if user&.active?
can :welcome, :site
- can :read, [:deletion, :account_terms, :account_pd_declaration]
+ can :read, [:deletion, :account_terms, :account_pd_declaration, :account_home]
if Settings.status != "database_offline"
can [:read, :create, :destroy], :changeset_subscription
can :destroy, Note if scopes.include?("write_notes")
- can :redact, [OldNode, OldWay, OldRelation] if user&.terms_agreed? && scopes.include?("write_redactions")
+ can :redact, [OldNode, OldWay, OldRelation] if user.terms_agreed? && scopes.include?("write_redactions")
+ can :create, UserBlock if scopes.include?("write_blocks")
// See https://turbo.hotwired.dev/reference/drive#turbo.session.drive
Turbo.session.drive = false;
- var headerWidth = 0,
- compactWidth = 0;
+ const $expandedSecondaryMenu = $("header nav.secondary > ul"),
+ $collapsedSecondaryMenu = $("#compact-secondary-nav > ul"),
+ secondaryMenuItems = [],
+ breakpointWidth = 768;
+ let moreItemWidth = 0;
function updateHeader() {
var windowWidth = $(window).width();
- if (windowWidth < compactWidth) {
- $("body").removeClass("compact-nav").addClass("small-nav");
- } else if (windowWidth < headerWidth) {
- $("body").addClass("compact-nav").removeClass("small-nav");
+ if (windowWidth < breakpointWidth) {
+ $("body").addClass("small-nav");
+ expandAllSecondaryMenuItems();
} else {
- $("body").removeClass("compact-nav").removeClass("small-nav");
+ $("body").removeClass("small-nav");
+ const availableWidth = $expandedSecondaryMenu.width();
+ secondaryMenuItems.forEach(function (item) {
+ $(item[0]).remove();
+ });
+ let runningWidth = 0,
+ i = 0,
+ requiredWidth;
+ for (; i < secondaryMenuItems.length; i++) {
+ runningWidth += secondaryMenuItems[i][1];
+ if (i < secondaryMenuItems.length - 1) {
+ requiredWidth = runningWidth + moreItemWidth;
+ } else {
+ requiredWidth = runningWidth;
+ }
+ if (requiredWidth > availableWidth) {
+ break;
+ }
+ expandSecondaryMenuItem($(secondaryMenuItems[i][0]));
+ }
+ for (; i < secondaryMenuItems.length; i++) {
+ collapseSecondaryMenuItem($(secondaryMenuItems[i][0]));
+ }
+ function expandAllSecondaryMenuItems() {
+ secondaryMenuItems.forEach(function (item) {
+ expandSecondaryMenuItem($(item[0]));
+ });
+ }
+ function expandSecondaryMenuItem($item) {
+ $item.children("a")
+ .removeClass("dropdown-item")
+ .addClass("nav-link")
+ .addClass(function () {
+ return $(this).hasClass("active") ? "text-secondary-emphasis" : "text-secondary";
+ });
+ $item.addClass("nav-item").insertBefore("#compact-secondary-nav");
+ toggleCompactSecondaryNav();
+ }
+ function collapseSecondaryMenuItem($item) {
+ $item.children("a")
+ .addClass("dropdown-item")
+ .removeClass("nav-link text-secondary text-secondary-emphasis");
+ $item.removeClass("nav-item").appendTo($collapsedSecondaryMenu);
+ toggleCompactSecondaryNav();
+ }
+ function toggleCompactSecondaryNav() {
+ $("#compact-secondary-nav").toggle(
+ $collapsedSecondaryMenu.find("li").length > 0
+ );
+ }
* Chrome 60 and later seem to fire the "ready" callback
* before the DOM is fully ready causing us to measure the
* to defer the measurement slightly as a workaround.
