cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
15208 commits 4 branches 1 tag 499 MiB
Commit graph

2446 commits

Author SHA1 Message Date
Tom Hughes
4dff06a629 Use rails tokens for signup confirmations 2024-02-24 13:53:05 +00:00
Tom Hughes
ad2739347b Use rails tokens for email changes 2024-02-24 13:52:35 +00:00
Tom Hughes
b8fad531e4 Use rails tokens for password resets 2024-02-24 13:23:19 +00:00
Anton Khorev
3a873b1668 Add diary entry subscribe/unsubscribe GET pages 2024-02-17 05:43:13 +03:00
Simon Legner
a0aef5c722 SessionsController: strip username 2024-02-11 21:53:03 +01:00
Tom Hughes
31659bedbe Allow registration of OAuth 1.0 applications to be disabled 2024-01-31 19:18:16 +00:00
Tom Hughes
24f579562f Attempt to make timeouts work properly 2024-01-29 19:37:59 +00:00
Anton Khorev
00123f05ba Add relation version pages 2024-01-23 22:08:39 +03:00
Anton Khorev
2f222c49dd Add way version pages 2024-01-23 22:08:39 +03:00
Anton Khorev
85c284aaa6 Add node version pages 2024-01-23 22:08:39 +03:00
Tom Hughes
242a4a1aee Include both copies of the password in the saved user 
This allows is to go back to hashing passwords when the user is saved.

Fixes #4474
 2024-01-12 17:55:16 +00:00
Anton Khorev
366ffd9bd0 Add revoke all blocks action 2024-01-07 15:15:28 +03:00
Anton Khorev
3443533ce3 Add revoke all blocks page title 2024-01-07 15:15:28 +03:00
Anton Khorev
ba53dc7b04 Create an empty revoke all blocks page 2024-01-07 15:15:28 +03:00
Anton Khorev
f4d84c4806 Add links to diaries in preferred languages 2024-01-03 13:10:08 +03:00
Anton Khorev
8c32e63492 Set block ends_at to exactly created_at + duration 2023-12-27 06:48:00 +03:00
Tom Hughes
10d65cc857 Merge remote-tracking branch 'upstream/pull/4425' 2023-12-21 18:46:22 +00:00
Anton Khorev
07954549b9 Allow arrays of names in map key entries 2023-12-20 04:03:22 +03:00
Gregory Igelmund
efc61f1315 Add basic structures for UserMute and Message muting logic 
Including models, migration, controllers, views & locales.
 2023-12-19 12:57:47 -05:00
Milan Cvetkovic
a4c23cd89f Implement allow list for account creation 2023-12-17 07:55:43 +00:00
Anton Khorev
d9b9e13be1 Allow to omit max_zoom if next map key entry has min_zoom 2023-12-08 13:21:57 +03:00
Anton Khorev
9ac70151a8 Load map key data in controller 2023-12-08 12:55:18 +03:00
Andy Allan
4bca24a7be Resourceful routing for passwords 
This also matches the routes used by devise
 2023-12-06 18:41:00 +00:00
Tom Hughes
45f0589e62 Merge remote-tracking branch 'upstream/pull/4329' 2023-11-28 22:21:50 +00:00
Tom Hughes
2153e00f9f Drop ACL check from notes#comment as we no longer allow anonymous comments 2023-11-23 16:56:07 +00:00
Anton Khorev
b5f8df642a Disallow account deletion after confirmation 2023-11-22 17:37:04 +03:00
Tom Hughes
f08fb4f30f Prevent API tokens without write_notes creating attributed comments 
Fixes #4362
 2023-11-22 12:30:39 +00:00
Milan Cvetkovic
aeb4271a27 Do not merge zoom/lat/lon options with oauth_return_url 2023-11-21 13:01:52 +00:00
Milan Cvetkovic
1fbd1d11c4 Extract welcome_options function to simplify save function 2023-11-21 11:56:09 +00:00
Milan Cvetkovic
87a5a0844b Welcome screen works with confirmation email too 2023-11-21 11:56:09 +00:00
Milan Cvetkovic
60c885d071 Welcome screen displays 'Continue with authorization' 
do not hide notes
 2023-11-21 11:56:09 +00:00
Anton Khorev
f23993a4df Remove 'need to return bbox' comment on conditions_bbox 2023-11-21 13:55:35 +03:00
Tom Hughes
aaed886890 Hash passwords as soon as a new user is created 2023-11-16 01:02:11 +00:00
Tom Hughes
b1553135fc Preserve pass_crypt_confirmation in the new user hash 2023-11-16 00:29:49 +00:00
Tom Hughes
cebda5ffb9 Merge remote-tracking branch 'upstream/pull/4319' 2023-11-15 17:14:49 +00:00
Tom Hughes
ba503e02d2 Enforce rate limit for API calls which make changes 2023-11-02 08:59:57 +00:00
Tom Hughes
898a3882c5 Avoid storing user records in the session during signup 
This works around an issue with rails failing to preserve attribute
change flags and is in line with upstream advice against storing models
in the session in this way.

https://github.com/rails/rails/issues/49826
https://github.com/rails/rails/issues/49827
 2023-10-29 10:13:28 +00:00
Tom Hughes
f6d1b6cda4 Fix rails 7.1.0 deprecation warning 2023-10-06 19:07:47 +01:00
Andy Allan
1700c23dd1 Prefer find_by() instead of where().first 
These are very similar, differing only if we would expect multiple
results and the sorting is important. However, in all our cases
we're only expecting one result to be returned, and so find_by is
easier to read.
 2023-10-04 17:53:58 +01:00
Anton Khorev
e22589f946 Show hidden comments to moderators if requested 2023-10-01 19:50:27 +03:00
Tom Hughes
85b17a1f2a Merge remote-tracking branch 'upstream/pull/4240' 2023-09-14 17:42:04 +01:00
Tom Hughes
144c48737b Merge remote-tracking branch 'upstream/pull/4239' 2023-09-10 18:47:07 +01:00
Anton Khorev
9c9edb6054 Remove authorize_web call from traces api controller 2023-09-09 19:40:28 +03:00
Anton Khorev
71654e563e Add show user block api endpoint 2023-09-09 15:53:22 +03:00
Anton Khorev
e143726f1a Combine comments and traces pagination partials 2023-09-09 14:33:59 +03:00
Anton Khorev
a780a7456f Don't interpolate in pagination partial 2023-09-09 14:33:58 +03:00
Anton Khorev
c213abb8e3 Refactor diary paging queries 2023-09-09 14:23:11 +03:00
Anton Khorev
299c59e34f Change diary comments pagination to before/after id 2023-09-09 14:23:10 +03:00
Tom Hughes
d1d3c2597e Handle timeouts inside a view for API calls 2023-09-07 00:32:11 +01:00
Tom Hughes
be3baea4de Merge remote-tracking branch 'upstream/pull/4222' 2023-09-03 18:54:18 +01:00