cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11494 commits 4 branches 1 tag 499 MiB
Commit graph

1618 commits

Author SHA1 Message Date
Andy Allan
4dd4831c0a Just pass the user object, rather than the display_name, to the user_path helper 2018-09-10 10:54:29 +08:00
Andy Allan
3f2ba044e5 Rename diary_entry#list to #index 2018-09-10 10:26:28 +08:00
Andy Allan
a3606e00b4 Rename user#list to user#index 2018-09-10 10:03:34 +08:00
Andy Allan
a8ecb1bf4b Use full url escaping when required in trace tests 2018-09-10 09:37:52 +08:00
Tom Hughes
5a2d2f97ce Update changeset browse view for renaming of changeset#list to changeset#index 2018-09-09 12:36:34 +01:00
Tom Hughes
bc4e65394f Improve tests for trace RSS feeds 2018-09-09 11:50:05 +01:00
Tom Hughes
983e21db2e Merge remote-tracking branch 'upstream/pull/1974' 2018-09-05 19:06:16 +01:00
Tom Hughes
70cca71f38 Merge remote-tracking branch 'upstream/pull/1973' 2018-09-05 19:01:24 +01:00
Andy Allan
de6aa3f015 Rename changeset#list to changeset#index 2018-09-05 15:17:11 +08:00
Andy Allan
5a06a3dffe Rename diary_entry#view to diary_entry#show 2018-09-05 14:52:36 +08:00
Andy Allan
19c26e70a3 Rename user#view to user#show 2018-09-05 14:21:01 +08:00
Andy Allan
dfe21fec82 Use resourceful routing for message replies 2018-09-05 13:22:43 +08:00
Andy Allan
db30ea642e Use a resourceful path for message marking 2018-09-05 11:23:53 +08:00
Andy Allan
5405dde6ec Use resourceful destroy method for messages 2018-09-05 10:38:36 +08:00
Tom Hughes
6027c42ee7 Hide note comments made by deleted users 
Fixes #1970
 2018-09-04 22:22:39 +01:00
Tom Hughes
a1b179fa38 Merge remote-tracking branch 'upstream/pull/1964' 2018-08-30 18:26:05 +01:00
Andy Allan
d0089f0ce8 Rename traces#list to traces#index 2018-08-29 17:58:37 +08:00
Andy Allan
16fef14b61 Rename traces#view to traces#show 2018-08-29 17:43:38 +08:00
Andy Allan
b745126b6e Split out updating a trace into an update action 2018-08-29 17:31:12 +08:00
Tom Hughes
05514ced0c Merge remote-tracking branch 'upstream/pull/1962' 2018-08-29 08:46:44 +01:00
Andy Allan
942e62117f
Merge pull request #1938 from jguthrie100/fix_no_trace_description_error 
Fixes "new trace" validation error
 2018-08-29 14:49:26 +08:00
Andy Allan
f38e03f0ed Refactor message creation to use a create action 
This makes it more conventional, rather than handling posts to the new action. The posting of the form was also reworked to use a hidden field for the displayname, rather than in the url, again for convention.
 2018-08-29 14:18:20 +08:00
Tom Hughes
06915a77b5 Fix FactoryBot deprecation warnings 2018-08-28 19:12:01 +01:00
Ilya Zverev
a46ecae757 Reverse coordinates order only when called with two nondescript numbers 2018-08-28 15:16:26 +03:00
ENT8R
e8cb7ac8f1
Add some more tests, better error handling for dates 2018-08-27 16:44:46 +02:00
Ilya Zverev
5b4a8ba587 Adjust test for latlon searching 2018-08-27 14:40:11 +03:00
ENT8R
5f1f8f3c91
Add some more tests 2018-08-26 19:06:01 +02:00
ENT8R
98402908b0
Improve code style, fix tests 2018-08-26 16:04:09 +02:00
Tom Hughes
5fa0aebe9f Use dynamic error pages built through the asset pipeline 
Fixes #1241
 2018-08-01 19:13:04 +01:00
J Guthrie
07480996d7 Refactored and added new test 2018-07-26 16:27:28 +01:00
Frederik Ramm
b9f9d9df88 allow moderators to read hidden notes through API 2018-07-22 15:42:14 +02:00
Frederik Ramm
e71d7e8bea fixed tests to work with new, non-anonymous note comments 2018-07-18 13:29:16 +02:00
Tom Hughes
5ff822083d Block non-localhost requests for all tests 
Only blocking them for the system tests didn't actually
work anyway as the setting is global so would apply to all
tests after the first system test.
 2018-07-10 18:59:15 +01:00
Tom Hughes
90d5d062f5 Fix nominatim stubs 2018-07-10 18:50:29 +01:00
Tom Hughes
b4106383d9 Add /api/0.6/users to fetch multiple users 
Fixes #1921
 2018-07-09 22:26:55 +01:00
Tom Hughes
53eadb36fc Fix another hostip stub 2018-07-09 20:36:41 +01:00
Tom Hughes
f70edc02f0 Return the "large" image from the user details API call 
Closes #1923
 2018-07-09 20:26:37 +01:00
Tom Hughes
d66b4b3d2f Fix stubbing of hostip requests 2018-07-09 20:15:42 +01:00
Tom Hughes
98de681e47 Update to rails 5.2.0 2018-06-19 00:16:24 +01:00
Tom Hughes
f7a35c5895 Fix new rubocop warnings 2018-06-18 09:00:49 +01:00
Chris Flipse
25256a4849 Make rubocop happy 2018-06-17 20:40:48 -04:00
Chris Flipse
91fc65a2e3 separate ability and capability 
These are asking fundamentally different questions;

Abilities are asking the application if the user has a role that allows
the user to take a certain action
Capabilities are asking if the user has granted the application to
perform a certain type of action

CanCanCan makes no distinction, however, so the `granted_capabilities`
method is provided as a point that can be checked in rescue methods, so
that one can _attempt_ to continue to provide the more informative error
messages around permission refusals
 2018-06-17 13:57:32 -04:00
Benjamin Reynolds
4d20a2c96a Authorize actions on GeocoderController with CanCanCan Ability 2018-06-17 13:57:06 -04:00
Chris Flipse
464c7f863e Update capabilities check to actually reflect the existing logic 
The OAuth capabilities are essentially user permissions that have been
granted to the app.  If the user authenticates through a non-oauth
method, they are assumed to have granted all capabilities to the app
 2018-06-17 13:57:06 -04:00
Chris Flipse
2a44ff581f fix and improve ability coverage to account for tokens 2018-06-17 13:57:06 -04:00
Chris Flipse
060c686c19 Use cancancan to authorize user_preference_controller 2018-06-17 13:57:06 -04:00
Chris Flipse
ac7c45bca0 add test helper to set oauth tokens 2018-06-17 13:57:06 -04:00
Chris Flipse
5232914427 Implement the cancan filters for diary entries 
Access logic is not _entirely_ exported from the controller,
unfortunately.  For interface reasons, some actions which require admin
have to be listed within the controller's deny_access method.

This is required because, being a default-deny system, cancancan
_cannot_ tell you the reason you were denied access; and so
the "nice" feedback presenting next steps can't be gleaned from
the exception
 2018-06-17 13:57:06 -04:00
Chris Flipse
6da3ece683 use token in ability checks 2018-06-17 13:56:23 -04:00
Tom Hughes
e5604ce98e Assign vandalism reports for users to moderators 2018-06-17 11:14:19 +01:00