setTimeout(function () {
- $("header").children(":visible").each(function (i, e) {
- headerWidth += $(e).outerWidth();
+ $expandedSecondaryMenu.find("li:not(#compact-secondary-nav)").each(function () {
+ secondaryMenuItems.push([this, $(this).width()]);
- $("body").addClass("compact-nav");
- $("header").children(":visible").each(function (i, e) {
- compactWidth += $(e).outerWidth();
- });
- $("body").removeClass("compact-nav");
- $("header").removeClass("text-nowrap");
- $("header nav.secondary > ul").removeClass("flex-nowrap");
+ moreItemWidth = $("#compact-secondary-nav").width();
//= require index/directions
//= require index/changeset
//= require index/query
+//= require index/home
//= require router
$(document).ready(function () {
+ // Prevent caching the XHR response as a full-page URL
+ // https://github.com/openstreetmap/openstreetmap-website/issues/5663
+ if (content_path.indexOf("?") >= 0) {
+ content_path += "&xhr=1";
+ } else {
+ content_path += "?xhr=1";
+ }
L.marker([params.mlat, params.mlon]).addTo(map);
- $("#homeanchor").on("click", function (e) {
- e.preventDefault();
- var data = $(this).data(),
- center = L.latLng(data.lat, data.lon);
- map.setView(center, data.zoom);
- L.marker(center, { icon: OSM.getUserIcon() }).addTo(map);
- });
function remoteEditHandler(bbox, object) {
var remoteEditHost = "",
osmHost = location.protocol + "//" + location.host,
function addObject(type, id, center) {
+ var hashParams = OSM.parseHash(window.location.hash);
map.addObject({ type: type, id: parseInt(id, 10) }, function (bounds) {
- if (!window.location.hash && bounds.isValid() &&
+ if (!hashParams.center && bounds.isValid() &&
(center || !map.getBounds().contains(bounds))) {
OSM.router.withoutMoveListener(function () {
"/relation/:id(/history)": OSM.Browse(map, "relation"),
"/relation/:id/history/:version": OSM.OldBrowse(),
"/changeset/:id": OSM.Changeset(map),
- "/query": OSM.Query(map)
+ "/query": OSM.Query(map),
+ "/account/home": OSM.Home(map)
if (OSM.preferred_editor === "remote" && document.location.pathname === "/edit") {
const changesetData = content.find("[data-changeset]").data("changeset");
changesetData.type = "changeset";
+ var hashParams = OSM.parseHash(window.location.hash);
map.addObject(changesetData, function (bounds) {
- if (!window.location.hash && bounds.isValid()) {
+ if (!hashParams.center && bounds.isValid()) {
OSM.router.withoutMoveListener(function () {
--- /dev/null
+OSM.Home = function (map) {
+ let marker;
+ function clearMarker() {
+ if (marker) map.removeLayer(marker);
+ marker = null;
+ }
+ const page = {};
+ page.pushstate = page.popstate = page.load = function () {
+ map.setSidebarOverlaid(true);
+ clearMarker();
+ if (OSM.home) {
+ OSM.router.withoutMoveListener(function () {
+ map.setView(OSM.home, 15, { reset: true });
+ });
+ marker = L.marker(OSM.home, {
+ icon: OSM.getUserIcon(),
+ title: I18n.t("javascripts.home.marker_title")
+ }).addTo(map);
+ } else {
+ $("#browse_status").html(
+ $("<div class='m-2 alert alert-warning'>").text(
+ I18n.t("javascripts.home.not_set")
+ )
+ );
+ }
+ };
+ page.unload = function () {
+ clearMarker();
+ $("#browse_status").empty();
+ };
+ return page;
var data = $(".details").data();
if (!data) return;
var latLng = L.latLng(data.coordinates.split(","));
- if (!map.getBounds().contains(latLng)) moveToNote();
+ if (!map.getBounds().contains(latLng)) {
+ OSM.router.withoutMoveListener(function () {
+ map.setView(latLng, 15, { reset: true });
+ });
+ }
page.load = function (path, id) {
initialize(path, id);
- moveToNote();
function initialize(path, id) {
success: () => {
OSM.loadSidebarContent(path, () => {
initialize(path, id);
- moveToNote();
error: (xhr) => {
var data = $(".details").data();
if (data) {
+ var hashParams = OSM.parseHash(window.location.hash);
