cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
15354 commits 4 branches 1 tag 499 MiB
Commit graph

34 commits

Author SHA1 Message Date
Anton Khorev
2347906725 Send notifications to note subscribers instead of commenters 2024-11-08 11:40:55 +03:00
Anton Khorev
2d7e0a397a Subscribe users when they interact with notes 2024-10-28 02:35:25 +03:00
Andy Allan
83425edd8d Move api error handling and timeouts to parent class 
Fixes #4861

Since the around_action is defined before authorize_resource is called,
the handler needs to pass on the CanCan::AccessDenied exception.

I've added the timeouts where I think they were missing (e.g. UserPreferencesController)
but I've kept the exception for changeset#upload and traces#create
 2024-10-02 16:37:32 +01:00
Tom Hughes
17bc0853a0 Drop support for OAuth 1 2024-09-01 03:43:02 +03:00
mmd-osm
5b707ae5ea Lock note during status update to avoid race condition 2024-08-06 19:51:48 +02:00
Andy Allan
c1cccd40fc Move check_api_readable to api_controller 
It's easier to skip the check in the two places that we need to, and
include it by default everywhere else.
 2024-05-29 14:54:16 +01:00
Tom Hughes
2153e00f9f Drop ACL check from notes#comment as we no longer allow anonymous comments 2023-11-23 16:56:07 +00:00
Tom Hughes
f08fb4f30f Prevent API tokens without write_notes creating attributed comments 
Fixes #4362
 2023-11-22 12:30:39 +00:00
Tom Hughes
be3baea4de Merge remote-tracking branch 'upstream/pull/4222' 2023-09-03 18:54:18 +01:00
Anton Khorev
11df872c3e Add bbox parameter to notes search api 2023-09-03 11:26:05 +03:00
Anton Khorev
0ef4a299bb Check required bbox parameter presence outside of BoundingBox class 2023-09-03 09:47:27 +03:00
Tom Hughes
704781ad0b Add some additional preloads to notes#feed 2023-09-02 11:44:59 +01:00
Andy Allan
f5db9cbb20 Avoid using _id in queries 
This makes the queries shorter and easier to read.
 2023-08-30 17:08:16 +01:00
Anton Khorev
bc9f081841 Move note query limit values to settings 2023-08-19 05:06:00 +03:00
Andy Allan
067b0de439
Merge pull request #3676 from harry-wood/notes-disappear-time 
Display how long until a note will disappear
 2022-11-23 15:44:26 +00:00
Andy Allan
22946d703a Enable the ActionOrder cop for remaining controllers 
Where actions were reordered, the rails standard actions were
also moved to the top of each controller.
 2022-11-02 11:06:00 +00:00
Anton Khorev
225b260640 Pass min/max lat/lon to notes index rss builder 2022-10-25 13:52:28 +03:00
Anton Khorev
0c8b9eabf3 Pass min/max lat/lon to notes rss feed builder 2022-10-25 13:35:18 +03:00
Robbendebiene
ed1112bcef Allow setting HTTP ACCEPT header for notes API 
Previously the notes API return type could only be specified by appending the file extension like .json or .rss
 2022-09-23 11:40:19 +02:00
Harry Wood
e057e1c479 Define a DEFAULT_FRESHLY_CLOSED_LIMIT constant 
Define DEFAULT_FRESHLY_CLOSED_LIMIT in the Note model to allow the 7 day limit to be referenced in the API controller and in the new `freshy_closed_until` logic. The default value is `7.days`. API users can still override this, but the website uses that default for the duration of the green "freshly closed" notes markers.
 2022-09-14 23:59:41 +01:00
Tom Hughes
1a4faa4507 There is no need to do setup_user_auth and authorize for the same action 2022-07-08 16:38:51 +01:00
Tom Hughes
7f619c6484 Check API status before authorizing access 
Fixes #3530
 2022-04-11 20:47:52 +01:00
Tom Hughes
b5f06e06c1 Fix rubocop Rails/TimeZone warnings 2022-03-01 22:55:10 +00:00
Andy Allan
78b9d92207 Prefer keyword arguments when method has optional boolean arguments 2020-11-12 11:24:44 +00:00
Andy Allan
2c1033f62d Rename Notifier to UserMailer 
It's a convention in rails to name your mailers with a Mailer suffix, and is also common to name the class after the recipient (e.g. User, Admin). So UserMailer seems a reasonable choice.
 2020-10-14 15:04:58 +02:00
Andy Allan
8c326a6c1f Remove unnecessary layout calls from api controllers 
These were left over from the refactoring of the controllers into api and non-api versions.
 2020-07-08 18:51:27 +02:00
ENT8R
b84799f481 Keep the behaviour backwards-compatible 2020-02-19 12:58:47 +01:00
ENT8R
b7bdc88008 Don't expose technical terms to the user 2019-10-03 17:17:59 +02:00
ENT8R
d6c01586fe Sort and order notes by different values and ascending or descending order 2019-10-03 14:12:27 +02:00
Tom Hughes
783b5e3729 Merge remote-tracking branch 'upstream/pull/1926' 2019-08-28 17:23:10 +01:00
Andy Allan
742291a840 Simplify deny_access handling 
Now that we have all api controllers inheriting from a common base,
it's easier to override the deny_access handler without having to
switch between both.

Fixes #2064
 2019-03-20 14:39:17 +01:00
Andy Allan
3bb07e29ec Refactor api controllers to inherit from a common ApiController 2019-03-20 14:16:15 +01:00
Andy Allan
d102c9aaf4 Move all settings to settings.yml 
We leave the STATUS setting alone, since it's required before rails
boots. The test-specific settings now live in config/settings/test.yml
 2019-03-13 18:06:23 +01:00
Andy Allan
b4dbf6233c Move the notes api methods into a controller in the api namespace 2019-02-28 17:12:28 +01:00