cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
12841 commits 4 branches 1 tag 499 MiB
Commit graph

55 commits

Author SHA1 Message Date
Andy Allan
415ac577f3 Remove some old debugging comments 2022-12-21 12:05:15 +00:00
Andy Allan
934d81aa55 Bootstrap 5: Replace all form-group classes with mb-3 2022-07-20 14:42:57 +01:00
Tom Hughes
446837c351 Merge remote-tracking branch 'upstream/pull/3419' 2022-02-03 18:37:12 +00:00
Andy Allan
1a11c4dc19 Use a state machine for user status 
The user status is a bit complex, since there are various states and
not all transitions between them make sense.

Using AASM means that we can name and restrict the transitions, which
hopefully makes them easier to reason about.
 2022-01-12 18:16:14 +00:00
Andy Allan
4436099e31 Remove params from user deletion test 
They have no effect, and are likely a copy-paste error from when
the test was first written in 39a54f8c14
 2022-01-12 16:45:58 +00:00
Andy Allan
a8e8ba1a64 Refactor the account edit/update pages out into a separate accounts controller 2021-12-08 15:17:50 +00:00
Tom Hughes
abbd5a30d4 Validate any origin passed the auth failure callback 
Fixes #3375
 2021-11-23 17:33:19 +00:00
Andy Allan
3719e8defb Remove the userinformation ids from headings 
The style rule was removed in 3f8cf32272
and they were otherwise only used in the tests.
 2021-11-11 14:53:36 +00:00
Andy Allan
fa7d64b788 Fix test 2021-09-15 14:36:08 +01:00
Andy Allan
cb7b79a58f Split the non-public information off of the profile page 
This opens up many possibilities for more interesting things to be
shown on the dashboard, as well as making it easier to find if
you have lots of content in your profile.
 2021-08-18 13:32:36 +01:00
Andy Allan
36f6d8d85d Fix redirect to terms path when not logged in 
This was missed during #3147 since it wasn't covered by a test.
 2021-07-28 16:36:13 +01:00
Andy Allan
caf2e2a242 Move profile-related settings to their own form 
Refs #3167
 2021-07-14 17:45:19 +01:00
Andy Allan
2403630da8 Split user preferences into a separate page 
Refs #3167
 2021-07-14 17:40:20 +01:00
Andy Allan
094d6c8bb9 Move confirmation methods into ConfirmationsController 2021-04-07 16:05:32 +01:00
Andy Allan
7a66c6d4eb Split password reset functionality into PasswordsController 2021-04-07 16:05:28 +01:00
Tom Hughes
e0d501f832 Don't allow deleted users to be confirmed 2021-04-01 17:28:03 +01:00
Andy Allan
9fd96cfb87 Move sessions-related tests out of UsersControllerTest 2021-03-24 11:40:17 +00:00
Andy Allan
f18baae22e Refactor login/logout into sessions controller 
Certain controller methods are shared with oauth-based logins, and these have been
moved to a concern.
 2021-03-24 11:32:46 +00:00
Andy Allan
38ad8fbc36 Use login_path instead of explicit controller and actions 
This makes future refactoring easier.
 2021-03-10 14:31:55 +00:00
Tom Hughes
1f136a84a6 Prevent CSRF bypass with login form 2021-02-10 20:39:23 +00:00
Tom Hughes
51af102c00 Prevent CSRF bypass with password reset form 2021-02-09 23:00:21 +00:00
Tom Hughes
7810734ac4 Prevent CSRF bypass updating account details 
Fixes #3089
 2021-02-08 12:24:43 +00:00
Andy Allan
a7d959e588 Refactor account form to use bootstrap 
There's further refactoring that could be done, but this is sufficient for now.
 2021-01-27 17:59:58 +00:00
Andy Allan
cc8bb7c6a5 Refactor user registration form to use bootstrap 2021-01-20 15:38:10 +00:00
Tom Hughes
812f5b44e8 Redirect after saving settings in case the username has changed 
Fixes #3059
 2021-01-19 18:57:34 +00:00
Tom Hughes
0ff89c31e4 Remove both Potlatch versions 
Fixes #2622
 2021-01-05 21:18:45 +00:00
Tom Hughes
21adea321b Convert password reset forms to use bootstrap 2020-09-04 00:36:43 +01:00
Tom Hughes
c11142d5c0 Convert logout form to use bootstrap 2020-09-03 23:52:59 +01:00
Andy Allan
600812f6ad Rework user#set_status and #delete to avoid GET requests 
This renames the delete action to destroy, and starts using resourceful
routing for user actions.
 2020-06-10 11:49:18 +02:00
Andy Allan
59c90aa023 Move friendship related tests to separate file 2020-06-03 17:51:11 +02:00
Andy Allan
3a16c465f7 Refactor user controller tests 
Because we don't have direct access to the session and cookies, some
of the tests need more setup e.g. by moving through the signup process
to get the session tokens into the right place for the confirmation
steps to work.
 2020-05-13 18:08:22 +02:00
Tom Hughes
7a1615bc55 Fix rubocop-minitest warnings 2020-04-15 19:07:13 +01:00
Andy Allan
f885cfe0f5 Rename form-row to standard-form-row to avoid clashing with a bootstrap class 2020-01-15 17:16:11 +01:00
Tom Hughes
e72acaca9b Merge remote-tracking branch 'upstream/pull/2495' 2020-01-15 10:11:30 +00:00
Andy Allan
9643e3393d Update tests to ensure referer is working 
This reinstates the form tests in the controller test, but uses
the system tests to actually click the button and make sure that
it works
 2020-01-08 18:26:57 +01:00
Andy Allan
8a774e7519 Use a post link to logout 
This avoids needing to access the session id, which is currently
only working with the memcache store.

