gem "openstreetmap-deadlock_retry", ">= 1.3.1", :require => "deadlock_retry"
gem "rack-cors"
gem "rails-i18n", "~> 7.0.0"
+gem "rails_param"
gem "rinku", ">= 2.0.6", :require => "rails_rinku"
gem "strong_migrations"
gem "validates_email_format_of", ">= 1.5.1"
rails-i18n (7.0.9)
i18n (>= 0.7, < 2)
railties (>= 6.0.0, < 8)
+ rails_param (1.3.1)
+ actionpack (>= 3.2.0)
+ activesupport (>= 3.2.0)
railties (7.1.3.2)
actionpack (= 7.1.3.2)
activesupport (= 7.1.3.2)
rails (~> 7.1.0)
rails-controller-testing
rails-i18n (~> 7.0.0)
+ rails_param
rinku (>= 2.0.6)
rotp
rtlcss
if doorkeeper_token&.accessible?
self.current_user = User.find(doorkeeper_token.resource_owner_id)
elsif Authenticator.new(self, [:token]).allow?
- # self.current_user setup by OAuth
- elsif Settings.basic_auth_support
+ if Settings.oauth_10a_support
+ # self.current_user setup by OAuth
+ else
+ report_error t("application.oauth_10a_disabled", :link => t("application.auth_disabled_link")), :forbidden
+ end
+ else
username, passwd = auth_data # parse from headers
# authenticate per-scheme
self.current_user = if username.nil?
else
User.authenticate(:username => username, :password => passwd) # basic auth
end
- # log if we have authenticated using basic auth
- logger.info "Authenticated as user #{current_user.id} using basic authentication" if current_user
+ if username && current_user
+ if Settings.basic_auth_support
+ # log if we have authenticated using basic auth
+ logger.info "Authenticated as user #{current_user.id} using basic authentication"
+ else
+ report_error t("application.basic_auth_disabled", :link => t("application.auth_disabled_link")), :forbidden
+ end
+ end
end
# have we identified the user?
rescue_from CanCan::AccessDenied, :with => :deny_access
check_authorization
+ rescue_from RailsParam::InvalidParameterError, :with => :invalid_parameter
+
before_action :fetch_body
around_action :better_errors_allow_inline, :if => proc { Rails.env.development? }
@oauth_token = current_user.oauth_token(Settings.oauth_application) if current_user && Settings.key?(:oauth_application)
end
+ def require_oauth_10a_support
+ report_error t("application.oauth_10a_disabled", :link => t("application.auth_disabled_link")), :forbidden unless Settings.oauth_10a_support
+ end
+
##
# require the user to have cookies enabled in their browser
def require_cookies
end
end
+ def invalid_parameter(_exception)
+ if request.get?
+ respond_to do |format|
+ format.html { redirect_to :controller => "/errors", :action => "bad_request" }
+ format.any { head :bad_request }
+ end
+ else
+ head :bad_request
+ end
+ end
+
# extract authorisation credentials from headers, returns user = nil if none
def auth_data
if request.env.key? "X-HTTP_AUTHORIZATION" # where mod_rewrite might have put it
##
# list non-empty changesets in reverse chronological order
def index
+ param! :max_id, Integer, :min => 1
+
@params = params.permit(:display_name, :bbox, :friends, :nearby, :max_id, :list)
if request.format == :atom && @params[:max_id]
##
# limit selected items to one page, get ids of first item before/after the page
def get_page_items(items, includes: [], limit: 20)
+ param! :before, Integer, :min => 1
+ param! :after, Integer, :min => 1
+
id_column = "#{items.table_name}.id"
page_items = if params[:before]
items.where("#{id_column} < ?", params[:before]).order(:id => :desc)
before_action :set_locale
+ def bad_request
+ respond_to do |format|
+ format.html { render :status => :bad_request }
+ format.any { render :status => :bad_request, :plain => "" }
+ end
+ end
+
def forbidden
respond_to do |format|
format.html { render :status => :forbidden }
##
# Display a list of notes by a specified user
def index
+ param! :page, Integer, :min => 1
+
@params = params.permit(:display_name)
@title = t ".title", :user => @user.display_name
@page = (params[:page] || 1).to_i
# a login, but we want to check authorization on every action.
authorize_resource :class => false
+ before_action :require_oauth_10a_support
+
layout "site"
def revoke
authorize_resource :trace
def show
- trace = Trace.visible.find(params[:trace_id])
+ trace = Trace.visible.imported.find(params[:trace_id])
- if trace.inserted?