type: "note",
id: parseInt(id, 10),
latLng: L.latLng(data.coordinates.split(",")),
icon: noteIcons[data.status]
+ }, function () {
+ if (!hashParams.center) {
+ var latLng = L.latLng(data.coordinates.split(","));
+ OSM.router.withoutMoveListener(function () {
+ map.setView(latLng, 15, { reset: true });
+ });
+ }
- function moveToNote() {
- var data = $(".details").data();
- if (!data) return;
- var latLng = L.latLng(data.coordinates.split(","));
- if (!window.location.hash || window.location.hash.match(/^#?c[0-9]+$/)) {
- OSM.router.withoutMoveListener(function () {
- map.setView(latLng, 15, { reset: true });
- });
- }
- }
page.unload = function () {
setSidebarOverlaid: function (overlaid) {
- var sidebarWidth = 350;
+ var mediumDeviceWidth = window.getComputedStyle(document.documentElement).getPropertyValue("--bs-breakpoint-md");
+ var isMediumDevice = window.matchMedia(`(max-width: ${mediumDeviceWidth})`).matches;
+ var sidebarWidth = $("#sidebar").width();
+ var sidebarHeight = $("#sidebar").height();
if (overlaid && !$("#content").hasClass("overlay-sidebar")) {
this.invalidateSize({ pan: false });
- if ($("html").attr("dir") !== "rtl") {
+ if (isMediumDevice) {
+ this.panBy([0, -sidebarHeight], { animate: false });
+ } else if ($("html").attr("dir") !== "rtl") {
this.panBy([-sidebarWidth, 0], { animate: false });
} else if (!overlaid && $("#content").hasClass("overlay-sidebar")) {
- if ($("html").attr("dir") !== "rtl") {
+ if (isMediumDevice) {
+ this.panBy([0, $("#map").height() / 2], { animate: false });
+ } else if ($("html").attr("dir") !== "rtl") {
this.panBy([sidebarWidth, 0], { animate: false });
control.togglePane = function (pane, button) {
+ var mediumDeviceWidth = window.getComputedStyle(document.documentElement).getPropertyValue("--bs-breakpoint-md");
+ var isMediumDevice = window.matchMedia(`(max-width: ${mediumDeviceWidth})`).matches;
var paneWidth = 250;
if (current === pane) {
- if ($("html").attr("dir") === "rtl") {
- map.panBy([-paneWidth, 0], { animate: false });
- }
current = currentButton = $();
+ if (isMediumDevice) {
+ map.panBy([0, -$("#map").height() / 2], { animate: false });
+ } else if ($("html").attr("dir") === "rtl") {
+ map.panBy([-paneWidth, 0], { animate: false });
+ }
} else {
current = pane;
currentButton = button || $();
- if ($("html").attr("dir") === "rtl") {
+ if (isMediumDevice) {
+ map.panBy([0, $("#map").height()], { animate: false });
+ } else if ($("html").attr("dir") === "rtl") {
map.panBy([paneWidth, 0], { animate: false });
font-size: 14px;
- nav.primary {
- margin-right: auto;
- }
.username {
max-width: 12em;
nav.secondary {
.nav-link {
- padding: 0.3rem;
+ padding: 0 0.3rem;
+ }
+ > ul {
+ height: 1.5em;
display: none;
-body.compact-nav {
- #compact-secondary-nav {
- display: inline-block;
- }
- .compact-hide {
- display: none;
- }
body.small-nav {
#menu-icon {
display: block;
nav.secondary {
flex-direction: column;
+ > ul {
+ height: auto;
+ }
.user-menu, .login-menu {
width: 100%;
-.logo {
- float: left;
- margin: 10px;
+body {
+ margin: 1rem;
+ margin-top: 2rem;
+ font-family: system-ui;
-.details {
- float: left;
+main {
+ display: flex;
+ flex-direction: column;
+ align-items: center;
+ gap: 1rem 2rem;
+ max-width: 960px;
+ .logo {
+ flex-shrink: 0;
+ img {
+ display: block;
+ max-width: 100%;
+ height: auto;
+ }
+ }
+ .details {
+ h1 {
+ margin-top: 0;
+ }
+ }
+@media (min-width: 640px) {
+ body {
+ margin: 2rem;
+ }
+ main {
+ flex-direction: row;
+ .logo {
+ align-self: start;
+ }
+ }
--- /dev/null
+module Accounts
+ class HomesController < ApplicationController
+ layout :map_layout
+ before_action :authorize_web
+ before_action :set_locale
+ before_action :require_oauth
+ authorize_resource :class => :account_home
+ def show; end
+ end
module Api
