X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/5751f8e086035b30a96dc2ccd5b54c9a15e1abde..90e787eed845a850eab63a22831c9cfa47f4dd3d:/app/controllers/application_controller.rb

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 90866fe76..25de71f20 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -20,7 +20,7 @@ class ApplicationController < ActionController::Base
   helper_method :oauth_token
 
   def self.allow_thirdparty_images(**options)
-    content_security_policy(options) do |policy|
+    content_security_policy(**options) do |policy|
       policy.img_src("*", :data)
     end
   end
@@ -39,7 +39,7 @@ class ApplicationController < ActionController::Base
 
   private
 
-  def authorize_web
+  def authorize_web(skip_terms: false)
     if session[:user]
       self.current_user = User.find_by(:id => session[:user], :status => %w[active confirmed suspended])
 
@@ -55,12 +55,12 @@ class ApplicationController < ActionController::Base
 
       # don't allow access to any auth-requiring part of the site unless
       # the new CTs have been seen (and accept/decline chosen).
-      elsif !current_user.terms_seen && flash[:skip_terms].nil?
-        flash[:notice] = t "users.terms.you need to accept or decline"
+      elsif !current_user.terms_seen && !skip_terms
+        flash[:notice] = t "accounts.terms.show.you need to accept or decline"
         if params[:referer]
-          redirect_to :controller => "users", :action => "terms", :referer => params[:referer]
+          redirect_to account_terms_path(:referer => params[:referer])
         else
-          redirect_to :controller => "users", :action => "terms", :referer => request.fullpath
+          redirect_to account_terms_path(:referer => request.fullpath)
         end
       end
     end
@@ -114,7 +114,7 @@ class ApplicationController < ActionController::Base
 
   def check_database_writable(need_api: false)
     if Settings.status == "database_offline" || Settings.status == "database_readonly" ||
-       (need_api && (Settings.status == "api_offline" || Settings.status == "api_readonly"))
+       (need_api && %w[api_offline api_readonly].include?(Settings.status))
       if request.xhr?
         report_error "Database offline for maintenance", :service_unavailable
       else
@@ -299,10 +299,7 @@ class ApplicationController < ActionController::Base
   end
 
   def deny_access(_exception)
-    if doorkeeper_token
-      set_locale
-      report_error t("oauth.permissions.missing"), :forbidden
-    elsif current_user
+    if current_user
       set_locale
       respond_to do |format|
         format.html { redirect_to :controller => "/errors", :action => "forbidden" }
@@ -334,7 +331,7 @@ class ApplicationController < ActionController::Base
     begin
       referer = URI.parse(referer)
 
-      if referer.scheme == "http" || referer.scheme == "https"
+      if %w[http https].include?(referer.scheme)
         referer.scheme = nil
         referer.host = nil
         referer.port = nil
@@ -349,10 +346,4 @@ class ApplicationController < ActionController::Base
 
     referer&.to_s
   end
-
-  def scope_enabled?(scope)
-    doorkeeper_token&.includes_scope?(scope)
-  end
-
-  helper_method :scope_enabled?
 end