cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
15422 commits 4 branches 1 tag 499 MiB
Commit graph

447 commits

Author SHA1 Message Date
Anton Khorev
6ddd6dedb1 Remove code that added now-unused field_with_errors css class 2024-12-20 16:10:40 +03:00
Anton Khorev
5b5ffaf90f Allow to specify browse icon priorities 2024-12-09 13:22:34 +03:00
Anton Khorev
f051a7c1f5 Write browse element icons as <img> 2024-12-09 13:22:34 +03:00
Tom Hughes
a218fcccbb Switch to rails 7.2 defaults 2024-10-02 19:16:37 +01:00
Tom Hughes
be2678e0dd Update to rails 7.2.0 2024-09-17 20:39:31 +01:00
Anton Khorev
da28c0e561 Remove Oauth::OAUTH2_SCOPES 
After OAuth1 was removed, all scopes are OAuth2 scopes. Former OAuth2-only scopes now can be combined with the rest.
 2024-09-06 09:14:54 +03:00
Tom Hughes
3267a3c55c Restore monkey patching of OAuth::Helper 
This is needed for omniauth-mediawiki which still uses OAuth 1.
 2024-09-03 00:26:32 +01:00
Tom Hughes
17bc0853a0 Drop support for OAuth 1 2024-09-01 03:43:02 +03:00
Tom Hughes
390d49d3f0 Monkey patch GD2::AnimatedGif to fix the finalizer 
https://github.com/dark-panda/gd2-ffij/pull/27
 2024-08-14 18:56:03 +01:00
Tom Hughes
d3d0da0328 Fix new rubocop warnings 2024-05-28 17:39:33 +01:00
Dimitar
00251a6621
Added gps.tile.openstreetmap.org as allowed source for images 
Resolves #4845
 2024-05-28 10:12:31 +03:00
Tom Hughes
20bdbb05c3 Switch to using rails builtin content security policy support 2024-05-22 16:38:59 +01:00
Paul Norman
75a4d406b9 Remove OPNVKarte as a featured layer 2024-01-16 08:18:41 +00:00
Tom Hughes
0c2e471708 Fix new rubocop warnings 2023-12-05 18:13:13 +00:00
Andy Allan
5e90b569db
Merge pull request #4353 from tomhughes/rtlcss 
Improve handling of RTL styling
 2023-11-22 17:13:35 +00:00
Anton Khorev
dfe299eff9 Add user account deletion delay setting 2023-11-22 16:15:59 +03:00
Tom Hughes
a328ec84a2 Use rtlcss instead of r2 for RTL support 
This ensures that the RTL directives in bootstrap are processed
correctly as it is designed around RTLCSS for RTL support.

Fixes #4347
 2023-11-16 22:53:09 +00:00
Tom Hughes
f2f0cf1ad9 Switch to using native rails support for managing Postgres enumerations 2023-11-15 18:25:05 +00:00
Tom Hughes
cebda5ffb9 Merge remote-tracking branch 'upstream/pull/4319' 2023-11-15 17:14:49 +00:00
Tom Hughes
c6bb4a5f4e Add importer role that can be associated with higher rate limits 2023-11-02 08:58:12 +00:00
Tom Hughes
6f60111c92 Switch to rails 7.1 defaults 2023-10-27 18:00:05 +01:00
Tom Hughes
416334cbbc Change log level for DebugExceptions to error 2023-10-27 17:55:24 +01:00
Tom Hughes
8c998c542c Use an HTML5 parser for tests 2023-10-27 17:50:46 +01:00
Tom Hughes
64f2517426 Use an HTML5 standards-compliant sanitizer 2023-10-27 17:46:58 +01:00
Tom Hughes
4c6a56d002 Commit transactions exited by return, break or throw 2023-10-27 17:42:23 +01:00
Tom Hughes
ed279071c7 Enable optimisation of checks for parent record existence 2023-10-27 17:38:21 +01:00
Tom Hughes
cae17a1f9f Limit log file size in development and test 2023-10-27 17:33:54 +01:00
Tom Hughes
39e66c69b7 Stop parameter hashes comparing equal to normal hashes 2023-10-27 17:31:23 +01:00
Tom Hughes
3588e955c5 Drop X-Download-Options from default headers 2023-10-27 17:26:25 +01:00
Tom Hughes
7ba8ac2b61 Stop adding autoloaded paths to $LOAD_PATH 2023-10-27 17:25:50 +01:00
Tom Hughes
b89fd03403 Enable rails 7.1 changes to model callbacks 2023-10-26 22:51:55 +01:00
Tom Hughes
60d3448cef Enable precompilation of filter_parameters 2023-10-26 22:44:02 +01:00
Tom Hughes
e331266687 Enable rails 7.1 defaults that relate to rolling upgrades 2023-10-26 22:43:29 +01:00
Tom Hughes
1bb8d9caf6 Enable rails 7.1 defaults for features we don't use 2023-10-26 22:43:28 +01:00
Tom Hughes
6e1613f73e Disable deprecated singular association names 2023-10-26 22:19:02 +01:00
Tom Hughes
f37ea2fae3 Update to rails 7.1.1 2023-10-18 18:26:13 +01:00
Tom Hughes
132bb9ad59 Improve support for primary keys in migrations 2023-10-08 12:33:54 +01:00
Tom Hughes
c8fc2218e5 Merge remote-tracking branch 'upstream/pull/4226' 2023-10-03 19:39:41 +01:00
Milan Cvetkovic
64bcf7652b Add openid connect support using doorkeeper-openid_connect gem 
... as discussed in [Issue 507](https://github.com/openstreetmap/operations/issues/507)
and described by @mmd-osm.