class UserBlocksController < ApiController
+ before_action :check_api_writable, :only => :create
+ before_action :authorize, :only => :create
before_action :set_request_formats
rescue ActiveRecord::RecordNotFound
raise OSM::APINotFoundError
+ def create
+ raise OSM::APIBadUserInput, "No user was given" unless params[:user]
+ user = User.visible.find_by(:id => params[:user])
+ raise OSM::APINotFoundError unless user
+ raise OSM::APIBadUserInput, "No reason was given" unless params[:reason]
+ raise OSM::APIBadUserInput, "No period was given" unless params[:period]
+ period = Integer(params[:period], :exception => false)
+ raise OSM::APIBadUserInput, "Period should be a number of hours" unless period
+ max_period = UserBlock::PERIODS.max
+ raise OSM::APIBadUserInput, "Period must be between 0 and #{max_period}" if period.negative? || period > max_period
+ raise OSM::APIBadUserInput, "Needs_view must be true if provided" unless params[:needs_view].nil? || params[:needs_view] == "true"
+ ends_at = Time.now.utc + period.hours
+ needs_view = params[:needs_view] == "true"
+ @user_block = UserBlock.create(
+ :user => user,
+ :creator => current_user,
+ :reason => params[:reason],
+ :ends_at => ends_at,
+ :deactivates_at => (ends_at unless needs_view),
+ :needs_view => needs_view
+ )
+ render :show
+ end
def header_nav_link_class(path)
- ["nav-link", current_page?(path) ? "text-secondary-emphasis" : "text-secondary"]
+ ["nav-link", current_page?(path) ? "active text-secondary-emphasis" : "text-secondary"]
def application_data
--- /dev/null
+<% content_for(:content_class) { "overlay-sidebar" } %>
<%= tag.head :data => application_data do %>
- <meta http-equiv="X-UA-Compatible" content="IE=edge" />
- <meta name="viewport" content="width=device-width, initial-scale=1">
+ <%= render :partial => "layouts/meta" %>
<%= javascript_include_tag "turbo", :type => "module" %>
<%= javascript_include_tag "application" %>
<%= javascript_include_tag "i18n/#{I18n.locale}" %>
<% end %>
<%= stylesheet_link_tag "print-#{dir}", :media => "print" %>
<%= stylesheet_link_tag "leaflet-all", :media => "screen, print" %>
- <%= render :partial => "layouts/meta" %>
<%= yield :head %>
<%= yield :auto_discovery_link_tag %>
<%= csrf_meta_tag %>
- <nav class='secondary d-flex gap-2 align-items-center'>
- <ul class='nav flex-nowrap'>
+ <nav class='secondary d-flex gap-2 flex-grow-1 align-items-center'>
+ <ul id='secondary-nav-menu' class='nav flex-grow-1' data-turbo-permanent>
<% if Settings.status != "database_offline" && can?(:index, Issue) %>
- <li class="compact-hide nav-item">
+ <li class="nav-item">
<%= link_to issues_path(:status => "open"), :class => header_nav_link_class(issues_path) do %>
<%= t("layouts.issues") %>
<%= open_issues_count %>
<% end -%>
<% end %>
- <li class="compact-hide nav-item">
+ <li class="nav-item">
<%= link_to t("layouts.history"), history_path, :class => header_nav_link_class(history_path) %>
- <li class="compact-hide nav-item">
+ <li class="nav-item">
<%= link_to t("layouts.export"), export_path, :class => header_nav_link_class(export_path) %>
- <li class="compact-hide nav-item">
+ <li class="nav-item">
<%= link_to t("layouts.gps_traces"), traces_path, :class => header_nav_link_class(traces_path) %>
- <li class="compact-hide nav-item">
+ <li class="nav-item">
<%= link_to t("layouts.user_diaries"), diary_entries_path, :class => header_nav_link_class(diary_entries_path) %>
- <li class="compact-hide nav-item">
+ <li class="nav-item">
<%= link_to t("layouts.communities"), communities_path, :class => header_nav_link_class(communities_path) %>
- <li class="compact-hide nav-item">
+ <li class="nav-item">
<%= link_to t("layouts.copyright"), copyright_path, :class => header_nav_link_class(copyright_path) %>
- <li class="compact-hide nav-item">
