cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
14879 commits 4 branches 1 tag 499 MiB
Commit graph

560 commits

Author SHA1 Message Date
Tom Hughes
7af9a60ecc Merge remote-tracking branch 'upstream/pull/5231' 2024-09-22 17:07:45 +01:00
mmd-osm
ac42afefcd OCI: ignore invalid replacement token 2024-09-21 09:17:03 +02:00
Anton Khorev
f2e302c6a8 Suppress writing xml parse errors to stderr 2024-09-20 16:36:30 +03:00
Anton Khorev
da28c0e561 Remove Oauth::OAUTH2_SCOPES 
After OAuth1 was removed, all scopes are OAuth2 scopes. Former OAuth2-only scopes now can be combined with the rest.
 2024-09-06 09:14:54 +03:00
Tom Hughes
17bc0853a0 Drop support for OAuth 1 2024-09-01 03:43:02 +03:00
Tom Hughes
5f2a5cadcb Merge remote-tracking branch 'upstream/pull/4565' 2024-08-28 18:59:09 +01:00
Andy Allan
c073f15f5c
Merge pull request #5060 from tomhughes/rake-expiry 
Move token expiry to a rake task
 2024-08-28 14:54:31 +01:00
Tom Hughes
d17b5b6d4f Move token expiry to a rake task 2024-08-08 20:45:10 +01:00
Anton Khorev
6be766d015 Skip paragraphs with no text when looking for richtext description 2024-08-07 08:02:19 +03:00
Anton Khorev
88a7ca5625 Truncate long richtext descriptions 2024-08-07 08:02:06 +03:00
Anton Khorev
e5279dacde Detect <p> as richtext paragraph 2024-08-07 08:01:48 +03:00
Anton Khorev
aa8dd75e5e Use first paragraph as richtext description 2024-08-07 08:01:48 +03:00
Anton Khorev
097a414b22 Add a blank richtext description method 2024-08-07 08:01:14 +03:00
Anton Khorev
69a2d5f4d4 Add image_alt accessor to rich text 2024-08-05 05:08:44 +03:00
Anton Khorev
37edcb113a Skip images with missing src 2024-08-02 20:19:10 +03:00
Anton Khorev
25aea657e2 Detect <img> images in markdown rich text 2024-08-02 20:04:59 +03:00
Milan Cvetkovic
0db47f3f76 Add Messages API 
as discussed in [Issue #4509](https://wiki.openstreetmap.org/w/index.php?title=Messaging_API_proposal)
and documented in [Messaging API reference](https://wiki.openstreetmap.org/w/index.php?title=Messaging_API_proposal)
 2024-07-29 10:42:38 +00:00
Tom Hughes
3debc151a8 Only load the english resources for community index if they exist 2024-07-20 12:10:29 +01:00
Tom Hughes
f9ea6aa718 Fallback to english locale when looking for community index templates 
Starting with the v5.8.0 release osm-community-index has removed
strings from translations which are identical to the engish version
which mostly causes no problem except for some of the template values
that don't involve any localised text.
 2024-07-18 18:00:19 +01:00
Anton Khorev
c3ad502f90 Remove 'None' from auth providers 2024-07-18 15:30:08 +03:00
Tom Hughes
f2ca25b75c Use faraday http client for nominatim lookups 2024-07-09 18:18:09 +01:00
Tom Hughes
3c00ed8dc3 Set a custom user agent for the faraday http client 2024-07-09 18:18:09 +01:00
Tom Hughes
c38e3d6144 Enforce changeset size limit for API calls which make changes 2024-06-19 00:46:34 +01:00
Tom Hughes
f61ac2586f Add support for per-user limits on the size of changes that can be made 2024-06-19 00:46:34 +01:00
Anton Khorev
c7353c9ac1 Add image method to get first image from rich text 2024-06-06 17:09:21 +03:00
Anton Khorev
b072c2935f Add titles to changeset element page links 2024-06-03 14:07:23 +03:00
Tom Hughes
d3d0da0328 Fix new rubocop warnings 2024-05-28 17:39:33 +01:00
Tom Hughes
938037d6a2 Update eslint to v9 2024-04-07 12:13:06 +01:00
Anton Khorev
16cc2e75a7 Remove unused includes of ConsistencyValidations 2024-03-28 11:49:49 +03:00
Tom Hughes
71cb2c50fc Merge remote-tracking branch 'upstream/pull/4272' 2024-02-25 13:40:11 +00:00
Tom Hughes
741ed58838 Add a limit on the number of points in a GPS trace 2024-02-25 09:50:02 +00:00
Anton Khorev
daa2543511 Add oauth scope for redactions 2023-12-21 17:37:17 +03:00
Anton Khorev
fb1ebf8925 Highlight moderator-only scopes when showing authorizations 2023-12-21 17:37:17 +03:00
Tom Hughes
0c2e471708 Fix new rubocop warnings 2023-12-05 18:13:13 +00:00
Tom Hughes
12b4d11d44 Use SecureRandom to generate user tokens 2023-12-04 17:25:57 +00:00
Anton Khorev
de793fb01d Separate pagination item computation and output 2023-11-16 13:21:14 +03:00
Anton Khorev
b7ce0f09e6 Move bootstrap pagination list wrapper to template 2023-11-16 13:21:14 +03:00
Anton Khorev
d104736809 Adjust sizes of changeset element headers/pagination 2023-11-16 13:21:14 +03:00
Anton Khorev
13823c988f Highlight current changeset node/way/relation page 2023-11-16 13:21:14 +03:00
Anton Khorev
8f57efe850 Add Bootstrap styling to changeset node/way/relation page links 2023-11-16 13:21:13 +03:00
Tom Hughes
cebda5ffb9 Merge remote-tracking branch 'upstream/pull/4319' 2023-11-15 17:14:49 +00:00
Tom Hughes
55a05d9e80 Use secure_compare to compare passwords and tokens 
It's unlikely there is an explotable attack here given than network
latencies and variability will swamp any local timing differences but
it's best practice and there's no reason not to.
 2023-11-07 17:22:40 +00:00
Tom Hughes
ef4c9a3306 Make change set comment rate limit errors display properly 
Fixes #4320
 2023-11-02 10:08:19 +00:00
Tom Hughes
2f11b77309 Add support for per-user limits on the rate changes can be made 2023-11-02 08:59:57 +00:00
Tom Hughes
0e74b21cb2 Fix new rubocop warnings 2023-10-31 18:16:46 +00:00
Tom Hughes
a6b5f2f56d Adjust code for rails internal changes 2023-10-18 18:26:14 +01:00
Gregory Igelmund
aa573ce1bb
.github/workflows/lint.yml: Add task verifying annotations are up2date 2023-10-14 11:28:44 +08:00
Milan Cvetkovic
64bcf7652b Add openid connect support using doorkeeper-openid_connect gem 
... as discussed in [Issue 507](https://github.com/openstreetmap/operations/issues/507)
and described by @mmd-osm.

To activate, set the value of `doorkeeper_signing_key` to RSA private key.

Allows using openstreetmap as an identity provider.

Adds `openid` scope to OAuth2 authorizations, required to login to OSM.

Currently, the only claims returned are:
 - "openid" scope: "sub" and "preferred_username"
 - "read_email" scope: "email"
 2023-10-03 18:53:47 +01:00
Anton Khorev
0ef4a299bb Check required bbox parameter presence outside of BoundingBox class 2023-09-03 09:47:27 +03:00
Andy Allan
a1657f03a8
Merge pull request #4202 from tomhughes/changeset-comment-limit 
Add rate limiting for changeset comments
 2023-08-30 11:12:40 +01:00