- if trace.public? || (current_user && current_user == trace.user)
- if trace.icon.attached?
- redirect_to rails_blob_path(trace.icon, :disposition => "inline")
- else
- expires_in 7.days, :private => !trace.public?, :public => trace.public?
- send_file(trace.icon_picture_name, :filename => "#{trace.id}_icon.gif", :type => "image/gif", :disposition => "inline")
- end
- else
- head :forbidden
- end
+ if trace.public? || (current_user && current_user == trace.user)
+ redirect_to rails_blob_path(trace.icon, :disposition => "inline")
else
- head :not_found
+ head :forbidden
end
rescue ActiveRecord::RecordNotFound
head :not_found
authorize_resource :trace
def show
- trace = Trace.visible.find(params[:trace_id])
+ trace = Trace.visible.imported.find(params[:trace_id])
- if trace.inserted?
- if trace.public? || (current_user && current_user == trace.user)
- if trace.icon.attached?
- redirect_to rails_blob_path(trace.image, :disposition => "inline")
- else
- expires_in 7.days, :private => !trace.public?, :public => trace.public?
- send_file(trace.large_picture_name, :filename => "#{trace.id}.gif", :type => "image/gif", :disposition => "inline")
- end
- else
- head :forbidden
- end
+ if trace.public? || (current_user && current_user == trace.user)
+ redirect_to rails_blob_path(trace.image, :disposition => "inline")
else
- head :not_found
+ head :forbidden
end
rescue ActiveRecord::RecordNotFound
head :not_found
scope :visible_to, ->(u) { visible.where(:visibility => %w[public identifiable]).or(visible.where(:user => u)) }
scope :visible_to_all, -> { where(:visibility => %w[public identifiable]) }
scope :tagged, ->(t) { joins(:tags).where(:gpx_file_tags => { :tag => t }) }
+ scope :imported, -> { where(:inserted => true) }
has_one_attached :file, :service => Settings.trace_file_storage
has_one_attached :image, :service => Settings.trace_image_storage
--- /dev/null
+<h1><%= t ".title" %></h1>
+<p><%= t ".description" %></p>
+<%= render :partial => "contact" %>
<h2><%= t ".whats_on_the_map.title" %></h2>
<div class='row'>
- <div class='col'>
+ <div class='col-sm'>
<div>
<span class='sprite small check mx-auto'></span>
</div>
<p><%= t ".whats_on_the_map.on_the_map_html", :real_and_current => tag.em(t(".whats_on_the_map.real_and_current")) %></p>
</div>
- <div class='col'>
- <div class='center'>
+ <div class='col-sm'>
+ <div>
<span class='sprite small x mx-auto'></span>
</div>
<p><%= t ".whats_on_the_map.off_the_map_html", :doesnt => tag.em(t(".whats_on_the_map.doesnt")) %></p>
--- /dev/null
+{
+ "ignored_warnings": [
+ {
+ "warning_type": "HTTP Verb Confusion",
+ "warning_code": 118,
+ "fingerprint": "9567bbac855c6ec5552572700ec809d7c1d77f59953e6725aeca54fee5091674",
+ "check_name": "VerbConfusion",
+ "message": "Potential HTTP verb confusion. `HEAD` is routed like `GET` but `request.get?` will return `false`",
+ "file": "app/controllers/application_controller.rb",
+ "line": 312,
+ "link": "https://brakemanscanner.org/docs/warning_types/http_verb_confusion/",
+ "code": "if request.get? then\n respond_to do\n format.html do\n redirect_to(:controller => \"/errors\", :action => \"bad_request\")\n end\n format.any do\n head(:bad_request)\n end\n end\nelse\n head(:bad_request)\nend",
+ "render_path": null,
+ "location": {
+ "type": "method",
+ "class": "ApplicationController",
+ "method": "invalid_parameter"
+ },
+ "user_input": "request.get?",
+ "confidence": "Weak",
+ "cwe_id": [
+ 352
+ ],
+ "note": ""
+ }
+ ],
+ "updated": "2024-04-11 10:07:03 +0100",
+ "brakeman_version": "6.1.2"
+}
messages:
invalid_email_address: není platná e-mailová adresa
email_address_not_routable: není routovatelná
+ display_name_is_user_n: nemůže být user_n, pokud n není vaše ID uživatele
models:
user_mute:
is_already_muted: již je ztlumen
odkaz.
