openstreetmap-website

Author	SHA1	Message	Date
Andy Allan	b7893df84e	Refactor diary entries to use create and update methods This brings it slightly more into line with resourceful routing.	2019-05-29 15:37:23 +02:00
Simon Poole	1be8d599e8	Add checkbox for contributor terms and improve text	2019-05-13 16:54:29 +02:00
Simon Poole	e488a7e862	Fix tests for change in users_controller	2019-05-13 16:54:29 +02:00
Tom Hughes	9f57f60b87	Fix new rubocop warnings	2019-04-23 09:33:34 +01:00
Andy Allan	e66c719294	Resourceful(ish) naming for api/users_controller	2019-04-10 17:06:15 +02:00
Andy Allan	5444af981c	Resourceful route names for api/trace_controller	2019-04-10 16:52:20 +02:00
Tom Hughes	79bda7a8ed	Format closed_at correctly in changeset API responses Fixes #2195	2019-03-30 15:40:08 +00:00
Tom Hughes	dcfe326f65	Merge remote-tracking branch 'upstream/pull/2175'	2019-03-26 19:14:04 +00:00
Tom Hughes	e3ed9988ce	Merge remote-tracking branch 'upstream/pull/2177'	2019-03-16 15:39:03 +00:00
Andy Allan	987398ad2a	Rubocop fixes	2019-03-16 15:30:41 +00:00
Frederik Ramm	538bfed8a6	Move changeset XML generation to a view	2019-03-16 15:30:18 +00:00
Andy Allan	d102c9aaf4	Move all settings to settings.yml We leave the STATUS setting alone, since it's required before rails boots. The test-specific settings now live in config/settings/test.yml	2019-03-13 18:06:23 +01:00
Andy Allan	1ca77d6dda	Rubocop fixes for ruby 2.5	2019-03-13 10:33:33 +01:00
Andy Allan	5f59845575	Move the api trace methods into a separate controller under the api namespace	2019-02-28 17:12:28 +01:00
Andy Allan	d7dd618d8f	Fix test file name	2019-02-28 17:12:28 +01:00
Andy Allan	46bc4650d2	Move the amf and swf controllers into the api namespace	2019-02-28 17:12:28 +01:00
Andy Allan	b4dbf6233c	Move the notes api methods into a controller in the api namespace	2019-02-28 17:12:28 +01:00
Andy Allan	4b4c5aac2f	Move the user api methods into a separate controller in the api namespace	2019-02-28 17:12:28 +01:00
Andy Allan	b38343e5bd	Move node/way/relation/old_* controllers into the api namespace	2019-02-28 17:12:28 +01:00
Andy Allan	9186a6155c	Move the user preferences controller into the api namespace	2019-02-24 12:47:26 +01:00
Andy Allan	2b81437fcd	Move the search controller to the api namespace	2019-02-24 12:42:07 +01:00
Andy Allan	947a41edee	Move the api methods from changeset_comments_controller into the api namespaced controller	2019-02-24 12:38:09 +01:00
Andy Allan	1778fa3d9c	Move the api methods from changesets_controller into the api namespaced controller	2019-02-24 12:18:31 +01:00
Andy Allan	f4e2990526	Move map method to its own controller	2019-02-24 11:44:10 +01:00
Andy Allan	d887252eeb	Move the changes api to its own controller	2019-02-24 11:00:28 +01:00
Andy Allan	8383fd0928	Move the permissions call out of api_controller	2019-02-24 11:00:28 +01:00
Andy Allan	b96391e456	Rename api controller test files	2019-02-24 11:00:28 +01:00
Andy Allan	317b8f9d45	Move the trackpoints call into its own controller (and rename to tracepoints)	2019-02-24 11:00:28 +01:00
Andy Allan	6a4092bc16	Move the capabilities call out of api_controller	2019-02-24 11:00:20 +01:00
Tom Hughes	908324323e	Merge remote-tracking branch 'upstream/pull/2136'	2019-02-06 18:30:41 +00:00
Andy Allan	35a2d66e19	Remove require_terms_agreed configuration option This has been set to true for 6 years in production. Refs #2097 As per other user settings, we set the terms as seen by default for tests, and we can override that when necessary for specific tests.	2019-02-06 15:50:57 +01:00
Andy Allan	65e8bbd5f8	Remove unnecessary requires from tests	2019-02-06 11:44:34 +01:00
Andy Allan	8a2df0e0b5	More resourceful routing for nodes, ways, relations and changesets controllers	2019-01-16 13:10:11 +01:00
Tom Hughes	62637645bf	Add basic tests for browse#new_note and browse#query	2019-01-09 21:12:33 +00:00
Andy Allan	c7a7d29813	Require terms agreement for abilities and capabilities related to api write methods	2019-01-02 17:40:43 +01:00
Andy Allan	ca596106f5	Refactor users_controller to use CanCanCan for authorisation	2018-12-12 16:17:24 +01:00
Andy Allan	981e4a34b5	Use only token capabilities when a token is provided The Authenticate#allow? method (from oauth-plugin) sets current_user as a side effect of checking the token. But this allows a valid token to access all actions that are available to that user, beyond the capabilities for that token.	2018-12-12 16:16:23 +01:00
Andy Allan	a3a10237f7	Use CanCanCan for user_roles auth	2018-11-28 21:39:26 +01:00
Tom Hughes	6f2f9221ef	Fix tests for rails 5.2.1 compatibility Rails 5.2.1 has changed how the request body is handled internally for a test which means we can no longer cheat by stashing it in the request environment and must instead pass it properly to the request method.	2018-11-15 00:46:53 +00:00
Tom Hughes	75189bd17d	Merge remote-tracking branch 'upstream/pull/2060'	2018-11-14 13:13:56 +00:00
Andy Allan	234afb3f42	Remove custom deny_access handlers Since these pages are not accessed by normal users, except for url fiddling, it's fine to respond with a generic access denied.	2018-11-14 14:10:51 +01:00
Tom Hughes	dd302f4f2c	Merge remote-tracking branch 'upstream/pull/2061'	2018-11-14 12:43:35 +00:00
Andy Allan	c89b88c8d0	Add a changeset to exercise that part of the contact rendering	2018-11-14 12:25:21 +01:00
Andy Allan	0d55c40ca8	Ensure that the blocked template rendering works	2018-11-14 12:19:23 +01:00
Andy Allan	d7f41756f9	Check that a request that requires authentication is redirected when the user hasn't seen the terms	2018-11-14 12:19:23 +01:00
Andy Allan	252b9ef08a	Pluralize changesets controller	2018-11-14 10:34:28 +01:00
Tom Hughes	ccdec3ed4c	Attempt to send pretty 403 errors to web browsers	2018-11-08 19:09:56 +00:00
Tom Hughes	6ca22de4f2	Merge remote-tracking branch 'upstream/pull/2051'	2018-11-08 17:51:23 +00:00
Tom Hughes	70d6880e10	Merge remote-tracking branch 'upstream/pull/2052'	2018-11-08 17:44:57 +00:00
Tom Hughes	10294f4849	Merge remote-tracking branch 'upstream/pull/2050'	2018-11-08 17:31:30 +00:00

1 2 3 4 5 ...

442 commits