cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10579 commits 4 branches 1 tag 499 MiB
Commit graph

1506 commits

Author SHA1 Message Date
Andy Allan
d887252eeb Move the changes api to its own controller 2019-02-24 11:00:28 +01:00
Andy Allan
8383fd0928 Move the permissions call out of api_controller 2019-02-24 11:00:28 +01:00
Andy Allan
b96391e456 Rename api controller test files 2019-02-24 11:00:28 +01:00
Andy Allan
317b8f9d45 Move the trackpoints call into its own controller (and rename to tracepoints) 2019-02-24 11:00:28 +01:00
Andy Allan
6a4092bc16 Move the capabilities call out of api_controller 2019-02-24 11:00:20 +01:00
Tom Hughes
f7694a94c1 Update tests for changes in FactoryBot 5.x 2019-02-07 20:21:40 +00:00
Tom Hughes
908324323e Merge remote-tracking branch 'upstream/pull/2136' 2019-02-06 18:30:41 +00:00
Andy Allan
d43315f738 Output both the local simplecov html and the coveralls report 
Fixes #2066
 2019-02-06 18:15:46 +01:00
Andy Allan
35a2d66e19 Remove require_terms_agreed configuration option 
This has been set to true for 6 years in production. Refs #2097

As per other user settings, we set the terms as seen by default for tests,
and we can override that when necessary for specific tests.
 2019-02-06 15:50:57 +01:00
Andy Allan
3795da4014 Remove the require_terms_seen configuration option 
This option has been set to 'true' for over six years in production.

Refs #2097
 2019-02-06 14:54:56 +01:00
Andy Allan
65e8bbd5f8 Remove unnecessary requires from tests 2019-02-06 11:44:34 +01:00
Tom Hughes
db1094c114 Clear notifications after trace import tests 2019-01-29 00:00:46 +00:00
Tom Hughes
3e7bc943fe Merge remote-tracking branch 'upstream/pull/2120' 2019-01-28 19:04:02 +00:00
Andy Allan
d02e4ad461 Write some basic functionality tests for trace.import 2019-01-23 16:47:54 +01:00
Andy Allan
3b96bbc809 Basic tests for the trace jobs 2019-01-23 14:47:49 +01:00
Andy Allan
8a2df0e0b5 More resourceful routing for nodes, ways, relations and changesets controllers 2019-01-16 13:10:11 +01:00
Tom Hughes
6fb660f0af Merge remote-tracking branch 'upstream/pull/2111' 2019-01-16 10:15:34 +00:00
Tom Hughes
df232ec96f Add noopener and noreferer to links in user generated content 2019-01-16 10:10:51 +00:00
Andy Allan
e59f1b6108 Sketch out how to use the jobs queue for trace insertion and deletion 
Refs #1852
 2019-01-16 10:49:11 +01:00
Tom Hughes
62637645bf Add basic tests for browse#new_note and browse#query 2019-01-09 21:12:33 +00:00
Andy Allan
c7a7d29813 Require terms agreement for abilities and capabilities related to api write methods 2019-01-02 17:40:43 +01:00
Andy Allan
ca596106f5 Refactor users_controller to use CanCanCan for authorisation 2018-12-12 16:17:24 +01:00
Andy Allan
981e4a34b5 Use only token capabilities when a token is provided 
The Authenticate#allow? method (from oauth-plugin) sets current_user as a side
effect of checking the token. But this allows a valid token to access
all actions that are available to that user, beyond the capabilities for
that token.
 2018-12-12 16:16:23 +01:00
Andy Allan
a3a10237f7 Use CanCanCan for user_roles auth 2018-11-28 21:39:26 +01:00
Tom Hughes
a790c47923 Merge remote-tracking branch 'upstream/pull/2072' 2018-11-28 18:24:04 +00:00
Paul Dexter-Sobkowiak
74d2c4336b Split browse_helper.rb into two modules due to rubocop ModuleLength 2018-11-28 18:18:14 +00:00
Tom Hughes
b99b192697 Merge remote-tracking branch 'upstream/pull/2075' 2018-11-28 18:09:20 +00:00
Andy Allan
ed8e15c8f0 Remove user_roles integration test since it is not meaningful 
This test has not been meaningful for a long while, since both check_success and check_fail contain exactly the same code.

Additionally, the test doesn't cover any integrations (beyond logging in), and so it is only covering the same ground as the controller test.
 2018-11-28 17:22:31 +01:00
Andy Allan
ea766ec57d Use CanCanCan for notes authorization 2018-11-28 15:59:47 +01:00
Andy Allan
8f70fb2114 Use CanCanCan for changeset comments 
This introduces different deny_access handlers for web and api requests, since we want to avoid sending redirects as API responses. See #2064 for discussion.
 2018-11-28 12:35:45 +01:00
Paul Dexter-Sobkowiak
5ba64efd7c Show tel: links for multiple phone numbers separated by ; 
Closes #2069
 2018-11-27 00:06:28 +00:00
Tom Hughes
6f2f9221ef Fix tests for rails 5.2.1 compatibility 
Rails 5.2.1 has changed how the request body is handled
internally for a test which means we can no longer cheat
by stashing it in the request environment and must instead
pass it properly to the request method.
 2018-11-15 00:46:53 +00:00
Tom Hughes
75189bd17d Merge remote-tracking branch 'upstream/pull/2060' 2018-11-14 13:13:56 +00:00
Andy Allan
234afb3f42 Remove custom deny_access handlers 
Since these pages are not accessed by normal users, except for url fiddling, it's fine to respond with a generic access denied.
 2018-11-14 14:10:51 +01:00
Tom Hughes
dd302f4f2c Merge remote-tracking branch 'upstream/pull/2061' 2018-11-14 12:43:35 +00:00
Andy Allan
c89b88c8d0 Add a changeset to exercise that part of the contact rendering 2018-11-14 12:25:21 +01:00
Andy Allan
0d55c40ca8 Ensure that the blocked template rendering works 2018-11-14 12:19:23 +01:00
Andy Allan
d7f41756f9 Check that a request that requires authentication is redirected when the user hasn't seen the terms 2018-11-14 12:19:23 +01:00
Andy Allan
252b9ef08a Pluralize changesets controller 2018-11-14 10:34:28 +01:00
Tom Hughes
ccdec3ed4c Attempt to send pretty 403 errors to web browsers 2018-11-08 19:09:56 +00:00
Tom Hughes
6ca22de4f2 Merge remote-tracking branch 'upstream/pull/2051' 2018-11-08 17:51:23 +00:00
Tom Hughes
70d6880e10 Merge remote-tracking branch 'upstream/pull/2052' 2018-11-08 17:44:57 +00:00
Tom Hughes
10294f4849 Merge remote-tracking branch 'upstream/pull/2050' 2018-11-08 17:31:30 +00:00
Andy Allan
d70529f12b Remove unnecessary include from redaction model test 2018-11-07 16:48:48 +01:00
Andy Allan
efa37f6a83 Remove unnecessary require statements from tests 2018-11-07 16:42:11 +01:00
Andy Allan
26777c4464 Pluralize diary entries controller 2018-11-07 16:31:04 +01:00
Andy Allan
e85c56d151 Pluralize old_ controllers 2018-11-07 16:05:56 +01:00
Andy Allan
05117aa928 Pluralize nodes, ways and relations controllers 2018-11-07 15:55:26 +01:00
Andy Allan
79207ee594 Use CanCanCan for redaction authorizations 2018-11-07 13:28:58 +01:00
Andy Allan
368ce0000d Migrate UserBlocksController to use CanCanCan 2018-11-07 13:07:08 +01:00