cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
9243 commits 4 branches 1 tag 499 MiB
Commit graph

9243 commits

This branch
This branch
All branches
Author SHA1 Message Date
Andy Allan
3e49e4a62a Use CanCanCan to control access to oauth controller actions 2019-01-16 10:17:55 +01:00
Andy Allan
bda8544d94 Mark non-action methods as protected 2019-01-16 10:17:55 +01:00
Andy Allan
e7f943c715 Use CanCanCan for nodes, ways, relations, old and api controllers 2019-01-16 10:12:19 +01:00
translatewiki.net
fbbabeff1e Localisation updates from https://translatewiki.net. 2019-01-14 09:42:18 +01:00
translatewiki.net
687e9b6fd6 Localisation updates from https://translatewiki.net. 2019-01-10 08:57:06 +01:00
Tom Hughes
62637645bf Add basic tests for browse#new_note and browse#query 2019-01-09 21:12:33 +00:00
Tom Hughes
5c877e0fa4 Allow everybody to query features 2019-01-09 19:15:55 +00:00
Tom Hughes
99b380765a Allow everybody to create new notes 
Fixes #2110
 2019-01-09 18:13:55 +00:00
Tom Hughes
6c2432ae42 Merge remote-tracking branch 'upstream/pull/2109' 2019-01-09 17:27:16 +00:00
Tom Hughes
73fe5a13df Merge remote-tracking branch 'upstream/pull/2108' 2019-01-09 17:24:28 +00:00
Tom Hughes
74e1d7336e Merge remote-tracking branch 'upstream/pull/2107' 2019-01-09 17:20:08 +00:00
Tom Hughes
09b6560e81 Merge remote-tracking branch 'upstream/pull/2106' 2019-01-09 17:16:01 +00:00
Tom Hughes
1b292d2389 Merge remote-tracking branch 'upstream/pull/2105' 2019-01-09 17:14:53 +00:00
Andy Allan
b184b39f34 Use CanCanCan for oauth clients controller 2019-01-09 15:34:54 +01:00
Andy Allan
425f42dd80 Use CanCanCan for messages controller 2019-01-09 15:27:29 +01:00
Andy Allan
58c101762e Use a builder view for the capabilities call 
This is easier to work with than building the XML document by hand
in the controller.
 2019-01-09 14:30:18 +01:00
Andy Allan
686fee43bf Use full list of osm xml root attributes in builder templates 2019-01-09 14:15:39 +01:00
Andy Allan
1774109311 Use CanCanCan for changesets controller 
The expand_bbox method now needs require_write_api capability on tokens.
 2019-01-09 12:41:33 +01:00
Andy Allan
414c4b2c36 Use CanCanCan for traces controller 2019-01-09 11:40:54 +01:00
Andy Allan
73201ca96b Use CanCanCan for swf controller 2019-01-09 10:32:57 +01:00
Andy Allan
18e418cc4c Skip authorization checks for amf controller 2019-01-09 10:26:12 +01:00
Andy Allan
89399c5ba1 Add missing authorize_resource declaration to geocoder controller 2019-01-09 10:14:52 +01:00
Andy Allan
7420479cde Use CanCanCan for directions controller 2019-01-09 10:12:14 +01:00
Andy Allan
1e30edba53 Use CanCanCan for browse controller 2019-01-09 10:10:12 +01:00
Tom Hughes
fac3f0ef24 Update bundle 2019-01-08 18:21:03 +00:00
Tom Hughes
97bf1b303c Revert to omniauth-google-oauth2 version 0.5.3 2019-01-08 09:41:15 +00:00
translatewiki.net
108b68bc92 Localisation updates from https://translatewiki.net. 2019-01-07 10:19:16 +01:00
Tom Hughes
65d57a5bfa Fix new rubocop warning 2019-01-07 09:04:13 +00:00
Tom Hughes
b28e3052b0 Update bundle 2019-01-07 08:58:37 +00:00
translatewiki.net
9af32c9ad4 Localisation updates from https://translatewiki.net. 2019-01-03 16:50:51 +01:00
Andy Allan
44eea9dcaf Use CanCanCan for export controller 2019-01-02 19:21:10 +01:00
Andy Allan
ad68d4c634 Use CanCanCan for search controller 2019-01-02 19:17:32 +01:00
Tom Hughes
3baffaf9a2 Merge remote-tracking branch 'gravitystorm/terms_capabilities' 2019-01-02 17:24:18 +00:00
Andy Allan
c7a7d29813 Require terms agreement for abilities and capabilities related to api write methods 2019-01-02 17:40:43 +01:00
Tom Hughes
4b0fed0aa4 Replace custom panning with new panInside leaflet method 2019-01-02 11:03:06 +00:00
Tom Hughes
3e2b3c31be Update leaflet.locate.js 2019-01-02 10:58:28 +00:00
Tom Hughes
0604b36708 Update leaflet to 1.4.0 2019-01-02 10:51:39 +00:00
translatewiki.net
b8a8acaae4 Localisation updates from https://translatewiki.net. 2018-12-31 18:05:03 +01:00
Tom Hughes
801271363d Allow inline styling on pages that display the map 
Both leaflet itself and at least one of our plugins use inline
styling to style markers so we need to allow it.

Fixes #2093
 2018-12-31 09:32:13 +00:00
translatewiki.net
3d4a107934 Localisation updates from https://translatewiki.net. 2018-12-27 10:58:51 +01:00
translatewiki.net
b23cef5ae1 Localisation updates from https://translatewiki.net. 2018-12-17 09:04:08 +01:00
Tom Hughes
5614c5a551 Merge remote-tracking branch 'upstream/pull/2087' 2018-12-13 15:49:34 +00:00
Bryan Housel
876d150e57 Update to iD v2.12.2 2018-12-13 10:34:21 -05:00
translatewiki.net
dd7c1e2cae Localisation updates from https://translatewiki.net. 2018-12-13 09:17:29 +01:00
Tom Hughes
eb7c4cdedd Allow abilities that require no login for token based access 
Fixes #2085
 2018-12-12 22:41:29 +00:00
Tom Hughes
7bb15e02cc Merge remote-tracking branch 'upstream/pull/2084' 2018-12-12 18:40:13 +00:00
Tom Hughes
c203edda20 Merge remote-tracking branch 'upstream/pull/2083' 2018-12-12 18:33:23 +00:00
Andy Allan
ca596106f5 Refactor users_controller to use CanCanCan for authorisation 2018-12-12 16:17:24 +01:00
Andy Allan
981e4a34b5 Use only token capabilities when a token is provided 
The Authenticate#allow? method (from oauth-plugin) sets current_user as a side
effect of checking the token. But this allows a valid token to access
all actions that are available to that user, beyond the capabilities for
that token.
 2018-12-12 16:16:23 +01:00
translatewiki.net
bdd0cb3176 Localisation updates from https://translatewiki.net. 2018-12-10 08:19:29 +01:00