lost_password:
subject: '[OpenStreetMap] Žádost o nové heslo'
- greeting: Dobrý den,
+ greeting: Ahoj,
hopefully_you: Někdo (patrně vy) požádal o vygenerování nového hesla pro uživatele
serveru openstreetmap.org s touto e-mailovou adresou.
click_the_link: Pokud jste to byli Vy, kliknutím na níže uvedený odkaz získáte
new:
title: Přihlásit se
tab_title: Přihlášení
+ login_to_authorize_html: Pro přístup k %{client_app_name} se přihlaste do OpenStreetMap.
email or username: E-mailová adresa nebo uživatelské jméno
password: Heslo
remember: Zapamatuj si mě
login_button: Přihlásit se
register now: Zaregistrujte se
with external: nebo se přihlaste prostřednictvím třetí strany
+ or: nebo
auth failure: Je mi líto, ale s uvedenými údaji se nemůžete přihlásit.
destroy:
title: Odhlásit se
identifiable: IDENTIFIKOVATELNÁ
private: SOUKROMÁ
trackable: STOPOVATELNÁ
+ details_with_tags_html: '%{time_ago} uživatelem %{user} v %{tags}'
+ details_without_tags_html: '%{time_ago} uživatelem %{user}'
index:
public_traces: Veřejné GPS stopy
my_gps_traces: Moje GPS stopy
muted_users: Ztlumení uživatelé
auth_providers:
openid_logo_alt: Přihlášení pomocí OpenID
+ openid_login_button: Pokračovat
openid:
title: Přihlásit se pomocí OpenID
alt: Přihlásit se pomocí OpenID URL
write_redactions: Upravte mapová data
read_email: Přečíst e-mailovou adresu uživatele
skip_authorization: Automaticky schválit aplikaci
+ for_roles:
+ moderator: Toto oprávnění je pro akce dostupné pouze moderátorům
oauth_clients:
new:
title: Registrace nové aplikace
users:
new:
title: Zaregistrovat se
+ tab_title: Registrace
+ signup_to_authorize_html: Zaregistrujte se pomocí OpenStreetMap pro přístup
+ k %{client_app_name}.
no_auto_account_create: Bohužel za vás momentálně nejsme schopni vytvořit účet
automaticky.
please_contact_support_html: Kontaktujte prosím %{support_link} a domluvte se
na vytvoření účtu – pokusíme se žádost vyřídit co nejrychleji.
support: podporu
about:
- header: Svobodná a editovatelná
+ header: Svobodná a editovatelná.
paragraph_1: Na rozdíl od jiných map je OpenStreetMap kompletně vytvořena
lidmi jako jste vy a kdokoli ji může zdarma opravit, aktualizovat, stáhnout
a používat.
- paragraph_2: Zaregistrujte se a začněte přispívat. Zašleme vám e-mail pro
- potvrzení vašeho účtu.
+ paragraph_2: Zaregistrujte se a začněte přispívat.
+ welcome: Vítejte v OpenStreetMap
+ duplicate_social_email: Pokud již máte účet OpenStreetMap a chcete používat
+ poskytovatele identity třetí strany, přihlaste se pomocí svého hesla a upravte
+ nastavení svého účtu.
display name description: Vaše veřejně zobrazované uživatelské jméno. Můžete
si ho později změnit ve svém nastavení.
