cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
12662 commits 4 branches 1 tag 499 MiB
Commit graph

2142 commits

Author SHA1 Message Date
Andy Allan
cba08bb454 Simplify permissions check. 2017-12-13 16:43:09 +00:00
Andy Allan
02c9806323 Remove unused update method from issues_controller. 2017-12-13 16:29:47 +00:00
Andy Allan
e0faf68437 Remove new issue notifications for now 
This can be re-implemented later.
 2017-12-13 16:29:46 +00:00
Andy Allan
63992d83bd Store the report category. 2017-12-13 16:02:55 +00:00
Andy Allan
875e588348 Show issues based on all the users roles 
Previously you were prevented from seeing moderator issues if you
were also an administrator.
 2017-12-06 18:56:27 +00:00
Andy Allan
8dc8479e12 Re-enable issue reassigning. 2017-12-06 18:01:51 +00:00
Andy Allan
0df788d742 Rename 'issue_type' to 'assigned_role', set defaults in the model and test. 2017-12-06 17:15:11 +00:00
Tom Hughes
2c52c91b39 Make changeset#query preload users, tags and comments 2017-12-04 07:54:19 +00:00
Tom Hughes
fe2e215d14 Make the AMF getway_old call parse times as UTC 
Although it's not entirely clear how to interpret a timestamp from
a client the production servers have effectively been parsing them
as UTC because they run in the UTC time zone all year.

Using Time.zone to do the parse forces it to happen in the rails time
zone rather than the system time zone, which defaults to UTC as well.

Fixes #1688
 2017-12-01 19:24:26 +00:00
Tom Hughes
b77406ff38 Use decoded strings when parsing XML responses from geocoders 
Fixes #1690
 2017-11-29 23:07:19 +00:00
Andy Allan
3276063fcf Remove column sorting 
It's not tested, not working, and so it can come later in a separate PR.
 2017-11-29 17:28:09 +00:00
Andy Allan
effb1b7f41 Merge branch 'master' into moderation 2017-11-29 12:18:39 +00:00
Tom Hughes
986779966b Extend form-action policies for Chrome 
It seems that unlike other browsers Chrome requires that if a form
submission redirects that the redirected URL also match the form-action
policy rather than just requiring the original URL to match.
 2017-11-25 12:04:02 +00:00
Tom Hughes
afa5d420d3 Allow iD to fetch gpx files from arbitrary locations 2017-11-24 08:38:51 +00:00
Tom Hughes
527ec293c2 Fix security policy for mapillary in iD 2017-11-24 01:09:27 +00:00
Tom Hughes
6a1a4a3f7d Fix remote editing security policy 2017-11-24 00:46:27 +00:00
Tom Hughes
2cd81daf34 Add security policy for remote control editing 2017-11-24 00:43:14 +00:00
Tom Hughes
4950ae3c1f Allow iD to connect to nominatim 2017-11-24 00:10:38 +00:00
Tom Hughes
bb116b85df Allow third party images in user content 2017-11-23 22:39:05 +00:00
Andy Allan
15b104f4ff Merge branch 'p' of https://github.com/jfirebaugh/openstreetmap-website into jfirebaugh-p 
Refs #139
 2017-11-22 10:47:18 +00:00
Tom Hughes
7ce94ad0ec Add openstreetcam.org to security policy for iD 2017-11-16 10:17:22 +00:00
Tom Hughes
b6b9d543ac Fix rubocop warnings 2017-10-29 19:43:02 +00:00
Tom Hughes
cea455d390 Update for ActionView::Template::Error change 2017-10-27 19:25:49 +01:00
Andy Allan
d581f17665 Avoid using or comparing explicit model ids 
The code is easier to read using higher-level concepts.
 2017-10-22 21:58:09 +01:00
Tom Hughes
f02c753cc4 Use send_data for GPX traces intead of monkey patching send_file 2017-10-09 20:38:08 +01:00
Tom Hughes
8dae890a76 Fix rubocop warnings 2017-10-05 19:18:38 +01:00
Tom Hughes
6209a9be78 Drop geocoder.us from search engines 
Fixes #1633
 2017-09-25 22:52:03 +01:00
Andy Allan
8cf16fe78b Create an IssueCommentsController for managing IssueComments 2017-09-13 16:19:16 +01:00
Andy Allan
7ffec2eb38 Rework the 'issues not found' notice slightly. 
Previously it would go into a redirect loop if there were no issues
in the database.
 2017-09-13 16:12:36 +01:00
Andy Allan
d7612f42d0 Refactor creating a new report to use a ReportsController 
It's really a report that the user is creating, the issue is created indirectly. Similar
refactoring will be required for issue comments.
 2017-09-06 18:06:21 +01:00
Andy Allan
b4be5596f5 Rename xml processing methods with an update_ prefix 
They behave differently from the other from_xml methods on other models.
 2017-08-30 11:40:54 +01:00
Andy Allan
c647aa3d4d Refactor the from_xml methods to act on existing trace objects. 
Setting the new tags with the = operator takes care of removing the
old ones, and is the same approach as taken by the tagstring= method.