+ <li class="nav-item">
<%= link_to t("layouts.help"), help_path, :class => header_nav_link_class(help_path) %>
- <li class="compact-hide nav-item">
+ <li class="nav-item">
<%= link_to t("layouts.about"), about_path, :class => header_nav_link_class(about_path) %>
- <li id="compact-secondary-nav" class="dropdown nav-item">
+ <li id="compact-secondary-nav" class="dropdown nav-item ms-auto">
<button class="dropdown-toggle nav-link btn btn-outline-secondary border-0 bg-body text-secondary" type="button" data-bs-toggle="dropdown"><%= t "layouts.more" %></button>
<ul class="dropdown-menu">
- <% if Settings.status != "database_offline" && can?(:index, Issue) %>
- <li>
- <%= link_to issues_path(:status => "open"), :class => "dropdown-item" do %>
- <%= t("layouts.issues") %>
- <%= open_issues_count %>
- <% end -%>
- </li>
- <% end %>
- <li><%= link_to t("layouts.history"), history_path, :class => "dropdown-item" %></li>
- <li><%= link_to t("layouts.export"), export_path, :class => "dropdown-item" %></li>
- <li><%= link_to t("layouts.gps_traces"), traces_path, :class => "dropdown-item" %></li>
- <li><%= link_to t("layouts.user_diaries"), diary_entries_path, :class => "dropdown-item" %></li>
- <li><%= link_to t("layouts.communities"), communities_path, :class => "dropdown-item" %></li>
- <li><%= link_to t("layouts.copyright"), copyright_path, :class => "dropdown-item" %></li>
- <li><%= link_to t("layouts.help"), help_path, :class => "dropdown-item" %></li>
- <li><%= link_to t("layouts.about"), about_path, :class => "dropdown-item" %></li>
<%= link_to t("users.show.my settings"), edit_account_path, :class => "dropdown-item" %>
<%= link_to t("users.show.my_preferences"), preferences_path, :class => "dropdown-item" %>
<div class="dropdown-divider"></div>
- <%= yield :greeting %>
+ <% if current_user.home_location? %>
+ <%= link_to t("layouts.home"), account_home_path, :class => "dropdown-item" %>
+ <% end %>
<%= link_to t("layouts.logout"), logout_path(:referer => request.fullpath), :method => "post", :class => "geolink dropdown-item" %>
+<meta http-equiv="X-UA-Compatible" content="IE=edge" />
+<meta name="viewport" content="width=device-width, initial-scale=1">
<% [57, 60, 72, 76, 114, 120, 144, 152, 180].each do |size| -%>
<%= favicon_link_tag "apple-touch-icon-#{size}x#{size}.png", :rel => "apple-touch-icon", :sizes => "#{size}x#{size}", :type => "image/png" %>
<% end -%>
<!DOCTYPE html>
-<html xmlns="http://www.w3.org/1999/xhtml">
+<html lang="<%= I18n.locale %>" dir="<%= dir %>">
<meta charset="utf-8">
<%= render :partial => "layouts/meta" %>
- <a href="<%= root_path %>">
- <%= image_tag "osm_logo.svg", :alt => t("layouts.logo.alt_text"), :class => "logo" %>
- </a>
- <div class="details">
- <%= yield %>
- </div>
+ <main>
+ <a href="<%= root_path %>" class="logo">
+ <%= image_tag "osm_logo.svg", :alt => t("layouts.logo.alt_text") %>
+ </a>
+ <div class="details">
+ <%= yield %>
+ </div>
+ </main>
<% content_for(:body_class) { "map-layout" } %>
-<% if current_user&.home_location? %>
- <% content_for :greeting do %>
- <%= link_to t("layouts.home"),
- "#",
- :id => "homeanchor",
- :class => "set_position dropdown-item",
- :data => { :lat => current_user.home_lat,
- :lon => current_user.home_lon,
- :zoom => 15 } %>
- <% end %>
-<% end %>
<% content_for :header do %>
<%= render :partial => "layouts/search", :locals => { :autofocus => false } %>
<% end %>
write_gpx: Upload GPS traces
write_notes: Modify notes
write_redactions: Redact map data
+ write_blocks: Create and revoke user blocks
read_email: Read user email address
consume_messages: Read, update status and delete user messages
send_messages: Send private messages to other users
show_address: Show address
query_features: Query features
centre_map: Centre map here
+ home:
+ marker_title: My home location
+ not_set: Home location is not set for your account
heading: "Edit Redaction"
resource :subscription, :only => [:create, :destroy], :controller => "note_subscriptions"
- resources :user_blocks, :only => :show, :id => /\d+/, :controller => "user_blocks"
+ resources :user_blocks, :only => [:show, :create], :id => /\d+/, :controller => "user_blocks"
namespace :user_blocks, :path => "user/blocks" do
resource :active_list, :path => "active", :only => :show
resource :terms, :only => [:show, :update]
resource :pd_declaration, :only => [:show, :create]
resource :deletion, :only => :show
+ resource :home, :only => :show
+# Override Firefox binary used in system tests
point.altitude ||= 0
yield point
@actual_points += 1
+ @lats << point.latitude
+ @lons << point.longitude
elsif reader.name == "trkseg"
@tracksegs += 1
@possible_points = 0
@actual_points = 0
@tracksegs = 0
+ @lats = []
+ @lons = []
Archive::Reader.open_filename(@file).each_entry_with_data do |entry, data|
first = true
- points.each_with_index do |p, pt|
- px = proj.x(p.longitude)
- py = proj.y(p.latitude)
+ @actual_points.times do |pt|
+ px = proj.x @lons[pt]
+ py = proj.y @lats[pt]
if (pt >= (points_per_frame * n)) && (pt <= (points_per_frame * (n + 1)))
pen.thickness = 3
first = true
- points do |p|
- px = proj.x(p.longitude)
- py = proj.y(p.latitude)
+ @actual_points.times do |pt|
+ px = proj.x @lons[pt]
+ py = proj.y @lats[pt]
pen.line(px, py, oldpx, oldpy) unless first
module Oauth
SCOPES = %w[
read_prefs write_prefs write_diary
- write_api write_changeset_comments read_gpx write_gpx write_notes write_redactions
+ write_api write_changeset_comments read_gpx write_gpx write_notes write_redactions write_blocks
consume_messages send_messages openid
PRIVILEGED_SCOPES = %w[read_email skip_authorization].freeze
- MODERATOR_SCOPES = %w[write_redactions].freeze
+ MODERATOR_SCOPES = %w[write_redactions write_blocks].freeze
class Scope
attr_reader :name
class ApplicationSystemTestCase < ActionDispatch::SystemTestCase
driven_by :selenium, :using => :headless_firefox do |options|
options.add_preference("intl.accept_languages", "en")
+ options.binary = Settings.system_test_firefox_binary if Settings.system_test_firefox_binary
def before_setup
module Api
class UserBlocksControllerTest < ActionDispatch::IntegrationTest
def test_routes
+ assert_routing(
+ { :path => "/api/0.6/user_blocks", :method => :post },
+ { :controller => "api/user_blocks", :action => "create" }
+ )
{ :path => "/api/0.6/user_blocks/1", :method => :get },
{ :controller => "api/user_blocks", :action => "show", :id => "1" }
def test_show
- block = create(:user_block)
+ blocked_user = create(:user)
+ creator_user = create(:moderator_user)
+ block = create(:user_block, :user => blocked_user, :creator => creator_user, :reason => "because running tests")
get api_user_block_path(block)
assert_response :success
- assert_select "user_block[id='#{block.id}']", 1
+ assert_select "osm>user_block", 1 do
+ assert_select ">@id", block.id.to_s
+ assert_select ">user", 1
+ assert_select ">user>@uid", blocked_user.id.to_s
+ assert_select ">creator", 1
+ assert_select ">creator>@uid", creator_user.id.to_s
+ assert_select ">revoker", 0
+ assert_select ">reason", 1
+ assert_select ">reason", "because running tests"
+ end
get api_user_block_path(block, :format => "json")
assert_response :success
assert_response :not_found
assert_equal "text/plain", @response.media_type
+ def test_create_no_permission
+ blocked_user = create(:user)
+ assert_empty blocked_user.blocks
+ post api_user_blocks_path(:user => blocked_user.id, :reason => "because", :period => 1)
+ assert_response :unauthorized
+ assert_empty blocked_user.blocks
+ regular_creator_user = create(:user)
+ auth_header = bearer_authorization_header(regular_creator_user, :scopes => %w[read_prefs])