+ by_signing_up_html: Registrací souhlasíte s našimi %{tou_link}, %{privacy_policy_link}
+ a %{contributor_terms_link}.
+ tou: podmínkami užití
+ contributor_terms: podmínkami pro přispěvatele
external auth: 'Autentizace třetí stranou:'
continue: Zaregistrovat se
terms accepted: Děkujeme za odsouhlasení nových podmínek pro přispěvatele!
privacy_policy: pravidlech ochrany osobních údajů
privacy_policy_title: Pravidla ochrany osobních údajů OSMF, včetně části o e-mailových
adresách
- use external auth: Případně se přihlaste prostřednictvím třetí strany
+ consider_pd_html: Své příspěvky považuji za %{consider_pd_link}.
+ consider_pd: volné dílo
+ or: nebo
+ use external auth: nebo se přihlaste prostřednictvím třetí strany
terms:
title: Podmínky
heading: Podmínky
contact_the_community_html: Μη διστάσετε να %{contact_link} με την κοινότητα
του OpenStreetMap εάν έχετε βρει έναν κατεστραμμένο σύνδεσμο / σφάλμα. Σημειώστε
την ακριβή διεύθυνση URL του αιτήματός σας.
+ bad_request:
+ title: Κακό αίτημα
forbidden:
title: Απαγορευμένο
description: Η λειτουργία που ζητήσατε στο διακομιστή OpenStreetMap είναι διαθέσιμη
peninsula: Χερσόνησος
point: Σημείο
reef: Ύφαλος
- ridge: ΣκÏ\8cÏ\80ελοÏ\82
+ ridge: Î\9aοÏ\81Ï\85Ï\86ογÏ\81αμμή
rock: Βράχος
saddle: Σέλα
sand: Άμμος
lost password link: Ξεχάσατε το συνθηματικό σας;
login_button: Σύνδεση
register now: Εγγραφείτε τώρα
- with external: 'Εναλλακτικά, χρησιμοποιήστε τρίτη υπηρεσία για σύνδεση:'
+ with external: ή συνδεθείτε μέσω τρίτης υπηρεσίας
+ or: ή
auth failure: Λυπούμαστε, δεν μπορείτε να συνδεθείτε με αυτές τις λεπτομέρειες.
destroy:
title: Αποσύνδεση
other: αρχείο GPX με %{count} σημεία από %{user}
description_without_count: Αρχείο GPX από τον χρήστη %{user}
application:
+ auth_disabled_link: https://wiki.openstreetmap.org/wiki/2024_authentication_update
permission_denied: Δεν έχετε τα απαραίτητα δικαιώματα για πρόσβαση σε αυτήν την
ενέργεια
require_cookies:
muted_users: Χρήστες σε Σίγαση
auth_providers:
openid_logo_alt: Σύνδεση με ένα OpenID
+ openid_login_button: Συνέχεια
openid:
title: Σύνδεση με OpenID
alt: Σύνδεση με ένα OpenID URL
users:
new:
title: Εγγραφή
+ tab_title: Εγγραφή
+ signup_to_authorize_html: Εγγραφείτε με το OpenStreetMap για πρόσβαση στο %{client_app_name}.
no_auto_account_create: Δυστυχώς δεν μπορούμε να δημιουργήσουμε αυτόματα έναν
λογαριασμό για εσάς.
please_contact_support_html: Παρακαλώ επικοινωνήστε με %{support_link} για να
το αίτημα το συντομότερο δυνατό.
support: υποστήριξη
about:
- header: Ελεύθερος και επεξεργάσιμος
+ header: Ελεύθερος και επεξεργάσιμος.
paragraph_1: Σε αντίθεση με άλλους χάρτες, το OpenStreetMap δημιουργείται
εξ ολοκλήρου από ανθρώπους σαν εσάς και είναι δωρεάν για οποιονδήποτε να
το διορθώσει, να ενημερώσει, να το κατεβάσει και να το χρησιμοποιήσει.
