module Api
class CapabilitiesController < ApiController
+ skip_before_action :check_api_readable
+
authorize_resource :class => false
before_action :set_request_formats
module Api
class ChangesetCommentsController < ApiController
before_action :check_api_writable
- before_action :check_api_readable, :except => [:create]
before_action :authorize
authorize_resource
module Api
class ChangesetsController < ApiController
before_action :check_api_writable, :only => [:create, :update, :upload, :subscribe, :unsubscribe]
- before_action :check_api_readable, :except => [:index, :create, :update, :upload, :download, :subscribe, :unsubscribe]
before_action :setup_user_auth, :only => [:show]
before_action :authorize, :only => [:create, :update, :upload, :close, :subscribe, :unsubscribe]
module Api
class MapController < ApiController
- before_action :check_api_readable
-
authorize_resource :class => false
around_action :api_call_handle_error, :api_call_timeout
module Api
class NodesController < ApiController
before_action :check_api_writable, :only => [:create, :update, :delete]
- before_action :check_api_readable, :except => [:create, :update, :delete]
before_action :authorize, :only => [:create, :update, :delete]
authorize_resource
module Api
class NotesController < ApiController
- before_action :check_api_readable
before_action :check_api_writable, :only => [:create, :comment, :close, :reopen, :destroy]
before_action :setup_user_auth, :only => [:create, :show]
before_action :authorize, :only => [:close, :reopen, :destroy, :comment]
# nodes, ways and relations are basically identical.
module Api
class OldElementsController < ApiController
- before_action :check_api_readable
before_action :check_api_writable, :only => [:redact]
before_action :setup_user_auth, :only => [:history, :show]
before_action :authorize, :only => [:redact]
module Api
class PermissionsController < ApiController
- before_action :check_api_readable
-
authorize_resource :class => false
before_action :setup_user_auth
module Api
class RelationsController < ApiController
before_action :check_api_writable, :only => [:create, :update, :delete]
- before_action :check_api_readable, :except => [:create, :update, :delete]
before_action :authorize, :only => [:create, :update, :delete]
authorize_resource
module Api
class TracepointsController < ApiController
- before_action :check_api_readable
-
authorize_resource
around_action :api_call_handle_error, :api_call_timeout
module Api
class TracesController < ApiController
- before_action :check_database_readable, :except => [:show, :data]
- before_action :check_database_writable, :only => [:create, :update, :destroy]
+ before_action :check_api_writable, :only => [:create, :update, :destroy]
before_action :set_locale
before_action :authorize
authorize_resource
- before_action :check_api_readable, :only => [:show, :data]
- before_action :check_api_writable, :only => [:create, :update, :destroy]
before_action :offline_error, :only => [:create, :destroy, :data]
around_action :api_call_handle_error
module Api
class UserBlocksController < ApiController
- before_action :check_api_readable
-
authorize_resource
around_action :api_call_handle_error, :api_call_timeout
# Update and read user preferences, which are arbitrary key/val pairs
module Api
class UserPreferencesController < ApiController
+ before_action :check_api_writable, :only => [:update_all, :update, :destroy]
before_action :authorize
authorize_resource
module Api
class UsersController < ApiController
- before_action :check_api_readable
before_action :disable_terms_redirect, :only => [:details]
before_action :setup_user_auth, :only => [:show, :index]
before_action :authorize, :only => [:details, :gpx_files]
module Api
class VersionsController < ApiController
+ skip_before_action :check_api_readable
authorize_resource :class => false
before_action :set_request_formats
module Api
class WaysController < ApiController
before_action :check_api_writable, :only => [:create, :update, :delete]
- before_action :check_api_readable, :except => [:create, :update, :delete]
before_action :authorize, :only => [:create, :update, :delete]
authorize_resource
class ApiController < ApplicationController
skip_before_action :verify_authenticity_token
+ before_action :check_api_readable
+
private
##
<div>
- <div class="list-inline justify-content-center d-flex align-items-center flex-wrap mb-3 gap-3" id="login_auth_buttons">
+ <div class="list-inline justify-content-center d-flex align-items-center flex-wrap w-100 mb-3" id="login_auth_buttons">
+ <% prefered_auth_button_available = false %>
<% %w[google facebook microsoft github wikipedia].each do |provider| %>
<% if Settings.key?("#{provider}_auth_id".to_sym) -%>
<% if @preferred_auth_provider == provider %>
- <div class="mx-2"><%= auth_button_preferred provider, provider %></div>
+ <% prefered_auth_button_available = true %>
<% end %>
<% end -%>