+ post api_user_blocks_path(:user => blocked_user.id, :reason => "because", :period => 1), :headers => auth_header
+ assert_response :forbidden
+ assert_empty blocked_user.blocks
+ auth_header = bearer_authorization_header(regular_creator_user, :scopes => %w[read_prefs write_blocks])
+ post api_user_blocks_path(:user => blocked_user.id, :reason => "because", :period => 1), :headers => auth_header
+ assert_response :forbidden
+ assert_empty blocked_user.blocks
+ moderator_creator_user = create(:moderator_user)
+ auth_header = bearer_authorization_header(moderator_creator_user, :scopes => %w[read_prefs])
+ post api_user_blocks_path(:user => blocked_user.id, :reason => "because", :period => 1), :headers => auth_header
+ assert_response :forbidden
+ assert_empty blocked_user.blocks
+ end
+ def test_create_invalid_because_no_user
+ blocked_user = create(:user, :deleted)
+ assert_empty blocked_user.blocks
+ creator_user = create(:moderator_user)
+ auth_header = bearer_authorization_header(creator_user, :scopes => %w[read_prefs write_blocks])
+ post api_user_blocks_path(:reason => "because", :period => 1), :headers => auth_header
+ assert_response :bad_request
+ assert_equal "text/plain", @response.media_type
+ assert_equal "No user was given", @response.body
+ assert_empty blocked_user.blocks
+ end
+ def test_create_invalid_because_user_is_unknown
+ creator_user = create(:moderator_user)
+ auth_header = bearer_authorization_header(creator_user, :scopes => %w[read_prefs write_blocks])
+ post api_user_blocks_path(:user => 0, :reason => "because", :period => 1), :headers => auth_header
+ assert_response :not_found
+ assert_equal "text/plain", @response.media_type
+ end
+ def test_create_invalid_because_user_is_deleted
+ blocked_user = create(:user, :deleted)
+ assert_empty blocked_user.blocks
+ creator_user = create(:moderator_user)
+ auth_header = bearer_authorization_header(creator_user, :scopes => %w[read_prefs write_blocks])
+ post api_user_blocks_path(:user => blocked_user.id, :reason => "because", :period => 1), :headers => auth_header
+ assert_response :not_found
+ assert_equal "text/plain", @response.media_type
+ assert_empty blocked_user.blocks
+ end
+ def test_create_invalid_because_missing_reason
+ create_with_params_and_assert_bad_request("No reason was given", :period => "10")
+ end
+ def test_create_invalid_because_missing_period
+ create_with_params_and_assert_bad_request("No period was given", :reason => "because")
+ end
+ def test_create_invalid_because_non_numeric_period
+ create_with_params_and_assert_bad_request("Period should be a number of hours", :reason => "because", :period => "one hour")
+ end
+ def test_create_invalid_because_negative_period
+ create_with_params_and_assert_bad_request("Period must be between 0 and #{UserBlock::PERIODS.max}", :reason => "go away", :period => "-1")
+ end
+ def test_create_invalid_because_excessive_period
+ create_with_params_and_assert_bad_request("Period must be between 0 and #{UserBlock::PERIODS.max}", :reason => "go away", :period => "10000000")
+ end
+ def test_create_invalid_because_unknown_needs_view
+ create_with_params_and_assert_bad_request("Needs_view must be true if provided", :reason => "because", :period => "1", :needs_view => "maybe")
+ end
+ def test_create_success
+ blocked_user = create(:user)
+ creator_user = create(:moderator_user)
+ assert_empty blocked_user.blocks
+ auth_header = bearer_authorization_header(creator_user, :scopes => %w[read_prefs write_blocks])
+ post api_user_blocks_path(:user => blocked_user.id, :reason => "because", :period => 1), :headers => auth_header
+ assert_response :success
+ assert_equal 1, blocked_user.blocks.length
+ block = blocked_user.blocks.take
+ assert_predicate block, :active?