Fixes #1600
 2017-08-18 10:09:50 +01:00
Andy Allan
3e4255eb2c Use current_user instead of @user. 2017-08-02 12:21:51 +01:00
Andy Allan
e31376e28d Merge branch 'master' into moderation 2017-08-02 12:12:57 +01:00
Tom Hughes
ebeea34670 Replace @user with @current_user 
This ensures that that we will find any more hidden references
to @user that might be hanging around...
 2017-07-27 19:44:14 +01:00
Tom Hughes
24fc94944b Change user forms to use current user instead of @user 2017-07-27 19:40:20 +01:00
Tom Hughes
555a821c3e Merge remote-tracking branch 'upstream/pull/1595' 2017-07-27 19:18:31 +01:00
Andy Allan
09ba878519 Convert @user to current_user 2017-07-27 10:31:31 +01:00
Andy Allan
c819bec8b7 Use a current_user helper for accessing the logged in user in all views. 2017-07-27 10:07:51 +01:00
Andy Allan
41000078b9 Convert remaining controller code to use current_user 
The `self.current_user` is important when assigning to the current user,
to avoid creating a local variable called `current_user`
 2017-07-27 10:07:51 +01:00
Tom Hughes
4874219ab8 Mark account suspended flash message as HTML safe 
Fixes #1590
 2017-07-19 00:31:03 +01:00
Andy Allan
6f89da05d1 Use current_user to represent the currently logged in user. 
This is already used by the oauth plugin, and is a general rails convention.
 2017-07-12 16:10:50 +01:00
Andy Allan
c1cdddf11f Use rails 5 version of redirect_back. 2017-07-12 13:57:09 +01:00
Andy Allan
9c1c696141 Remove indirection. 2017-07-12 13:42:39 +01:00
Andy Allan
506c0b5f0d Set the reported_user in a callback 
This avoids passing around the reported_user via forms. There was no
validation anywhere that the reported_user corresponded to the object
being reported. This approach removes those worries too.
 2017-07-12 13:36:48 +01:00
Andy Allan
65e1dbb4a6 Rubocop autofixes. 2017-07-12 11:49:23 +01:00
Andy Allan
99df5f6179 Rename association to reported_user, for clarity 2017-07-12 11:44:05 +01:00
Andy Allan
dbd88d893f Merge branch 'master' into moderation 2017-07-12 10:16:11 +01:00
Tom Hughes
fe1e28b4f4 Fix more parameter sanitisation issues and add tests 2017-06-29 20:52:57 +01:00
Tom Hughes
3763cbc7d4 Disable forgery protection for notes API methods 
Fixes #1571
 2017-06-29 19:14:55 +01:00