cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8881 commits 4 branches 1 tag 499 MiB
Commit graph

1253 commits

Author SHA1 Message Date
Andy Allan
e85c56d151 Pluralize old_ controllers 2018-11-07 16:05:56 +01:00
Andy Allan
05117aa928 Pluralize nodes, ways and relations controllers 2018-11-07 15:55:26 +01:00
Tom Hughes
d73a5d4bc0 Merge character validators 2018-11-05 18:54:19 +00:00
Tom Hughes
b4ef61a9f3 Merge leading and trailing whitespace validators 2018-11-05 18:29:17 +00:00
J Guthrie
1e57189366 Added tests for validators 2018-11-05 16:23:30 +00:00
J Guthrie
6cde8c9b0c Changed User model to not allow nil display_name (w/ tests) 2018-11-05 15:40:37 +00:00
Tom Hughes
16bef0c8ec Merge remote-tracking branch 'upstream/pull/2023' 2018-11-03 14:34:18 +00:00
Tom Hughes
8c269aba4e Move abilities to a sepatarate top level directory 2018-11-03 12:56:50 +00:00
Tom Hughes
391fb933f5 Merge remote-tracking branch 'upstream/pull/2038' 2018-11-03 11:58:56 +00:00
Tom Hughes
6142980d07 Fix new rubocop warnings 2018-10-31 19:14:39 +00:00
Andy Allan
b54362d458 Use deliver_later for all email sending 2018-10-31 16:38:12 +01:00
Andy Allan
7a177cb03f Fix error messages when users should not be able to do things 2018-10-31 11:42:49 +01:00
Andy Allan
41619593df Add testing for moderator users and issues 2018-10-31 11:41:32 +01:00
Andy Allan
149c07fd2b Remove unnecessary token granting from the user_preferences tests 
Sufficient permissions are granted by the basic authorisation, so this
isn't testing anything.
 2018-10-31 11:36:24 +01:00
Andy Allan
f11221f05b Merge branch 'master' into cancancan 2018-10-31 11:16:47 +01:00
Andy Allan
0888f43d7b Check the oauth token and then use the capabilities directly 2018-10-24 16:48:54 +02:00
Andy Allan
71b21ec473 Rework capabilities to avoid assumptions about missing tokens 
The logic about missing tokens implying logged in users (and that
all logged in users have access to any method protected by a token
capability) is correct. However, I believe it is both confusing and
brittle, and leaves a security-related door ajar for future foot-gun
incidents.

Instead, apply Abilities as normal, and keep the Capabilities
involvement only for situations where a token is provided. This
reduces the cognitive burden when considering Abilities in isolation.
 2018-10-24 12:07:00 +02:00
Tom Hughes
a5124ed409 Update translation keys for renaming of user to users 
Fixes #2031
 2018-10-22 11:00:03 +01:00
Simon Poole
07ffb4c3f6 Calculate bounding box when deleting relations 
Closes #2030
Fixes #2020
 2018-10-21 19:32:12 +01:00
Tom Hughes
db13180c70 Use "user" as user id parameter for notes searches 2018-10-11 18:30:53 +01:00
Andy Allan
f8f7ab1568 Change abilities based on upstream renamings 2018-10-10 11:41:16 +02:00
Andy Allan
420a7289a0 Merge branch 'authz' of https://github.com/rubyforgood/openstreetmap-website into rubyforgood-authz 2018-10-10 11:26:30 +02:00
ENT8R
083500f056 Merge branch 'master' into notes-search 2018-10-09 11:41:22 +02:00
Tom Hughes
b8a8a88004 Merge remote-tracking branch 'upstream/pull/2014' 2018-10-03 18:59:33 +01:00
Andy Allan
3ec67ea2d3 Rename user_controller to users_controller 2018-10-03 15:31:10 +02:00
Andy Allan
5e407dfb34
Merge branch 'master' into messages 2018-10-03 14:04:12 +02:00
Xuyang Jia
d0e45c7c8e Fix any_relations always being false 
Closes #1976
 2018-09-22 17:46:00 +01:00
Tom Hughes
de29e9b3f5 Fix Style/NumericPredicate rubocop warnings 2018-09-22 17:34:58 +01:00
Tom Hughes
b4d90ec7f4 Test that friends are shown correctly on the user profile 
Fixes #1992
 2018-09-12 18:03:12 +01:00
Tom Hughes
297b0a0e16 Merge remote-tracking branch 'upstream/pull/1987' 2018-09-10 19:09:31 +01:00
Tom Hughes
276599d34f Merge remote-tracking branch 'upstream/pull/1986' 2018-09-10 19:01:28 +01:00
Tom Hughes
0e0c89b95c Merge remote-tracking branch 'upstream/pull/1985' 2018-09-10 18:58:27 +01:00
Tom Hughes
995a5f89c2 Merge remote-tracking branch 'upstream/pull/1984' 2018-09-10 18:53:13 +01:00
Wil
1d2a3841ab Resolve 34 Rubocop Lint/AmbiguousOperator conflicts 2018-09-10 11:43:50 +08:00
Wil
a182820139 Resolve 96 Rubocop Lint/AmbiguousRegexpLiteral conflicts 2018-09-10 11:28:16 +08:00
Andy Allan
100babbe6c Just pass the object, rather than the id, to _path methods where possible 2018-09-10 11:09:30 +08:00
Andy Allan
4dd4831c0a Just pass the user object, rather than the display_name, to the user_path helper 2018-09-10 10:54:29 +08:00
Andy Allan
3f2ba044e5 Rename diary_entry#list to #index 2018-09-10 10:26:28 +08:00
Andy Allan
a3606e00b4 Rename user#list to user#index 2018-09-10 10:03:34 +08:00
Andy Allan
a8ecb1bf4b Use full url escaping when required in trace tests 2018-09-10 09:37:52 +08:00
Tom Hughes
5a2d2f97ce Update changeset browse view for renaming of changeset#list to changeset#index 2018-09-09 12:36:34 +01:00
Tom Hughes
bc4e65394f Improve tests for trace RSS feeds 2018-09-09 11:50:05 +01:00
Tom Hughes
983e21db2e Merge remote-tracking branch 'upstream/pull/1974' 2018-09-05 19:06:16 +01:00
Tom Hughes
70cca71f38 Merge remote-tracking branch 'upstream/pull/1973' 2018-09-05 19:01:24 +01:00
Andy Allan
de6aa3f015 Rename changeset#list to changeset#index 2018-09-05 15:17:11 +08:00
Andy Allan
5a06a3dffe Rename diary_entry#view to diary_entry#show 2018-09-05 14:52:36 +08:00
Andy Allan
19c26e70a3 Rename user#view to user#show 2018-09-05 14:21:01 +08:00
Andy Allan
dfe21fec82 Use resourceful routing for message replies 2018-09-05 13:22:43 +08:00
Andy Allan
db30ea642e Use a resourceful path for message marking 2018-09-05 11:23:53 +08:00
Andy Allan
5405dde6ec Use resourceful destroy method for messages 2018-09-05 10:38:36 +08:00