OSM.Changeset = function (map) {
var page = {},
- content = $("#sidebar_content"),
- currentChangesetId;
+ content = $("#sidebar_content");
- page.pushstate = page.popstate = function (path, id) {
+ page.pushstate = page.popstate = function (path) {
OSM.loadSidebarContent(path, function () {
- page.load(path, id);
+ page.load();
});
};
- page.load = function (path, id) {
- if (id) currentChangesetId = id;
- initialize();
- addChangeset(currentChangesetId, true);
- };
+ page.load = function () {
+ const changesetData = content.find("[data-changeset]").data("changeset");
+ changesetData.type = "changeset";
- function addChangeset(id, center) {
- map.addObject({ type: "changeset", id: parseInt(id, 10) }, function (bounds) {
- if (!window.location.hash && bounds.isValid() &&
- (center || !map.getBounds().contains(bounds))) {
+ initialize();
+ map.addObject(changesetData, function (bounds) {
+ if (!window.location.hash && bounds.isValid()) {
OSM.router.withoutMoveListener(function () {
map.fitBounds(bounds);
});
}
});
- }
+ };
function updateChangeset(method, url, include_data) {
var data;
page.unload = function () {
map.removeLayer(group);
map.off("moveend", update);
+ map.off("zoomend", updateBounds);
};
return page;
this.removeObject();
- if (object.type === "note") {
+ if (object.type === "note" || object.type === "changeset") {
this._objectLoader = {
abort: function () {}
};
this._object = object;
this._objectLayer = L.featureGroup().addTo(this);
- L.circleMarker(object.latLng, haloStyle).addTo(this._objectLayer);
+ if (object.type === "note") {
+ L.circleMarker(object.latLng, haloStyle).addTo(this._objectLayer);
- if (object.icon) {
- L.marker(object.latLng, {
- icon: object.icon,
- opacity: 1,
- interactive: true
- }).addTo(this._objectLayer);
+ if (object.icon) {
+ L.marker(object.latLng, {
+ icon: object.icon,
+ opacity: 1,
+ interactive: true
+ }).addTo(this._objectLayer);
+ }
+ } else if (object.type === "changeset") {
+ if (object.bbox) {
+ L.rectangle([
+ [object.bbox.minlat, object.bbox.minlon],
+ [object.bbox.maxlat, object.bbox.maxlon]
+ ], changesetStyle).addTo(this._objectLayer);
+ }
}
if (callback) callback(this._objectLayer.getBounds());
- } else { // element or changeset handled by L.OSM.DataLayer
+ } else { // element handled by L.OSM.DataLayer
var map = this;
this._objectLoader = $.ajax({
url: OSM.apiUrl(object),
helper_method :oauth_token
def self.allow_thirdparty_images(**options)
- content_security_policy(options) do |policy|
+ content_security_policy(**options) do |policy|
policy.img_src("*", :data)
end
end
before_action :lookup_user, :only => :index
before_action :check_database_writable, :only => [:create, :hide, :unhide]
- allow_thirdparty_images :only => :index
+ allow_thirdparty_images :only => [:index, :create]
def index
@title = t ".title", :user => @user.display_name
elsif @message.save
flash[:notice] = t ".message_sent"
UserMailer.message_notification(@message).deliver_later if @message.notify_recipient?
- redirect_to messages_inbox_path
+ redirect_to messages_outbox_path
else
@title = t "messages.new.title"
render :action => "new"
t "changesets.index.title"
end
end
+
+ def changeset_data(changeset)
+ changeset_data = { :id => changeset.id }
+
+ if changeset.bbox_valid?
+ bbox = changeset.bbox.to_unscaled
+ changeset_data[:bbox] = {
+ :minlon => bbox.min_lon,
+ :minlat => bbox.min_lat,
+ :maxlon => bbox.max_lon,
+ :maxlat => bbox.max_lat
+ }
+ end
+
+ changeset_data
+ end
end
-<% changeset_data = { :id => changeset.id }
-
- if changeset.bbox_valid?
- bbox = changeset.bbox.to_unscaled
- changeset_data[:bbox] = {
- :minlon => bbox.min_lon,
- :minlat => bbox.min_lat,
- :maxlon => bbox.max_lon,
- :maxlat => bbox.max_lat
- }
- end %>
-
-<%= tag.li :id => "changeset_#{changeset.id}", :data => { :changeset => changeset_data }, :class => "list-group-item list-group-item-action" do %>
+<%= tag.li :id => "changeset_#{changeset.id}", :data => { :changeset => changeset_data(changeset) }, :class => "list-group-item list-group-item-action" do %>
<p class="fs-6 text-truncate text-wrap">
<a class="changeset_id link-body-emphasis stretched-link" href="<%= changeset_path(changeset) %>">
<span><%= changeset.tags["comment"].to_s.presence || t("browse.no_comment") %></span>
<p class="fs-6 overflow-x-auto">
<%= linkify(@changeset.tags["comment"].to_s.presence || t("browse.no_comment")) %>
</p>
- <p class="details"><%= changeset_details(@changeset) %></p>
+ <%= tag.p :class => "details", :data => { :changeset => changeset_data(@changeset) } do %>
+ <%= changeset_details(@changeset) %>
+ <% end %>
<%= render :partial => "browse/tag_details", :object => @changeset.tags.except("comment") %>
end
assert_response :success
assert_template :new
+ assert_match(/img-src \* data:;/, @response.headers["Content-Security-Policy-Report-Only"])
# Now try again with the right id
assert_difference "ActionMailer::Base.deliveries.size", entry.subscribers.count do
end
end
end
- assert_redirected_to messages_inbox_path
+ assert_redirected_to messages_outbox_path
assert_equal "Message sent", flash[:notice]
e = ActionMailer::Base.deliveries.first
assert_equal [recipient_user.email], e.to
get user_new_path, :params => { :cookie_test => "true" }
assert_response :success
+ assert_no_match(/img-src \* data:;/, @response.headers["Content-Security-Policy-Report-Only"])
+
assert_select "html", :count => 1 do
assert_select "head", :count => 1 do
assert_select "title", :text => /Sign Up/, :count => 1
get user_path(user)
assert_response :success
+ assert_match(/img-src \* data:;/, @response.headers["Content-Security-Policy-Report-Only"])
assert_select "div.content-heading" do
assert_select "a[href^='/user/#{ERB::Util.u(user.display_name)}/history']", 1
assert_select "a[href='/user/#{ERB::Util.u(user.display_name)}/traces']", 1
projects / rails.git / commitdiff