]> git.openstreetmap.org Git - rails.git/log
rails.git
2 years agoSwitch to rails 7 default headers
Tom Hughes [Tue, 22 Feb 2022 19:12:09 +0000 (19:12 +0000)]
Switch to rails 7 default headers

These are basically all the same as what secure_headers
was already setting for us anyway.

2 years agoMerge remote-tracking branch 'upstream/pull/3462'
Tom Hughes [Tue, 22 Feb 2022 19:06:43 +0000 (19:06 +0000)]
Merge remote-tracking branch 'upstream/pull/3462'

2 years agoMake sure the object layer is kept in front of the data layer
Tom Hughes [Tue, 22 Feb 2022 18:55:34 +0000 (18:55 +0000)]
Make sure the object layer is kept in front of the data layer

2 years agoDon't highlight selected items in the data layer
Tom Hughes [Tue, 22 Feb 2022 18:54:40 +0000 (18:54 +0000)]
Don't highlight selected items in the data layer

Routing to the feature page is going to cause them to be overlaid
in orange anyway so there's no need for the blue highlight.

2 years agoUpdate bundle
Tom Hughes [Tue, 22 Feb 2022 18:11:16 +0000 (18:11 +0000)]
Update bundle

2 years agoDeep copy the original style when highlighting an object
Tom Hughes [Mon, 21 Feb 2022 22:48:22 +0000 (22:48 +0000)]
Deep copy the original style when highlighting an object

Fixes #3465

2 years agoEnable automatic scope inversing
Tom Hughes [Mon, 21 Feb 2022 19:11:28 +0000 (19:11 +0000)]
Enable automatic scope inversing

2 years agoUse a button element for button_to
Tom Hughes [Mon, 21 Feb 2022 19:07:38 +0000 (19:07 +0000)]
Use a button element for button_to

2 years agoApply bootstrap styling to "make public" button
Tom Hughes [Mon, 21 Feb 2022 19:07:01 +0000 (19:07 +0000)]
Apply bootstrap styling to "make public" button

2 years agoDefault to not specifying media restrictions on stylesheet tags
Tom Hughes [Mon, 21 Feb 2022 18:43:59 +0000 (18:43 +0000)]
Default to not specifying media restrictions on stylesheet tags

2 years agoEnable verification of foreign keys in tests
Tom Hughes [Mon, 21 Feb 2022 18:40:30 +0000 (18:40 +0000)]
Enable verification of foreign keys in tests

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 21 Feb 2022 12:11:46 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoReplace deprecated String.prototype.substr()
Tobias Speicher [Sun, 20 Feb 2022 21:11:11 +0000 (22:11 +0100)]
Replace deprecated String.prototype.substr()

String.prototype.substr() is deprecated (see https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/substr) so we replace it with slice() which works similarily but isn't deprecated.
Signed-off-by: Tobias Speicher <rootcommander@gmail.com>
2 years agoWrap test execution for better isolation
Tom Hughes [Thu, 17 Feb 2022 19:30:19 +0000 (19:30 +0000)]
Wrap test execution for better isolation

2 years agoEnable some rails 7.x defaults
Tom Hughes [Thu, 17 Feb 2022 18:59:28 +0000 (18:59 +0000)]
Enable some rails 7.x defaults

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 17 Feb 2022 12:11:27 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoDefault to allowing TLS for SMTP but without peer verification
Tom Hughes [Thu, 17 Feb 2022 00:54:11 +0000 (00:54 +0000)]
Default to allowing TLS for SMTP but without peer verification

2 years agoDisable peer host name validation when sending email
Tom Hughes [Wed, 16 Feb 2022 22:48:26 +0000 (22:48 +0000)]
Disable peer host name validation when sending email

2 years agoMerge remote-tracking branch 'upstream/pull/3398'
Tom Hughes [Wed, 16 Feb 2022 18:13:16 +0000 (18:13 +0000)]
Merge remote-tracking branch 'upstream/pull/3398'

2 years agoMerge remote-tracking branch 'upstream/pull/3461'
Tom Hughes [Wed, 16 Feb 2022 18:12:33 +0000 (18:12 +0000)]
Merge remote-tracking branch 'upstream/pull/3461'

2 years agoMerge pull request #3414 from tomhughes/rails7
Andy Allan [Wed, 16 Feb 2022 15:16:53 +0000 (15:16 +0000)]
Merge pull request #3414 from tomhughes/rails7