<% end -%>
- <div class="justify-content-center d-flex gap-1">
- <div>
- <%= link_to image_tag("openid.png",
- :alt => t("application.auth_providers.openid.title"),
- :size => "24"),
- "#",
- :id => "openid_open_url",
- :title => t("application.auth_providers.openid.title"),
- :class => "p-2 d-block" %>
+ <% if prefered_auth_button_available %>
+ <div class="list-inline justify-content-center d-flex align-items-center flex-wrap w-50">
+ <% %w[google facebook microsoft github wikipedia].each do |provider| %>
+ <% if Settings.key?("#{provider}_auth_id".to_sym) -%>
+ <% if @preferred_auth_provider == provider %>
+ <%= auth_button_preferred provider, provider %>
+ <% end %>
+ <% end -%>
+ <% end -%>
</div>
+ <div class="list-inline justify-content-center d-flex align-items-center flex-wrap w-50">
+ <% else %>
+ <div class="list-inline justify-content-center d-flex align-items-center flex-wrap w-100">
+ <% end %>
+
+ <%= link_to image_tag("openid.png",
+ :alt => t("application.auth_providers.openid.title"),
+ :size => "24"),
+ "#",
+ :id => "openid_open_url",
+ :title => t("application.auth_providers.openid.title"),
+ :class => "p-2 d-block" %>
<% %w[google facebook microsoft github wikipedia].each do |provider| %>
<% unless @preferred_auth_provider == provider %>
<% if Settings.key?("#{provider}_auth_id".to_sym) -%>
- <div><%= auth_button provider, provider %></div>
+ <%= auth_button provider, provider %>
<% end -%>
<% end %>
<% end -%>
assert_equal "online", js["api"]["status"]["gpx"]
assert_equal Settings.imagery_blacklist.length, js["policy"]["imagery"]["blacklist"].length
end
+
+ def test_capabilities_api_readonly
+ with_settings(:status => "api_readonly") do
+ get api_capabilities_path
+ assert_response :success
+ assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", :count => 1 do
+ assert_select "api", :count => 1 do
+ assert_select "status[database='online']", :count => 1
+ assert_select "status[api='readonly']", :count => 1
+ assert_select "status[gpx='online']", :count => 1
+ end
+ end
+ end
+ end
+
+ def test_capabilities_api_offline
+ with_settings(:status => "api_offline") do
+ get api_capabilities_path
+ assert_response :success
+ assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", :count => 1 do
+ assert_select "api", :count => 1 do
+ assert_select "status[database='online']", :count => 1
+ assert_select "status[api='offline']", :count => 1
+ assert_select "status[gpx='online']", :count => 1
+ end
+ end
+ end
+ end
+
+ def test_capabilities_database_readonly
+ with_settings(:status => "database_readonly") do
+ get api_capabilities_path
+ assert_response :success
+ assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", :count => 1 do
+ assert_select "api", :count => 1 do
+ assert_select "status[database='readonly']", :count => 1
+ assert_select "status[api='readonly']", :count => 1
+ assert_select "status[gpx='readonly']", :count => 1
+ end
+ end
+ end
+ end
+
+ def test_capabilities_database_offline
+ with_settings(:status => "database_offline") do
+ get api_capabilities_path
+ assert_response :success
+ assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", :count => 1 do
+ assert_select "api", :count => 1 do
+ assert_select "status[database='offline']", :count => 1
+ assert_select "status[api='offline']", :count => 1
+ assert_select "status[gpx='offline']", :count => 1
+ end
+ end
+ end
+ end
+
+ def test_capabilities_gpx_offline
+ with_settings(:status => "gpx_offline") do
+ get api_capabilities_path
+ assert_response :success
+ assert_select "osm[version='#{Settings.api_version}'][generator='#{Settings.generator}']", :count => 1 do
+ assert_select "api", :count => 1 do
+ assert_select "status[database='online']", :count => 1
+ assert_select "status[api='online']", :count => 1
+ assert_select "status[gpx='offline']", :count => 1
+ end
+ end
+ end
+ end
end
end
assert_response :success
assert_select "osm[version]", :count => 0
end
+
+ def test_versions_available_while_offline
+ with_settings(:status => "api_offline") do
+ get api_versions_path
+ assert_response :success
+ assert_select "osm[generator='#{Settings.generator}']", :count => 1 do
+ assert_select "api", :count => 1 do
+ assert_select "version", Settings.api_version
+ end
+ end
+ end
+ end
end
end
type-check "^0.4.0"
osm-community-index@^5.2.0:
- version "5.7.0"
- resolved "https://registry.yarnpkg.com/osm-community-index/-/osm-community-index-5.7.0.tgz#1c1a785fd13a2e00535da8db132c4e49780f0b28"
- integrity sha512-r5h58L9mGh2Wu4XcJoGKLdw3oBY41jWAMUVBNE9tBS9sZINwSZccrImhxuOS5DmpslTjZ6w1cn7x9sE8tnFGpQ==
+ version "5.7.1"
+ resolved "https://registry.yarnpkg.com/osm-community-index/-/osm-community-index-5.7.1.tgz#2341666c83d14c00ef3d9a90298c96d5e791b56c"
+ integrity sha512-E+Xib5m//WliNq2iqeUXyKqZk7yhZu/vSJbwwyxDAPzcNWxgIMoO0B7cUMeFNckhMQsKM2UuC2BAjWuVfbYf1Q==
dependencies:
diacritics "^1.3.0"
projects / rails.git / commitdiff