cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
13374 commits 4 branches 1 tag 499 MiB
Commit graph

1869 commits

Author SHA1 Message Date
Milan Cvetkovic
408f2918d0 Load openid signing key from endpoint during openid connect test 2023-10-03 18:55:10 +01:00
Milan Cvetkovic
2d5acd199b Add test for openid discovery 2023-10-03 18:55:10 +01:00
Milan Cvetkovic
1f62a2b342 Add a test for openid connect support 2023-10-03 18:55:10 +01:00
Anton Khorev
0fae5627a5 Remove <picture>s around <img srcset=...> 2023-10-03 03:06:12 +03:00
Andy Allan
0a046673d6
Merge pull request #4201 from AntonKhorev/issues-limit-settings 
Move max value of issues counter to settings
 2023-09-27 15:47:44 +01:00
Tom Hughes
e8af4b85bf Fix new rubocop warnings 2023-09-26 18:42:57 +01:00
Tom Hughes
85b17a1f2a Merge remote-tracking branch 'upstream/pull/4240' 2023-09-14 17:42:04 +01:00
Anton Khorev
4b92988555 Add comment ids to changeset discussion api responses 2023-09-10 17:30:06 +03:00
Anton Khorev
9442829d31 Add json output for show user block api 2023-09-09 16:50:36 +03:00
Anton Khorev
71654e563e Add show user block api endpoint 2023-09-09 15:53:22 +03:00
Anton Khorev
9682fe6431 Add user id to api trace output 2023-09-08 17:13:57 +03:00
Tom Hughes
f138055849 Merge remote-tracking branch 'upstream/pull/4225' 2023-09-06 18:42:29 +01:00
Andy Allan
cb4f99fef2 Use implicit style for associations with factory overrides 
This matches our usage of implicit style for associations generally,
e.g. `user`.
 2023-09-06 10:20:23 +01:00
Tom Hughes
dc6e30bab6 Merge remote-tracking branch 'upstream/pull/4231' 2023-09-05 17:22:04 +01:00
Tom Hughes
dc54ce7d0a Update argon2 tests for change in library default costs 2023-09-05 17:16:53 +01:00
Anton Khorev
caf49bb25d Show user id on profile pages to moderators and admins 2023-09-05 13:35:08 +03:00
Anton Khorev
7e6de66444 Swap older/newer diary entries buttons 2023-09-04 16:32:54 +03:00
Tom Hughes
be3baea4de Merge remote-tracking branch 'upstream/pull/4222' 2023-09-03 18:54:18 +01:00
Anton Khorev
11df872c3e Add bbox parameter to notes search api 2023-09-03 11:26:05 +03:00
Anton Khorev
0ef4a299bb Check required bbox parameter presence outside of BoundingBox class 2023-09-03 09:47:27 +03:00
Anton Khorev
963b8f43f1 Change issue count logic from (n-1)+ to n+ 2023-09-01 08:05:01 +03:00
Tom Hughes
75bde83a13 Improve testing of changeset comment rate limits 2023-08-30 19:11:08 +01:00
Tom Hughes
e210b4efbf Improve naming of changeset comment rate limit settings 2023-08-30 18:25:06 +01:00
Andy Allan
b595b87c48 Use trace instead of gpx_id in queries 
This makes the queries easier to read.
 2023-08-30 17:08:46 +01:00
Andy Allan
f5db9cbb20 Avoid using _id in queries 
This makes the queries shorter and easier to read.
 2023-08-30 17:08:16 +01:00
Andy Allan
a1657f03a8
Merge pull request #4202 from tomhughes/changeset-comment-limit 
Add rate limiting for changeset comments
 2023-08-30 11:12:40 +01:00
ENT8R
26a092fbf7 Add checks to ensure that the response is empty 2023-08-26 13:01:05 +02:00
ENT8R
bc71737f05 Change tests to expect a successful (empty) response even if the user is not visible anymore 2023-08-26 09:37:06 +02:00
Tom Hughes
a274726f46 Add rate limiting for changeset comments 
Fixes #4196
 2023-08-25 19:53:04 +01:00
Tom Hughes
6759130cb3 Test that suspended and deleted users can't use OAuth tokens 2023-08-25 12:10:32 +01:00
Tom Hughes
477f700cfa Logout while testing OAuth 1 token usage 
This ensures we're not accidentally inheriting any session permissions.
 2023-08-25 09:44:25 +01:00
Tom Hughes
b9f9c0f3cc Separate authenticating user from application owner in OAuth 1 tests 2023-08-25 08:51:41 +01:00
Tom Hughes
7054cea48e Merge remote-tracking branch 'upstream/pull/4190' 2023-08-20 18:49:32 +01:00
Tom Hughes
2a1689f962 Merge remote-tracking branch 'upstream/pull/4169' 2023-08-20 11:04:28 +01:00
Milan Cvetkovic
ad164d384e Change provider name to "microsoft" 2023-08-20 10:19:30 +01:00
Milan Cvetkovic
b3e13eb752 Update tests for microsoft_graph endpoints 2023-08-20 10:17:42 +01:00
Anton Khorev
0bd5838f51 Respond with plaintext when user not found in changeset query 
The response used to be of type xml with empty body, which is not valid xml.
 2023-08-19 20:26:13 +03:00
Anton Khorev
3f6e344e6a Expose note query limit values in api capabilities 2023-08-19 05:40:34 +03:00
Anton Khorev
a654071beb Add missing changeset query limit capabilities test 2023-08-19 05:40:05 +03:00
Anton Khorev
df60444d05 Use max note query limit setting in tests 2023-08-19 05:23:42 +03:00
Anton Khorev
5bdaf0b73b Add JSON output to /api/versions 2023-08-18 05:16:39 +03:00
Tom Hughes
54164f6cc6 Merge remote-tracking branch 'upstream/pull/4171' 2023-08-17 19:07:37 +01:00
Milan Cvetkovic
7428da74c2 Use omniauth-microsoft_graph instead of omniauth-windowslive 
Omniauth-microsoft_graph correctly populates 'email' and 'name' fields used by OpenStreetMap.
It also  uses updated endpoints for Microsoft identity provider.

