This PR allows users to delete their own accounts. The logic implemented matches
that currently used by the admins when they manually close accounts, although
there is room to be more complex in future e.g. completely removing accounts
with no content.
The error handling has been slightly adapted for namespaced controllers, by
anchoring the controller name with a leading forward slash.
Without the ability defined, the user is still logged out, but then
the deny_access check redirects to the login page. The re-login attempt
would then fail anyway, with an error message, but let's fix the abilities
and use the intended page.
This opens up many possibilities for more interesting things to be
shown on the dashboard, as well as making it easier to find if
you have lots of content in your profile.
This API clearly shows its age, having never been fully implemented
and simply returning 100 ways (or 2000 relations) at random matching
the provided tags.
It is, as far as I'm aware, completely unused. While it provides a
good amount of humour to anyone who reads the code, the time as come
for it to be retired.
This will eventually replace the unversioned 'capabilities' call.
Client applications can use this versions call to find out what versions
are available, if they support multiple versions. The capabilities
of each version, and the format of the capabilities call, is then
able to change between versions. If a client only supports one version
they can jump straight to the versioned capabilities call.
Additionally, supported versions are now a list of version identifiers,
without any implications surrounding min/max values (e.g. guesswork
for supported intermediate versions).
Fixes#2162
This will allow us to rename api actions without causing permissions headaches. The choice of
abilities files is made by inheriting from either api_controller or application_controller.
Also rename capabilities to api_capabilites, for consistency.
This has been set to true for 6 years in production. Refs #2097
As per other user settings, we set the terms as seen by default for tests,
and we can override that when necessary for specific tests.