- paragraph_2: Εγγραφείτε για να ξεκινήσετε να συνεισφέρετε. Θα σας στείλουμε
- ένα email για να επιβεβαιώσουμε τον λογαριασμό σας.
+ paragraph_2: Εγγραφείτε για να ξεκινήσετε να συνεισφέρετε.
+ welcome: Καλώς ήλθατε στο OpenStreetMap
display name description: Το δημόσια εμφανιζόμενο όνομα χρήστη. Μπορείτε να
το αλλάξετε αργότερα από τις προτιμήσεις.
+ tou: όροι χρήσης
external auth: 'Έλεγχος ταυτότητας από τρίτο μέρος:'
continue: Εγγραφή
terms accepted: Ευχαριστούμε για την αποδοχή των νέων όρων συνεισφοράς!
privacy_policy: πολιτική απορρήτου
privacy_policy_title: Πολιτική απορρήτου OSMF, συμπεριλαμβανομένης της ενότητας
για τις διευθύνσεις ηλεκτρονικού ταχυδρομείου
- use external auth: Εναλλακτικά, χρησιμοποιήστε τρίτη υπηρεσία για σύνδεση
+ or: ή
+ use external auth: ή συνδεθείτε μέσω τρίτης υπηρεσίας
terms:
title: Όροι
heading: Όροι
contact_url_title: Various contact channels explained
contact: contact
contact_the_community_html: Feel free to %{contact_link} the OpenStreetMap community if you have found a broken link / bug. Make a note of the exact URL of your request.
+ bad_request:
+ title: Bad request
+ description: The operation you requested on the OpenStreetMap server is not valid (HTTP 400)
forbidden:
title: Forbidden
description: The operation you requested on the OpenStreetMap server is only available to administrators (HTTP 403)
other: "GPX file with %{count} points from %{user}"
description_without_count: "GPX file from %{user}"
application:
+ basic_auth_disabled: "HTTP Basic Authentication is disabled: %{link}"
+ oauth_10a_disabled: "OAuth 1.0 and 1.0a are disabled: %{link}"
+ auth_disabled_link: "https://wiki.openstreetmap.org/wiki/2024_authentication_update"
permission_denied: You do not have permission to access that action
require_cookies:
cookies_needed: "You appear to have cookies disabled - please enable cookies in your browser before continuing."
contact_the_community_html: '%{contact_link} kun la OpenStreetMap-komunumo,
se vi trovis misligilon aŭ alian eraron. Skribu la detalan retadreson de via
peto.'
+ bad_request:
+ title: Malĝusta peto
+ description: La ago – pri kiu vi petis la servilon OpenStreetMap – ne estas
+ valida (HTTP 400)
forbidden:
title: Malpermesata
description: La ago, pri kiu vi petis la OpenStreetMap-servilon estas disponebla
other: GPX-dosiero kun %{count} punktoj de %{user}
description_without_count: GPX-dosiero de %{user}
application:
+ basic_auth_disabled: 'Baza alira aŭtentigo estas malaktiva: %{link}'
+ oauth_10a_disabled: 'OAuth 1.0 kaj 1.0a estas malaktivaj: %{link}'
permission_denied: Vi ne rajtas fari tiun ĉi agon
require_cookies:
cookies_needed: Ŝajnas, ke vi malaktivigis 'kuketojn' - bonvolu aktivigi 'kuketojn'
intro: Ĉu vi rimarkis eraron aŭ io mankas? Sciigu aliajn mapigistojn, por ili
povos ripari tion. Movu la markon al la respektivan pozicion kaj enmetu la
rimarkon priskribantan la problemon.
+ anonymous_warning_html: Vi ne estas ensalutinta. %{log_in} aŭ %{sign_up} por
+ ricevi sciigojn pri via rimarko.
+ anonymous_warning_log_in: Ensalutu
+ anonymous_warning_sign_up: registriĝu
advice: Via rimarko estas publika kaj povas esti uzita por ĝisdatigi la mapon,
do ne enmetu privatajn informojn kaj informojn el kopirajtaj mapoj aŭ aliaj
datumbazoj.
intro: Atopou un erro ou descubriu que falla algún dato? Informe ós outros cartógrafos
para que poidamos solucionalo. Mova o marcador á posición correcta e escriba
unha nota expoñendo o problema.