Use email address returned by microsoft_graph provider as a verified address.

Upgrading exisiting users from windowslive to microsoft_graph:
 - upon next login existing `windowslive` users will have to authorizei
   OpenStreetMap application to "Read Your Profile," required for proper reading
   of display name field.

The name of the identity provider in OSM is kept to 'windowslive':
 - the entries in users table with `provider == 'windowslive'`
   can be reused for microsoft_graph provider, since
   the uid field is preserved. Users will not need to repeat the sign up process.
 - OAuth2 callback is still `/auth/windowslive`, no updates to Microsoft Identity Provider portal
   App registration are necessary.
 2023-08-17 13:01:15 +00:00
Tom Hughes
6982903ae7 Fix predicate method names in the user model 2023-08-15 18:53:14 +01:00
Anton Khorev
1e8cd9bedd Add tests for changeset order + from..to queries 2023-08-15 19:29:05 +03:00
Tom Hughes
e2cb2327f9 Merge remote-tracking branch 'upstream/pull/4144' 2023-08-13 10:50:33 +01:00
Tom Hughes
a1798fe6fb Merge remote-tracking branch 'upstream/pull/4159' 2023-08-13 10:38:58 +01:00
Tom Hughes
3539328d1c Check that the /api/0.6/capabilities.json route is recognised 2023-08-13 10:33:43 +01:00
Tom Hughes
6d74aa2873 Merge remote-tracking branch 'upstream/pull/4158' 2023-08-13 10:00:29 +01:00
Anton Khorev
8c42c39a67 Use Settings.generator string in tests 2023-08-12 19:07:36 +03:00