cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
9145 commits 4 branches 1 tag 499 MiB
Commit graph

33 commits

Author SHA1 Message Date
Tom Hughes
6600221fe3 Fix database offline mode 2019-03-17 11:15:34 +00:00
Andy Allan
f4e2990526 Move map method to its own controller 2019-02-24 11:44:10 +01:00
Andy Allan
d887252eeb Move the changes api to its own controller 2019-02-24 11:00:28 +01:00
Andy Allan
8383fd0928 Move the permissions call out of api_controller 2019-02-24 11:00:28 +01:00
Andy Allan
317b8f9d45 Move the trackpoints call into its own controller (and rename to tracepoints) 2019-02-24 11:00:28 +01:00
Andy Allan
6a4092bc16 Move the capabilities call out of api_controller 2019-02-24 11:00:20 +01:00
Andy Allan
35a2d66e19 Remove require_terms_agreed configuration option 
This has been set to true for 6 years in production. Refs #2097

As per other user settings, we set the terms as seen by default for tests,
and we can override that when necessary for specific tests.
 2019-02-06 15:50:57 +01:00
Andy Allan
8a2df0e0b5 More resourceful routing for nodes, ways, relations and changesets controllers 2019-01-16 13:10:11 +01:00
Tom Hughes
11806a676f Merge remote-tracking branch 'upstream/pull/2116' 2019-01-16 10:23:27 +00:00
Andy Allan
3e49e4a62a Use CanCanCan to control access to oauth controller actions 2019-01-16 10:17:55 +01:00
Andy Allan
e7f943c715 Use CanCanCan for nodes, ways, relations, old and api controllers 2019-01-16 10:12:19 +01:00
Tom Hughes
5c877e0fa4 Allow everybody to query features 2019-01-09 19:15:55 +00:00
Tom Hughes
99b380765a Allow everybody to create new notes 
Fixes #2110
 2019-01-09 18:13:55 +00:00
Tom Hughes
6c2432ae42 Merge remote-tracking branch 'upstream/pull/2109' 2019-01-09 17:27:16 +00:00
Tom Hughes
74e1d7336e Merge remote-tracking branch 'upstream/pull/2107' 2019-01-09 17:20:08 +00:00
Tom Hughes
09b6560e81 Merge remote-tracking branch 'upstream/pull/2106' 2019-01-09 17:16:01 +00:00
Andy Allan
b184b39f34 Use CanCanCan for oauth clients controller 2019-01-09 15:34:54 +01:00
Andy Allan
425f42dd80 Use CanCanCan for messages controller 2019-01-09 15:27:29 +01:00
Andy Allan
1774109311 Use CanCanCan for changesets controller 
The expand_bbox method now needs require_write_api capability on tokens.
 2019-01-09 12:41:33 +01:00
Andy Allan
414c4b2c36 Use CanCanCan for traces controller 2019-01-09 11:40:54 +01:00
Andy Allan
73201ca96b Use CanCanCan for swf controller 2019-01-09 10:32:57 +01:00
Andy Allan
7420479cde Use CanCanCan for directions controller 2019-01-09 10:12:14 +01:00
Andy Allan
1e30edba53 Use CanCanCan for browse controller 2019-01-09 10:10:12 +01:00
Andy Allan
44eea9dcaf Use CanCanCan for export controller 2019-01-02 19:21:10 +01:00
Andy Allan
ad68d4c634 Use CanCanCan for search controller 2019-01-02 19:17:32 +01:00
Andy Allan
c7a7d29813 Require terms agreement for abilities and capabilities related to api write methods 2019-01-02 17:40:43 +01:00
Andy Allan
ca596106f5 Refactor users_controller to use CanCanCan for authorisation 2018-12-12 16:17:24 +01:00
Andy Allan
a3a10237f7 Use CanCanCan for user_roles auth 2018-11-28 21:39:26 +01:00
Andy Allan
ea766ec57d Use CanCanCan for notes authorization 2018-11-28 15:59:47 +01:00
Andy Allan
8f70fb2114 Use CanCanCan for changeset comments 
This introduces different deny_access handlers for web and api requests, since we want to avoid sending redirects as API responses. See #2064 for discussion.
 2018-11-28 12:35:45 +01:00
Andy Allan
79207ee594 Use CanCanCan for redaction authorizations 2018-11-07 13:28:58 +01:00
Andy Allan
368ce0000d Migrate UserBlocksController to use CanCanCan 2018-11-07 13:07:08 +01:00
Tom Hughes
8c269aba4e Move abilities to a sepatarate top level directory 2018-11-03 12:56:50 +00:00
Renamed from app/models/ability.rb (Browse further)