Update to rails 7.x

2 years agoMerge pull request #3440 from mmd-osm/relationmemberlimit
Andy Allan [Wed, 16 Feb 2022 14:58:30 +0000 (14:58 +0000)]
Merge pull request #3440 from mmd-osm/relationmemberlimit

Introduce relation member limit

2 years agoUpdate to rails 7.0.2.2
Tom Hughes [Thu, 16 Dec 2021 18:51:39 +0000 (18:51 +0000)]
Update to rails 7.0.2.2

2 years agoUpdate documentation for how to confirm a new user account
Andy Allan [Wed, 16 Feb 2022 11:27:52 +0000 (11:27 +0000)]
Update documentation for how to confirm a new user account

Fixes #3460

2 years agoUpdate bundle
Tom Hughes [Tue, 15 Feb 2022 18:36:41 +0000 (18:36 +0000)]
Update bundle

2 years agoMerge remote-tracking branch 'upstream/pull/3458'
Tom Hughes [Tue, 15 Feb 2022 18:32:33 +0000 (18:32 +0000)]
Merge remote-tracking branch 'upstream/pull/3458'

2 years agoBump eslint from 8.8.0 to 8.9.0
dependabot[bot] [Mon, 14 Feb 2022 23:00:49 +0000 (23:00 +0000)]
Bump eslint from 8.8.0 to 8.9.0

Bumps [eslint](https://github.com/eslint/eslint) from 8.8.0 to 8.9.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.8.0...v8.9.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 14 Feb 2022 12:11:05 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoAllow trace image URL to be configured in the CSP policy
Tom Hughes [Sun, 13 Feb 2022 19:25:42 +0000 (19:25 +0000)]
Allow trace image URL to be configured in the CSP policy

2 years agoMerge remote-tracking branch 'upstream/pull/3345'
Tom Hughes [Sun, 13 Feb 2022 18:39:21 +0000 (18:39 +0000)]
Merge remote-tracking branch 'upstream/pull/3345'

2 years agoMerge remote-tracking branch 'upstream/pull/3455'
Tom Hughes [Sun, 13 Feb 2022 17:39:15 +0000 (17:39 +0000)]
Merge remote-tracking branch 'upstream/pull/3455'

2 years agoRemove section on removed rake doc:app
Harry Wood [Sat, 12 Feb 2022 17:58:43 +0000 (17:58 +0000)]
Remove section on removed rake doc:app

Remove the section of contributing docs about how `rake doc:app` can be used to generate some sort of documentation. That will not work any more, since this task was removed from Rails v5 because people don't generally use it! https://stackoverflow.com/a/36804474/338265

2 years agoFix contrib doc to remove reference to travis
Harry Wood [Sat, 12 Feb 2022 17:53:39 +0000 (17:53 +0000)]
Fix contrib doc to remove reference to travis

Remove the reference to Travis CI. Our CI pipeline now runs withing github actions.

2 years agoMerge remote-tracking branch 'upstream/pull/3454'
Tom Hughes [Sat, 12 Feb 2022 10:45:27 +0000 (10:45 +0000)]
Merge remote-tracking branch 'upstream/pull/3454'

2 years agoMerge remote-tracking branch 'upstream/pull/3453'
Tom Hughes [Sat, 12 Feb 2022 10:45:16 +0000 (10:45 +0000)]
Merge remote-tracking branch 'upstream/pull/3453'

2 years agoMerge remote-tracking branch 'upstream/pull/3452'
Tom Hughes [Sat, 12 Feb 2022 10:45:13 +0000 (10:45 +0000)]
Merge remote-tracking branch 'upstream/pull/3452'

2 years agoAdds advancedcomp to the list of macOS Homebrew dependencies
Brian Kelly [Sat, 12 Feb 2022 00:17:13 +0000 (18:17 -0600)]
Adds advancedcomp to the list of macOS Homebrew dependencies

2 years agoFix vagrant storage.yml config
Harry Wood [Sat, 12 Feb 2022 00:13:42 +0000 (00:13 +0000)]
Fix vagrant storage.yml config

Tell vagrant to copy the example storage.yml config file into place as per INSTALL.md instructions. Allows the migrations to run.

