cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
15066 commits 4 branches 1 tag 499 MiB
Commit graph

16 commits

Author SHA1 Message Date
Andy Allan
83425edd8d Move api error handling and timeouts to parent class 
Fixes #4861

Since the around_action is defined before authorize_resource is called,
the handler needs to pass on the CanCan::AccessDenied exception.

I've added the timeouts where I think they were missing (e.g. UserPreferencesController)
but I've kept the exception for changeset#upload and traces#create
 2024-10-02 16:37:32 +01:00
Andy Allan
c1cccd40fc Move check_api_readable to api_controller 
It's easier to skip the check in the two places that we need to, and
include it by default everywhere else.
 2024-05-29 14:54:16 +01:00
Andy Allan
f2aaec4735 Standardise on avoiding except lists for check_api_readable 
Although this is technically duplicative, it's much easier to read
and therefore to maintain, particularly if you put the _readable one
first.
 2024-05-29 14:51:47 +01:00
Tom Hughes
ca893c1153 Fix new rubocop warnings 2024-05-21 18:21:56 +01:00
Anton Khorev
558c8765f5 Rename api changeset show template 
Make template name correspond to action name.
 2024-03-30 08:10:24 +03:00
Tom Hughes
f32b4bc044 Move changeset comment rate limit check to a predicate method 2023-08-30 18:36:33 +01:00
Tom Hughes
a274726f46 Add rate limiting for changeset comments 
Fixes #4196
 2023-08-25 19:53:04 +01:00
Tom Hughes
7f619c6484 Check API status before authorizing access 
Fixes #3530
 2022-04-11 20:47:52 +01:00
mmd-osm
4ec85171fd JSON output added to changeset(s) endpoints 2022-03-14 15:52:49 +01:00
Tom Hughes
cbcc7dc49f Fix some rubocop Naming/PredicateName warnings 2022-03-03 22:47:55 +00:00
Andy Allan
2c1033f62d Rename Notifier to UserMailer 
It's a convention in rails to name your mailers with a Mailer suffix, and is also common to name the class after the recipient (e.g. User, Admin). So UserMailer seems a reasonable choice.
 2020-10-14 15:04:58 +02:00
Andy Allan
742291a840 Simplify deny_access handling 
Now that we have all api controllers inheriting from a common base,
it's easier to override the deny_access handler without having to
switch between both.

Fixes #2064
 2019-03-20 14:39:17 +01:00
Andy Allan
3bb07e29ec Refactor api controllers to inherit from a common ApiController 2019-03-20 14:16:15 +01:00
Andy Allan
656ed0af76 Move changeset builder views to the api namespace 2019-03-16 15:30:41 +00:00
Frederik Ramm
538bfed8a6 Move changeset XML generation to a view 2019-03-16 15:30:18 +00:00
Andy Allan
947a41edee Move the api methods from changeset_comments_controller into the api namespaced controller 2019-02-24 12:38:09 +01:00