add cancancan and the first ability definitions for site_controller 2018-06-17 13:56:23 -04:00
Tom Hughes
727ee97a3f Allow inline javascript and CSS in better_errors pages 2018-06-17 11:33:51 +01:00
Tom Hughes
e5604ce98e Assign vandalism reports for users to moderators 2018-06-17 11:14:19 +01:00
Tom Hughes
6c225bd01c Only include issues visible to the current user in the count 2018-06-17 01:01:24 +01:00
Tom Hughes
0071025400 Avoid using "other" as a translation key 2018-06-16 16:21:07 +01:00
Tom Hughes
1392e63272 Show count of open issues in the header 2018-06-16 12:40:15 +01:00
Tom Hughes
5ea1ba8d84 Set the locale for issue and report views 2018-06-16 12:14:58 +01:00
Tom Hughes
27679356af Default to only showing open issues 2018-06-10 19:11:25 +01:00
Tom Hughes
5e2c567b7f Make report type a required field 2018-06-10 17:16:33 +01:00
Tom Hughes
f7d0a60fc1 Make reportable item titles translatable 2018-06-10 17:05:21 +01:00
Tom Hughes
d3700e6201 Merge branch 'master' into next 2018-06-10 17:02:12 +01:00
Tom Hughes
2aca6920dc Use lazy lookups for translations in issues 2018-06-10 16:59:58 +01:00
Tom Hughes
5effa0a6d6 Avoid losing filter settings when an invalid user is entered 2018-06-10 15:42:35 +01:00
Tom Hughes
e8942437c0 Use select_tag for issue filter fields instead of abusing select 2018-06-10 15:32:27 +01:00
Tom Hughes
f227804093 Add some extra indexes on issues 2018-06-10 15:25:53 +01:00
Tom Hughes
ba9a00b10c Merge remote-tracking branch 'upstream/pull/1892' 2018-06-06 14:51:30 +01:00
Tom Hughes
beec16232d Update style for change of name for message controller 2018-06-06 14:45:19 +01:00
Tom Hughes
4df0fe72e2 Merge remote-tracking branch 'upstream/pull/1893' 2018-06-06 14:33:36 +01:00
Tom Hughes
3da3b93f80 Merge remote-tracking branch 'upstream/pull/1894' 2018-06-06 14:30:27 +01:00
Tom Hughes
a516d13d33 Allow iD to access ESRI imagery metadata 2018-06-06 14:25:52 +01:00
Andy Allan
e276bea2ff Prefer the helper in controllers 
This avoids future gotchas with conversion to lazy lookups.
 2018-06-06 13:34:34 +08:00
Andy Allan
25c2feaec9 Fix lazy i18n lookups for browse error pages 
`I18n.t` doesn't support lazy lookups, whereas the equivalent
rails `t` helper does. The code can also be simplified to avoid the
lookup table.

Fixes 1877
 2018-06-06 13:25:40 +08:00
Andy Allan
3e5a953e8f Fix missing message translation strings 2018-06-06 11:53:05 +08:00
Andy Allan
88ff81b694 Refactor messages show action to be resourceful 2018-06-06 11:51:52 +08:00
Andy Allan
9b36021ec5 Refactor inbox and outbox paths to avoid display names in urls. 2018-06-06 11:33:33 +08:00
Andy Allan
57d3b3af55 Refactor trace creation pages 
Split the trace creation into new and create methods, with standard resourceful routing. Provide a redirect for external requests to the old url.
 2018-06-06 10:22:42 +08:00
Tom Hughes
4a6779abf7 Avoid using inline javascript to update message list 2018-05-30 15:30:23 +01:00
David Abián
ed1f441ef3 Concept URIs for Wikidata entities 
Wikidata entities should be linked using concept URIs, which are
permanent. This is the right way of linking web resources according
to the Linked Data principles.

Closes #1884
 2018-05-28 13:02:47 +01:00
J Guthrie
30756f72ca Change language immediately after updating settings 
Closes #1883
 2018-05-27 15:12:34 +01:00
Benoît
e1f37fcc84 Improve HOT layer attribution 
The style is by HOT and the server is provided by OpenStreetMap France.

Closes #1882
 2018-05-25 10:22:56 +01:00
Edward Betts
196ac7c0d5 Wrap the permission label with a <label> tag 
Gives the user a larger target to toggle a permission.
 2018-05-24 15:41:32 +01:00
Andy Allan
6b2dcfd3d8
Merge pull request #1871 from hikemaniac/browse-icon-typo 
Fix a browse icon typo
 2018-05-24 11:39:22 +08:00
Tom Hughes
fb94bb6c58 Don't override non-existent policy 2018-05-23 12:50:10 +01:00
Tom Hughes
ff86bf136a Use an empty array for ruby 2.3 compatibility 
Apparently `false.dup` throws in ruby 2.3 and not in 2.5...
 2018-05-23 12:21:24 +01:00
Tom Hughes
5deba2782a Completely remove form-action restrictions for OAuth callbacks 
The CSP3 draft only allows a * rule match network schemes and
mobile devices often use callbacks to custom URL schemes.
 2018-05-23 12:09:21 +01:00
Tom Hughes
c5d3335a6c Allow inline styles in iD 2018-05-18 20:28:09 +01:00
hikemaniac
908f9b5276
Rebase to current master 
Merge openstreetmap/openstreetmap-website into hikemaniac/openstreetmap-website
 2018-05-18 13:59:59 +02:00
Peter Karich
1cea6b363a Use XHR instead of jsonp for GraphHopper 
Closes #1872
 2018-05-17 20:47:58 +01:00
Tom Hughes
99492de1d3 Convert note view to use server side conditions 
Fixes #1869
 2018-05-17 11:33:50 +01:00
Tom Hughes
fdd4361d5b Remove some inline styles 2018-05-16 20:27:35 +01:00
Tom Hughes
9c04912f1d Merge remote-tracking branch 'upstream/pull/1866' 2018-05-16 18:57:34 +01:00
Tom Hughes
9227f6aecd Allow iD to access wikidata 2018-05-16 11:36:46 +01:00
Tom Hughes
8d41015673 Allow iD to access wikipedia 2018-05-16 08:48:38 +01:00
Andy Allan
e1c62f1bf2 Remove if_user and similar methods 
Rather than hiding features based on CSS, just avoid including them
in the output. Fixes #1862
 2018-05-16 13:05:20 +08:00