2 years agoUpdates macOS geckodriver installation command
Brian Kelly [Sat, 12 Feb 2022 00:05:20 +0000 (18:05 -0600)]
Updates macOS geckodriver installation command

2 years agoUpdate to rails 6.1.4.6
Tom Hughes [Fri, 11 Feb 2022 22:20:11 +0000 (22:20 +0000)]
Update to rails 6.1.4.6

2 years agoUpdate bundle
Tom Hughes [Fri, 11 Feb 2022 22:19:43 +0000 (22:19 +0000)]
Update bundle

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 10 Feb 2022 12:11:21 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoAllow users to delete their own accounts
Andy Allan [Thu, 9 Dec 2021 16:12:42 +0000 (16:12 +0000)]
Allow users to delete their own accounts

This PR allows users to delete their own accounts. The logic implemented matches
that currently used by the admins when they manually close accounts, although
there is room to be more complex in future e.g. completely removing accounts
with no content.

The error handling has been slightly adapted for namespaced controllers, by
anchoring the controller name with a leading forward slash.

2 years agoUpdate bundle
Tom Hughes [Tue, 8 Feb 2022 18:22:05 +0000 (18:22 +0000)]
Update bundle

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 7 Feb 2022 12:10:37 +0000 (13:10 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoMerge remote-tracking branch 'upstream/pull/3419'
Tom Hughes [Thu, 3 Feb 2022 18:37:12 +0000 (18:37 +0000)]
Merge remote-tracking branch 'upstream/pull/3419'

2 years agoMerge remote-tracking branch 'upstream/pull/3446'
Tom Hughes [Thu, 3 Feb 2022 18:32:49 +0000 (18:32 +0000)]
Merge remote-tracking branch 'upstream/pull/3446'

2 years agoMerge remote-tracking branch 'upstream/pull/3445'
Tom Hughes [Thu, 3 Feb 2022 18:32:40 +0000 (18:32 +0000)]
Merge remote-tracking branch 'upstream/pull/3445'

2 years agoUpdate to iD v2.20.4
Martin Raifer [Thu, 3 Feb 2022 15:19:01 +0000 (16:19 +0100)]
Update to iD v2.20.4

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 3 Feb 2022 12:11:37 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoEnsure that deactivate isn't available in production
Andy Allan [Wed, 2 Feb 2022 17:47:45 +0000 (17:47 +0000)]
Ensure that deactivate isn't available in production

It's only used as a workaround for factories not being able to create
pending users while keeping active as the default

2 years agoAdd extra user transitions needed by the administrators
Andy Allan [Wed, 2 Feb 2022 16:37:50 +0000 (16:37 +0000)]
Add extra user transitions needed by the administrators

2 years agoAdded some key-value pairs under `railway=`
Morten Bruhn [Wed, 2 Feb 2022 15:13:07 +0000 (16:13 +0100)]
Added some key-value pairs under `railway=`

2 years agoIntroduce relation member limit
mmd-osm [Sat, 29 Jan 2022 14:52:21 +0000 (15:52 +0100)]
Introduce relation member limit

Adds a new parameter `max_number_of_relation_members` in settings.yml

2 years agoUpdate bundle
Tom Hughes [Tue, 1 Feb 2022 18:59:56 +0000 (18:59 +0000)]
Update bundle

2 years agoIndex note comments by author and date
Tom Hughes [Tue, 1 Feb 2022 18:42:07 +0000 (18:42 +0000)]
Index note comments by author and date

Fixes #3443

2 years agoMerge remote-tracking branch 'upstream/pull/3442'
Tom Hughes [Tue, 1 Feb 2022 18:22:33 +0000 (18:22 +0000)]
Merge remote-tracking branch 'upstream/pull/3442'

2 years agoMerge remote-tracking branch 'upstream/pull/3439'
Tom Hughes [Tue, 1 Feb 2022 18:13:40 +0000 (18:13 +0000)]
Merge remote-tracking branch 'upstream/pull/3439'

2 years agoUpdate to iD v2.20.3
Martin Raifer [Mon, 31 Jan 2022 17:10:00 +0000 (18:10 +0100)]
Update to iD v2.20.3

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 31 Jan 2022 12:10:21 +0000 (13:10 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoBump eslint from 8.7.0 to 8.8.0
dependabot[bot] [Fri, 28 Jan 2022 23:00:33 +0000 (23:00 +0000)]
Bump eslint from 8.7.0 to 8.8.0