+ anonymous_warning_html: Non iniciaches sesión. Por favor, %{log_in} ou %{sign_up}
+ se queres recibir actualizacións da túa nota.
+ anonymous_warning_log_in: accede ao sistema
+ anonymous_warning_sign_up: rexístrate
advice: A túa nota será pública e poderá empregarse para actualizar o mapa;
por conseguinte, non insiras información persoal, nin datos de mapas protexidos
por dereitos de autoría ou listaxes de directorios.
intro: Ti sei accorto di un errore o di qualcosa che manca? Fallo sapere agli
altri mappatori così possono correggerlo. Sposta il puntatore nella posizione
esatta e inserisci una nota per spiegare il problema.
+ anonymous_warning_log_in: entra
+ anonymous_warning_sign_up: registrati
advice: La tua nota è pubblica e potrebbe essere utilizzata per aggiornare la
mappa, pertanto non inserire informazioni personali e neppure dati provenienti
da mappe protette da copyright oppure elenchi.
description:
description_without_count: GPX-Fichier vum %{user}
application:
+ oauth_10a_disabled: 'OAuth 1.0 an 1.0a sinn desaktivéiert: %{link}'
+ auth_disabled_link: https://wiki.openstreetmap.org/wiki/2024_authentication_update
settings_menu:
account_settings: Astellunge vum Benotzerkont
oauth1_settings: OAuth 1-Astellungen
contact_the_community_html: Слободно стапете во %{contact_link} со заедницата
OpenStreetMap ако имате најдено расипана врска или грешка. Забележете ја точната
URL на вашето барање.
+ bad_request:
+ title: Неисправно барање
+ description: Операцијат што ја побаравте од опслужувачот на OpenStreetMap server
+ не е важечка (HTTP 400)
forbidden:
title: Забрането
description: Постапката која ја побаравте на опслужувачот на OpenStreetMap е
other: GPX-податотеки со %{count} точки од %{user}
description_without_count: GPX-податотека од %{user}
application:
+ basic_auth_disabled: 'Оневозможена е основната заверка со HTTP: %{link}'
+ oauth_10a_disabled: 'OAuth 1.0 и 1.0a се оневозможени: %{link}'
+ auth_disabled_link: https://wiki.openstreetmap.org/wiki/2024_authentication_update
permission_denied: Немате дозвола за ова дејство
require_cookies:
cookies_needed: Изгледа сте оневозможиле колачиња - дозволете колачиња во прелистувачот
intro: Забележавте некоја грешка или нешто недостасува? Дајте им на знаење на
другите картографи за да ја средиме работата. Поместете го бележникот на исправното
место и внесете порака, објаснувајќи го проблемот.
+ anonymous_warning_html: Не сте најавени. %{log_in} или %{sign_up} ако сакате
+ да ве известуваме за вашата белешка.
+ anonymous_warning_log_in: Најавете се
+ anonymous_warning_sign_up: зачленете се
advice: Вашата белешка е јавна и може да се употреби за поднова на картата.
Затоа, не внесувајте лични податоци, или пак податоци од карти или именици
заштитени со авторски права.
success: Conta eliminada.
browse:
deleted_ago_by_html: Excluído há %{time_ago} por %{user}
- edited_ago_by_html: Editado há %{time_ago} por %{user}
+ edited_ago_by_html: Editado %{time_ago} por %{user}
version: Versão
redacted_version: Versão reduzida
in_changeset: Conjunto de alterações
comment: تبصرہ
new:
title: نواں نوٹ
+ anonymous_warning_log_in: لاگ ان
+ anonymous_warning_sign_up: سائن اپ
add: نوٹ شامل کرو
javascripts:
close: بند کرو
intro: Bir hata mı buldunuz ya da eksik bir şey mi var? Bu sorunun düzeltilebilmesi
için diğer haritacılara bildirin. İmleci doğru konuma taşıyın ve sorunu açıklayan
bir not yazın.
