cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8244 commits 4 branches 1 tag 499 MiB
Commit graph

21 commits

Author SHA1 Message Date
Andy Allan
9f84c6f46e Use user_path links. Fixes #1785 2018-03-21 11:33:45 +08:00
mmd-osm
e21c967fdd Revoking administrator role on current user should fail 
Fixes #1697
Closes #1701
 2017-12-19 17:31:34 +00:00
Andy Allan
d581f17665 Avoid using or comparing explicit model ids 
The code is easier to read using higher-level concepts.
 2017-10-22 21:58:09 +01:00
Andy Allan
6f89da05d1 Use current_user to represent the currently logged in user. 
This is already used by the oauth plugin, and is a general rails convention.
 2017-07-12 16:10:50 +01:00
Tom Hughes
9b89d4eefe Remove conditions from delete_all 
Passing conditions directory to delete_all is deprecated
in rails 5.0 so use a separate where instead.
 2017-06-02 16:33:48 +01:00
Tom Hughes
dbe165bbb3 Fix some rubocop rails style issues 2015-02-26 00:12:54 +00:00
Tom Hughes
dc2a2c8ebd Standardise on double quoted strings 2015-02-20 19:47:26 +00:00
Tom Hughes
ef7f3d800c Fix most auto-correctable rubocop issues 2015-02-20 08:56:16 +00:00
Tom Hughes
34e3e51456 Cleanup trailing whitespace 2015-02-20 08:56:16 +00:00
Tom Hughes
f0feca800d Replace attr_accessible with strong parameters 2013-09-21 11:35:46 +01:00
Tom Hughes
311f7ddd6e Factor out common code for looking up users 2012-03-21 22:22:33 +00:00
Tom Hughes
a9824dbc2e Use one "no_such_user" view everywhere 2012-03-21 21:47:09 +00:00
Tom Hughes
38a610fd31 Add functional tests for the user_roles controller 2012-03-20 17:21:13 +00:00
Tom Hughes
5f33656c8d Get rid of custom CSRF protection for user role changes 
By restricting role changes to POST requests, which they should be
anyway, we get all the rails CSRF protection for free.
 2012-03-20 17:21:13 +00:00
Tom Hughes
1340fca8f1 Turn on mass assignment protection 
Require any attribute that is going to be mass assigned to be
whitelisted, and whitelist those attributes which need it
 2012-03-06 08:54:45 +00:00
Tom Hughes
e23744bd8d Add :warning and :error flash messages which can be styled separately to 
the existing :notice messages.

Also reviewd all existing flash messages and changed them to be errors or
warnings when appropriate and checked that those which are not followed by
a redirect are done as flash.now[] instead of flash[].
 2009-11-01 13:07:46 +00:00
Tom Hughes
54649a39a0 Correct comment. 2009-10-01 20:22:52 +00:00
Matt Amos
1e3b3c1f10 Refactored user_role and controller. Now much more DRY. 2009-10-01 17:15:34 +00:00
Matt Amos
ca06b3c7b1 New migration to add better auditing to user_roles and better column names there and on user_blocks. Added a helper for displaying block status messages. 2009-09-29 16:44:03 +00:00
Matt Amos
30d5e783e4 Added a confirmation step to the process of granting and revoking user roles. 2009-09-28 17:35:39 +00:00
Matt Amos
daa2496024 First version of blocking feature. Allows both time-based (for map protection) and notice-based (for education) blocks on users. Also introduces user roles and a simple UI for displaying and administering these. 2009-09-28 16:01:00 +00:00