cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
13754 commits 4 branches 1 tag 499 MiB
Commit graph

56 commits

Author SHA1 Message Date
Tom Hughes
741ed58838 Add a limit on the number of points in a GPS trace 2024-02-25 09:50:02 +00:00
Tom Hughes
31659bedbe Allow registration of OAuth 1.0 applications to be disabled 2024-01-31 19:18:16 +00:00
Anton Khorev
dfe299eff9 Add user account deletion delay setting 2023-11-22 16:15:59 +03:00
Tom Hughes
2f11b77309 Add support for per-user limits on the rate changes can be made 2023-11-02 08:59:57 +00:00
Tom Hughes
c8fc2218e5 Merge remote-tracking branch 'upstream/pull/4226' 2023-10-03 19:39:41 +01:00
Milan Cvetkovic
64bcf7652b Add openid connect support using doorkeeper-openid_connect gem 
... as discussed in [Issue 507](https://github.com/openstreetmap/operations/issues/507)
and described by @mmd-osm.

To activate, set the value of `doorkeeper_signing_key` to RSA private key.

Allows using openstreetmap as an identity provider.

Adds `openid` scope to OAuth2 authorizations, required to login to OSM.

Currently, the only claims returned are:
 - "openid" scope: "sub" and "preferred_username"
 - "read_email" scope: "email"
 2023-10-03 18:53:47 +01:00
Andy Allan
0a046673d6
Merge pull request #4201 from AntonKhorev/issues-limit-settings 
Move max value of issues counter to settings
 2023-09-27 15:47:44 +01:00
Paul Norman
00d085ed5d
Add Tracestrack Topo as featured layer 2023-09-19 22:16:42 -07:00
Anton Khorev
963b8f43f1 Change issue count logic from (n-1)+ to n+ 2023-09-01 08:05:01 +03:00
Anton Khorev
fff98f2afb Move max value of issues counter to settings 2023-09-01 07:14:45 +03:00
Tom Hughes
e210b4efbf Improve naming of changeset comment rate limit settings 2023-08-30 18:25:06 +01:00
Andy Allan
a1657f03a8
Merge pull request #4202 from tomhughes/changeset-comment-limit 
Add rate limiting for changeset comments
 2023-08-30 11:12:40 +01:00
Tom Hughes
a274726f46 Add rate limiting for changeset comments 
Fixes #4196
 2023-08-25 19:53:04 +01:00
Tom Hughes
63bf18a3c3 Add support for rate limiting signup requests 2023-08-22 18:45:17 +01:00
Tom Hughes
2a1689f962 Merge remote-tracking branch 'upstream/pull/4169' 2023-08-20 11:04:28 +01:00
Milan Cvetkovic
ad164d384e Change provider name to "microsoft" 2023-08-20 10:19:30 +01:00
Anton Khorev
bc9f081841 Move note query limit values to settings 2023-08-19 05:06:00 +03:00
Milan Cvetkovic
7428da74c2 Use omniauth-microsoft_graph instead of omniauth-windowslive 
Omniauth-microsoft_graph correctly populates 'email' and 'name' fields used by OpenStreetMap.
It also  uses updated endpoints for Microsoft identity provider.

Use email address returned by microsoft_graph provider as a verified address.

Upgrading exisiting users from windowslive to microsoft_graph:
 - upon next login existing `windowslive` users will have to authorizei
   OpenStreetMap application to "Read Your Profile," required for proper reading
   of display name field.

The name of the identity provider in OSM is kept to 'windowslive':
 - the entries in users table with `provider == 'windowslive'`
   can be reused for microsoft_graph provider, since
   the uid field is preserved. Users will not need to repeat the sign up process.
 - OAuth2 callback is still `/auth/windowslive`, no updates to Microsoft Identity Provider portal
   App registration are necessary.
 2023-08-17 13:01:15 +00:00
Anton Khorev
a5d14a1815 Move changeset query limit values to settings 2023-08-08 03:33:04 +03:00
Tom Hughes
1c420158f6 Remove default imagery blacklist 2023-07-13 20:14:13 +01:00
Pavel Zbytovský
b78bdd0b70
Block mapy.cz as non-approved imagery 
Issue: https://github.com/openstreetmap/openstreetmap-website/issues/4085
 2023-07-13 19:04:24 +02:00
Richard Fairhurst
b7887b049f Remove Geonames and geocoder.ca 2023-01-09 21:23:48 +00:00
Christian Beiwinkel
85f627c5c2 added valhalla routing engine 2022-12-16 17:05:36 +01:00
Tom Hughes
a9063f8369 Allow credentials to be sent with overpass calls 2022-10-13 19:12:25 +01:00
Tom Hughes
e9f62a8c30 Rename piwik to matomo and merge configuration into settings 2022-08-01 22:42:04 +01:00
Tom Hughes
0ae438a5c1 Add a configuration option to disable HTTP basic authentication 2022-07-08 17:25:20 +01:00
Tom Hughes
16210d9f4f Rename id_oauth_application to id_application in settings 2022-06-08 13:28:07 +01:00
Martin Raifer
c55d346d5f
Update to iD v2.21.0 
major changes in this release:
* dropped support for Internet Explorer 11
* switched authentication to OAuth 2