+ anonymous_warning_html: Giriş yapmadınız. Notunuzla ilgili güncellemeleri almak
+ istiyorsanız lütfen %{log_in} veya %{sign_up}.
+ anonymous_warning_log_in: oturum aç
+ anonymous_warning_sign_up: kaydol
advice: Notunuz herkese açıktır ve haritayı güncellemek için kullanılabilir,
bu nedenle kişisel bilgilerinizi veya telif hakkıyla korunan haritalar veya
dizin listelerinden bilgi girmeyin.
contact: 聯絡
contact_the_community_html: 如果您發現有損壞的連結/錯誤,請隨時%{contact_link}OpenStreetMap 社群。並請記下您的請求的確切
URL 位址。
+ bad_request:
+ title: 錯誤請求
+ description: 您在 OpenStreetMap 伺服器上請求的操作無效(HTTP 400)
forbidden:
title: Forbidden
description: 您在 OpenStreetMap 伺服器上請求的運作僅限管理員使用(HTTP 403)
other: 由 %{user} 上傳的 GPX 檔案,含有 %{count} 點
description_without_count: 由 %{user} 上傳的 GPX 檔案
application:
+ basic_auth_disabled: HTTP 基本認證已停用:%{link}
+ oauth_10a_disabled: OAuth 1.0 與 1.0a 已停用:%{link}
+ auth_disabled_link: https://wiki.openstreetmap.org/wiki/2024_authentication_update
permission_denied: 您沒有權限來存取該操作。
require_cookies:
cookies_needed: 您似乎已停用 cookies - 請在瀏覽器中開啟 cookies,然後繼續。
write_redactions: 編寫地圖資料
read_email: 讀取使用者電子郵件位址
skip_authorization: 自動核准申請
+ for_roles:
+ moderator: 此權限用於僅可由仲裁員執行的操作
oauth_clients:
new:
title: 註冊新的應用程式
new:
title: 新增註記
intro: 發現錯誤或缺少些什麼東西嗎?請告訴其他地圖製作者以便於我們處理。將標記移動到正確的位置並輸入註記,以解釋問題。
+ anonymous_warning_html: 您尚未登入。若您想收到您的註記更新內容,請%{log_in}或%{sign_up}。
+ anonymous_warning_log_in: 登入
+ anonymous_warning_sign_up: 註冊
advice: 您的註記已公開並可用於更新地圖,因此請不要輸入個人訊息,或是來自於具版權保護地圖的訊息以及目錄清單。
add: 送出註記
javascripts:
resources :redactions
# errors
+ match "/400", :to => "errors#bad_request", :via => :all
match "/403", :to => "errors#forbidden", :via => :all
match "/404", :to => "errors#not_found", :via => :all
match "/500", :to => "errors#internal_server_error", :via => :all
#memcache_servers: []
# Enable HTTP basic authentication support
basic_auth_support: true
+# Enable OAuth 1.0/1.0a registration
+oauth_10_registration: true
# Enable legacy OAuth 1.0 support
oauth_10_support: true
-oauth_10_registration: true
+# Enable OAuth 1.0a support
+oauth_10a_support: true
# URL of Nominatim instance to use for geocoding
nominatim_url: "https://nominatim.openstreetmap.org/"
# Default editor
check_index_result(changesets.last(20))
end
+ ##
+ # This should report an error
+ def test_index_invalid_xhr
+ %w[-1 0 fred].each do |id|
+ get history_path(:format => "html", :list => "1", :max_id => id)
+ assert_redirected_to :controller => :errors, :action => :bad_request
+ end
+ end
+
##
# This should display the last 20 changesets closed in a specific area
def test_index_bbox
assert_select "li.page-item.disabled span.page-link", :text => "Newer Entries", :count => 1
end
+ def test_index_invalid_paged
+ # Try some invalid paged accesses
+ %w[-1 0 fred].each do |id|
+ get diary_entries_path(:before => id)
+ assert_redirected_to :controller => :errors, :action => :bad_request
+
+ get diary_entries_path(:after => id)
+ assert_redirected_to :controller => :errors, :action => :bad_request
+ end
+ end
+
def test_rss
create(:language, :code => "de")
create(:diary_entry, :language_code => "en")
assert_response :not_found
end
+ def test_comments_invalid_paged
+ user = create(:user)
+
+ %w[-1 0 fred].each do |id|
+ get diary_comments_path(:display_name => user.display_name, :before => id)
+ assert_redirected_to :controller => :errors, :action => :bad_request