To activate, set the value of `doorkeeper_signing_key` to RSA private key.

Allows using openstreetmap as an identity provider.

Adds `openid` scope to OAuth2 authorizations, required to login to OSM.

Currently, the only claims returned are:
 - "openid" scope: "sub" and "preferred_username"
 - "read_email" scope: "email"
 2023-10-03 18:53:47 +01:00
Milan Cvetkovic
8a22bfb222 Add unconfigured doorkeeper-openid_connect 
After executing:
rails generate doorkeeper:openid_connect:install
rails generate doorkeeper:openid_connect:install

Split migration script to 2 to avoid deadlock.
 2023-10-03 18:53:09 +01:00
Andy Allan
0a046673d6
Merge pull request #4201 from AntonKhorev/issues-limit-settings 
Move max value of issues counter to settings
 2023-09-27 15:47:44 +01:00
Paul Norman
00d085ed5d
Add Tracestrack Topo as featured layer 2023-09-19 22:16:42 -07:00
Anton Khorev
fff98f2afb Move max value of issues counter to settings 2023-09-01 07:14:45 +03:00
Tom Hughes
8e3af42fe1 Bump facebook API version 2023-08-30 20:31:24 +01:00
Tom Hughes
3422bb541d Merge remote-tracking branch 'upstream/pull/4198' 2023-08-27 09:46:10 +01:00
Tom Hughes
0913f286fe Make the TOTP cookie httponly 2023-08-22 21:18:45 +01:00
Tom Hughes
63bf18a3c3 Add support for rate limiting signup requests 2023-08-22 18:45:17 +01:00
Milan Cvetkovic
ad164d384e Change provider name to "microsoft" 2023-08-20 10:19:30 +01:00
Milan Cvetkovic
568bf4939d Replace references to windowslive with microsoft_graph 2023-08-17 13:01:15 +00:00
Milan Cvetkovic
7428da74c2 Use omniauth-microsoft_graph instead of omniauth-windowslive 
Omniauth-microsoft_graph correctly populates 'email' and 'name' fields used by OpenStreetMap.
It also  uses updated endpoints for Microsoft identity provider.

Use email address returned by microsoft_graph provider as a verified address.

Upgrading exisiting users from windowslive to microsoft_graph:
 - upon next login existing `windowslive` users will have to authorizei
   OpenStreetMap application to "Read Your Profile," required for proper reading
   of display name field.

The name of the identity provider in OSM is kept to 'windowslive':
 - the entries in users table with `provider == 'windowslive'`
   can be reused for microsoft_graph provider, since
   the uid field is preserved. Users will not need to repeat the sign up process.
 - OAuth2 callback is still `/auth/windowslive`, no updates to Microsoft Identity Provider portal
   App registration are necessary.
 2023-08-17 13:01:15 +00:00