Tom Hughes
b7432e9432
Handle new rubocop warnings
2020-09-02 07:18:21 +01:00
Tom Hughes
abca51e4d8
Fix some Style/StringConcatenation warnings
2020-08-09 19:48:16 +01:00
Tom Hughes
d4130bcac8
Fix the Redirect warnings from Brakeman
...
Unfortunately I've had to leave the check disabed as Brakeman
can't see inside the safe_referer method so doesn't realise that
it is cleaning the referer.
2020-07-22 19:23:46 +01:00
Andy Allan
600812f6ad
Rework user#set_status and #delete to avoid GET requests
...
This renames the delete action to destroy, and starts using resourceful
routing for user actions.
2020-06-10 11:49:18 +02:00
Andy Allan
8ebfdbc1ff
Move make_friend and remove_friend to friendships controller
2020-06-03 18:23:07 +02:00
Andy Allan
8a774e7519
Use a post link to logout
...
This avoids needing to access the session id, which is currently
only working with the memcache store.
The fallback page is preserved for anyone who wants to logout without
using javascript.
Refs #2488
2020-01-08 14:03:05 +01:00
Tom Hughes
57f5b7840e
Fix rubocop warnings
2019-12-04 19:31:53 +00:00
Tom Hughes
1f880528bd
Fix new rubocop warnings
2019-07-18 16:47:08 +01:00
Tom Hughes
3cfffc2258
Update gravatar methods to check for Active Storage images
2019-07-16 22:29:07 +01:00
Tom Hughes
905a7eadb6
Defer deletion of avatars to a background job
2019-07-16 08:27:14 +01:00
Tom Hughes
6c202448ad
Move user images to Active Storage with paperclip as a fallback
2019-07-09 19:17:30 +01:00
Tom Hughes
d2d5d48f29
Allow signups to be blocked by MX host
2019-06-23 11:21:03 +01:00
Andy Allan
d33b1f6b29
Pass the models, not the ids, when dealing with friendships
2019-06-19 16:56:31 +02:00
Andy Allan
1cf8fec58d
Rename Friend model to Friendship
...
This better describes what the model represents, which is the relationship
between the two users.
2019-06-19 16:39:25 +02:00
Simon Poole
1be8d599e8
Add checkbox for contributor terms and improve text
2019-05-13 16:54:29 +02:00
Simon Poole
fa81a608f7
Remove unnecessary test for 0
2019-05-13 16:54:29 +02:00
Simon Poole
e30813bbb1
Rubocop fixes and increase per method complexity limit from 23 to 25
2019-05-13 16:54:29 +02:00
Simon Poole
6d7a713c12
Require that tou_read checkbox is set
2019-05-13 16:54:29 +02:00
Simon Poole
077834704e
Add links to the ToU and include them in signup
...
- this adds links to the ToU in the Welcome box and on the About page
- adds a timestamp column to the users table to record acceptance of the ToU
- require ToU to be accepted before signup can proceed
- rearrange and change text on signup page
2019-05-13 16:52:18 +02:00
Tom Hughes
6600221fe3
Fix database offline mode
2019-03-17 11:15:34 +00:00
Andy Allan
d102c9aaf4
Move all settings to settings.yml
...
We leave the STATUS setting alone, since it's required before rails
boots. The test-specific settings now live in config/settings/test.yml
2019-03-13 18:06:23 +01:00
Tom Hughes
94b59f4403
Merge remote-tracking branch 'upstream/pull/2161'
2019-02-28 19:17:40 +00:00
Andy Allan
4b4c5aac2f
Move the user api methods into a separate controller in the api namespace
2019-02-28 17:12:28 +01:00
Tom Hughes
d2ff1491b4
Avoid CSP issues with OpenID login
...
To avoid Chrom getting upset about sending form data to sites
that our policy doesn't allow, even when it isn't, use Javascript
to jump straight to Omniauth as the direct OpenID based login
buttons were already doing.
Fixes #1909
2019-02-25 11:46:12 +00:00
Andy Allan
3795da4014
Remove the require_terms_seen configuration option
...
This option has been set to 'true' for over six years in production.
Refs #2097
2019-02-06 14:54:56 +01:00
Andy Allan
ca596106f5
Refactor users_controller to use CanCanCan for authorisation
2018-12-12 16:17:24 +01:00
Andy Allan
b54362d458
Use deliver_later for all email sending
2018-10-31 16:38:12 +01:00
Andy Allan
3ec67ea2d3
Rename user_controller to users_controller
2018-10-03 15:31:10 +02:00