+ assert_equal "because", block.reason
+ assert_equal creator_user, block.creator
+ assert_equal "application/xml", @response.media_type
+ assert_select "osm>user_block", 1 do
+ assert_select ">@id", block.id.to_s
+ assert_select ">@needs_view", "false"
+ assert_select ">user", 1
+ assert_select ">user>@uid", blocked_user.id.to_s
+ assert_select ">creator", 1
+ assert_select ">creator>@uid", creator_user.id.to_s
+ assert_select ">revoker", 0
+ assert_select ">reason", 1
+ assert_select ">reason", "because"
+ end
+ end
+ def test_create_success_with_needs_view
+ blocked_user = create(:user)
+ creator_user = create(:moderator_user)
+ assert_empty blocked_user.blocks
+ auth_header = bearer_authorization_header(creator_user, :scopes => %w[read_prefs write_blocks])
+ post api_user_blocks_path(:user => blocked_user.id, :reason => "because", :period => "1", :needs_view => "true"), :headers => auth_header
+ assert_response :success
+ assert_equal 1, blocked_user.blocks.length
+ block = blocked_user.blocks.take
+ assert_predicate block, :active?
+ assert_equal "because", block.reason
+ assert_equal creator_user, block.creator
+ assert_equal "application/xml", @response.media_type
+ assert_select "osm>user_block", 1 do
+ assert_select ">@id", block.id.to_s
+ assert_select ">@needs_view", "true"
+ assert_select ">user", 1
+ assert_select ">user>@uid", blocked_user.id.to_s
+ assert_select ">creator", 1
+ assert_select ">creator>@uid", creator_user.id.to_s
+ assert_select ">revoker", 0
+ assert_select ">reason", 1
+ assert_select ">reason", "because"
+ end
+ end
+ private
+ def create_with_params_and_assert_bad_request(message, **params)
+ blocked_user = create(:user)
+ assert_empty blocked_user.blocks
+ moderator_creator_user = create(:moderator_user)
+ auth_header = bearer_authorization_header(moderator_creator_user, :scopes => %w[read_prefs write_blocks])
+ post api_user_blocks_path({ :user => blocked_user.id }.merge(params)), :headers => auth_header
+ assert_response :bad_request
+ assert_equal "text/plain", @response.media_type
+ assert_equal message, @response.body
+ assert_empty blocked_user.blocks
+ end
--- /dev/null
+require "application_system_test_case"
+class AccountHomeTest < ApplicationSystemTestCase
+ test "Go to Home Location works on map layout pages" do
+ user = create(:user, :display_name => "test user", :home_lat => 60, :home_lon => 30)
+ sign_in_as(user)
+ visit root_path
+ assert_no_selector "img.leaflet-marker-icon"
+ click_on "test user"
+ click_on "Go to Home Location"
+ all "img.leaflet-marker-icon", :count => 1 do |marker|
+ assert_equal "My home location", marker["title"]
+ end
+ click_on "OpenStreetMap logo"
+ assert_no_selector "img.leaflet-marker-icon"
+ end
+ test "Go to Home Location works on non-map layout pages" do
+ user = create(:user, :display_name => "test user", :home_lat => 60, :home_lon => 30)
+ sign_in_as(user)
+ visit about_path
+ assert_no_selector "img.leaflet-marker-icon"
+ click_on "test user"
+ click_on "Go to Home Location"
+ all "img.leaflet-marker-icon", :count => 1 do |marker|
+ assert_equal "My home location", marker["title"]
+ end
+ click_on "OpenStreetMap logo"
+ assert_no_selector "img.leaflet-marker-icon"
+ end
+ test "Go to Home Location is not available for users without home location" do
+ user = create(:user, :display_name => "test user")
+ sign_in_as(user)
+ visit root_path
+ assert_no_selector "img.leaflet-marker-icon"
+ click_on "test user"
+ assert_no_link "Go to Home Location"
+ end
+ test "account home page shows a warning when visited by users without home location" do
+ user = create(:user, :display_name => "test user")
+ sign_in_as(user)
+ visit account_home_path
+ assert_no_selector "img.leaflet-marker-icon"
+ assert_text "Home location is not set"
+ end
# Capybara Webkit: https://github.com/jejacks0n/teaspoon/wiki/Using-Capybara-Webkit
require "selenium-webdriver"
config.driver = :selenium
+ firefox_options = Selenium::WebDriver::Firefox::Options.new(:args => ["-headless"])
+ firefox_options.binary = Settings.system_test_firefox_binary if Settings.system_test_firefox_binary
config.driver_options = {
:client_driver => :firefox,
:selenium_options => {
- :options => Selenium::WebDriver::Firefox::Options.new(:args => ["-headless"])
+ :options => firefox_options