+
+ get diary_comments_path(:display_name => user.display_name, :after => id)
+ assert_redirected_to :controller => :errors, :action => :bad_request
+ end
+ end
+
def test_subscribe_page
user = create(:user)
other_user = create(:user)
class ErrorsControllerTest < ActionDispatch::IntegrationTest
def test_routes
+ assert_routing(
+ { :path => "/400", :method => :get },
+ { :controller => "errors", :action => "bad_request" }
+ )
assert_routing(
{ :path => "/403", :method => :get },
{ :controller => "errors", :action => "forbidden" }
)
end
+ def test_bad_request
+ get "/400"
+ assert_response :bad_request
+ end
+
def test_forbidden
get "/403"
assert_response :forbidden
assert_select "table.note_list tbody tr", :count => 10
end
+ def test_index_invalid_paged
+ user = create(:user)
+
+ %w[-1 0 fred].each do |page|
+ get user_notes_path(user, :page => page)
+ assert_redirected_to :controller => :errors, :action => :bad_request
+ end
+ end
+
def test_empty_page
user = create(:user)
get user_notes_path(user)
assert_select "li.page-item a.page-link", :text => "Older Traces", :count => 2
end
+ def test_index_invalid_paged
+ # Try some invalid paged accesses
+ %w[-1 0 fred].each do |id|
+ get traces_path(:before => id)
+ assert_redirected_to :controller => :errors, :action => :bad_request
+
+ get traces_path(:after => id)
+ assert_redirected_to :controller => :errors, :action => :bad_request
+ end
+ end
+
# Check the RSS feed
def test_rss
user = create(:user)
check_no_page_link "Older Blocks"
end
+ ##
+ # test the index action with invalid pages
+ def test_index_invalid_paged
+ %w[-1 0 fred].each do |id|
+ get user_blocks_path(:before => id)
+ assert_redirected_to :controller => :errors, :action => :bad_request
+
+ get user_blocks_path(:after => id)
+ assert_redirected_to :controller => :errors, :action => :bad_request
+ end
+ end
+
##
# test the show action
def test_show
check_no_page_link "Older Blocks"
end
+ ##
+ # test the blocks_on action with invalid pages
+ def test_blocks_on_invalid_paged
+ user = create(:user)
+
+ %w[-1 0 fred].each do |id|
+ get user_blocks_on_path(user, :before => id)
+ assert_redirected_to :controller => :errors, :action => :bad_request
+
+ get user_blocks_on_path(user, :after => id)
+ assert_redirected_to :controller => :errors, :action => :bad_request
+ end
+ end
+
##
# test the blocks_by action
def test_blocks_by
check_no_page_link "Older Blocks"
end
+ ##
+ # test the blocks_by action with invalid pages
+ def test_blocks_by_invalid_paged
+ user = create(:moderator_user)
+
+ %w[-1 0 fred].each do |id|
+ get user_blocks_by_path(user, :before => id)
+ assert_redirected_to :controller => :errors, :action => :bad_request
+
+ get user_blocks_by_path(user, :after => id)
+ assert_redirected_to :controller => :errors, :action => :bad_request
+ end
+ end
+
private
def check_user_blocks_table(user_blocks)
check_no_page_link "Older Users"
end
+ def test_index_get_invalid_paginated
+ session_for(create(:administrator_user))
+
+ %w[-1 0 fred].each do |id|
+ get users_path(:before => id)
+ assert_redirected_to :controller => :errors, :action => :bad_request
+
+ get users_path(:after => id)
+ assert_redirected_to :controller => :errors, :action => :bad_request
+ end
+ end
+
private
def check_no_page_link(name)
projects / rails.git / commitdiff