The fallback page is preserved for anyone who wants to logout without
using javascript.

Refs #2488
 2020-01-08 14:03:05 +01:00
Tom Hughes
473da378b7 Remove fallback to hostip.info 
We haven't used hostip.info in production for years, except
for when we did so by accident, leading to a two hour partial
outage when it went down.
 2020-01-06 19:14:12 +00:00
Tom Hughes
e219916dcb When overriding setup make sure to call the superclass 2019-09-05 21:24:20 +01:00
Tom Hughes
91a37235ac Remove support for old style user images 2019-07-16 22:33:26 +01:00
Tom Hughes
6c202448ad Move user images to Active Storage with paperclip as a fallback 2019-07-09 19:17:30 +01:00
Andy Allan
cbb3c2bdf0 Use user models, not ids, in assertions 2019-06-19 17:03:13 +02:00
Andy Allan
d33b1f6b29 Pass the models, not the ids, when dealing with friendships 2019-06-19 16:56:31 +02:00
Andy Allan
1cf8fec58d Rename Friend model to Friendship 
This better describes what the model represents, which is the relationship
between the two users.
 2019-06-19 16:39:25 +02:00
Andy Allan
b7893df84e Refactor diary entries to use create and update methods 
This brings it slightly more into line with resourceful routing.
 2019-05-29 15:37:23 +02:00
Simon Poole
1be8d599e8 Add checkbox for contributor terms and improve text 2019-05-13 16:54:29 +02:00
Simon Poole
e488a7e862 Fix tests for change in users_controller 2019-05-13 16:54:29 +02:00
Andy Allan
4b4c5aac2f Move the user api methods into a separate controller in the api namespace 2019-02-28 17:12:28 +01:00
Andy Allan
35a2d66e19 Remove require_terms_agreed configuration option 
This has been set to true for 6 years in production. Refs #2097

As per other user settings, we set the terms as seen by default for tests,
and we can override that when necessary for specific tests.
 2019-02-06 15:50:57 +01:00
Andy Allan
ca596106f5 Refactor users_controller to use CanCanCan for authorisation 2018-12-12 16:17:24 +01:00
Andy Allan
c89b88c8d0 Add a changeset to exercise that part of the contact rendering 2018-11-14 12:25:21 +01:00