for further changes please refer to https://github.com/openstreetmap/iD/blob/release/CHANGELOG.md#2210
 2022-06-03 15:32:27 +02:00
hlfan
73f0be9647
variant B 
Reducing regex complexity and broadening the domain match
 2022-04-09 22:28:01 +02:00
hlfan
29c199d581
google imagery blacklist entry update 
Updated google imagery blacklist entry to include the pb implementation of the vt endpoint for URLs like these:
https://www.google.at/maps/vt?pb=!1m4!1m3!1e{z}!2i{x}!3u{y}!2m2!1e1!2sm!3b0
 2022-03-26 02:02:32 +01:00
Tom Hughes
92b122759f Remove support for legacy trace files 2022-03-03 19:47:40 +00:00
Tom Hughes
28900676f3 Default to allowing TLS for SMTP but without peer verification 2022-02-17 00:54:11 +00:00
Andy Allan
2fabc46421
Merge pull request #3440 from mmd-osm/relationmemberlimit 
Introduce relation member limit
 2022-02-16 14:58:30 +00:00
Tom Hughes
1612ea75c5 Allow trace image URL to be configured in the CSP policy 2022-02-13 19:25:42 +00:00
mmd-osm
2efd73c672 Introduce relation member limit 
Adds a new parameter `max_number_of_relation_members` in settings.yml
 2022-02-02 13:15:40 +01:00
Tom Hughes
0410596908 Switch traces to use ActiveStorage 2021-12-16 18:45:31 +00:00
Tom Hughes
ef85e8c7b3 Make the storage service to use for avatars configurable 2021-12-16 18:45:31 +00:00
Andy Allan
3aa8292d6d Drop the trace_use_job_queue option 
This has been set as true by default, and in production, for many
years. I don't think there's much use in keeping the setting around
any longer.
 2021-11-24 15:23:27 +00:00
Tom Hughes
b4a1e41968 Switch web site to use OAuth 2 2021-06-27 19:00:36 +01:00
Tom Hughes
84c601460f Add rate limiting to user friendships 2021-05-11 12:10:36 +01:00
Simon Poole
37df9af7f7
Remove GL and SH cantonal WMS servers from black list 
The previously restrictively licensed material is now available on relatively open terms directly from swisstopo per 1. March 2021, so these entries can be removed.
 2021-03-13 20:25:43 +01:00
Tom Hughes
0ff89c31e4 Remove both Potlatch versions 
Fixes #2622
 2021-01-05 21:18:45 +00:00
Andy Allan
7b0de13c61 Allow smtp settings to be configured through the settings system 
This allows easier configuration using the settings.local.yml files

Fixes #2571
 2020-11-25 16:12:49 +00:00
Tom Hughes
6855616870 Allow CDN URL for the embed page to be configured 2020-08-19 21:44:24 +01:00
Simon Poole
04c374c329 Block Canton Glarus imagery too 2020-08-17 14:08:37 +02:00
Simon Poole
a0b73b9a6b Black list 2010 and 2016 imagery for the Canton Schaffhauen 2020-08-16 11:20:09 +02:00
Tom Hughes
e0df631848 Switch GeoIP code to use GeoIPv2 databases 2020-01-01 18:50:48 +00:00
Tom Hughes
75e60acf66 Allow configuration of storage server URL for security policy 2019-07-09 19:43:03 +01:00
Tom Hughes
ba627420a3 Add support for Active Storage attachments 2019-07-09 19:17:29 +01:00
Tom Hughes
f99c383318 Merge remote-tracking branch 'upstream/pull/2225' 2019-05-30 18:06:58 +01:00