Bumps [eslint](https://github.com/eslint/eslint) from 8.7.0 to 8.8.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.7.0...v8.8.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2 years agoFix route for "go public" button on the account edit page
Tom Hughes [Fri, 28 Jan 2022 12:35:57 +0000 (12:35 +0000)]
Fix route for "go public" button on the account edit page

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 27 Jan 2022 12:11:14 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoUpdate bundle
Tom Hughes [Tue, 25 Jan 2022 18:22:46 +0000 (18:22 +0000)]
Update bundle

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 24 Jan 2022 12:12:09 +0000 (13:12 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 20 Jan 2022 12:11:20 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoMerge remote-tracking branch 'upstream/pull/3426'
Tom Hughes [Wed, 19 Jan 2022 18:19:10 +0000 (18:19 +0000)]
Merge remote-tracking branch 'upstream/pull/3426'

2 years agoAllow blank issue templates
Andy Allan [Wed, 19 Jan 2022 16:14:03 +0000 (16:14 +0000)]
Allow blank issue templates

This was originally intended in #3397 and I'm not sure why I set this
to false.

2 years agoMerge remote-tracking branch 'upstream/pull/3420'
Tom Hughes [Tue, 18 Jan 2022 19:03:32 +0000 (19:03 +0000)]
Merge remote-tracking branch 'upstream/pull/3420'

2 years agoUpdate bundle
Tom Hughes [Tue, 18 Jan 2022 08:12:14 +0000 (08:12 +0000)]
Update bundle

2 years agoMerge remote-tracking branch 'upstream/pull/3425'
Tom Hughes [Tue, 18 Jan 2022 08:10:59 +0000 (08:10 +0000)]
Merge remote-tracking branch 'upstream/pull/3425'

2 years agoBump eslint from 8.6.0 to 8.7.0
dependabot[bot] [Mon, 17 Jan 2022 23:00:46 +0000 (23:00 +0000)]
Bump eslint from 8.6.0 to 8.7.0

Bumps [eslint](https://github.com/eslint/eslint) from 8.6.0 to 8.7.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.6.0...v8.7.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 17 Jan 2022 12:11:06 +0000 (13:11 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoRemove form_action restrictions for sessions#login
Tom Hughes [Mon, 17 Jan 2022 11:01:07 +0000 (11:01 +0000)]
Remove form_action restrictions for sessions#login

Login may redirect to ouath2_authorizations#create which may then
redirect to arbitrary schemes if the application is already authorized
so we need to allow login to redirect to any scheme.

Fixes #3424

2 years agoRestore form_action restrictions for ouath2_authorizations#create
Tom Hughes [Mon, 17 Jan 2022 11:00:41 +0000 (11:00 +0000)]
Restore form_action restrictions for ouath2_authorizations#create

2 years agoRemove form_action restrictions for ouath2_authorizations#create
Tom Hughes [Mon, 17 Jan 2022 09:33:28 +0000 (09:33 +0000)]
Remove form_action restrictions for ouath2_authorizations#create

Fixes #3424

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 13 Jan 2022 12:10:10 +0000 (13:10 +0100)]
Localisation updates from https://translatewiki.net.

2 years agorm spaces
Nick Doiron [Thu, 13 Jan 2022 00:16:09 +0000 (19:16 -0500)]
rm spaces

2 years agoadd dir="auto" to search fields
Nick Doiron [Thu, 13 Jan 2022 00:06:18 +0000 (19:06 -0500)]
add dir="auto" to search fields

Improves right-to-left text input support

2 years agoMerge remote-tracking branch 'upstream/pull/3418'
Tom Hughes [Wed, 12 Jan 2022 18:23:53 +0000 (18:23 +0000)]
Merge remote-tracking branch 'upstream/pull/3418'

2 years agoUse a state machine for user status
Andy Allan [Wed, 5 Jan 2022 18:44:46 +0000 (18:44 +0000)]
Use a state machine for user status

The user status is a bit complex, since there are various states and
not all transitions between them make sense.

Using AASM means that we can name and restrict the transitions, which
hopefully makes them easier to reason about.

2 years agoMerge remote-tracking branch 'upstream/pull/3416'
Tom Hughes [Wed, 12 Jan 2022 18:15:46 +0000 (18:15 +0000)]
Merge remote-tracking branch 'upstream/pull/3416'

2 years agoRemove params from user deletion test
Andy Allan [Wed, 12 Jan 2022 16:42:03 +0000 (16:42 +0000)]
Remove params from user deletion test

They have no effect, and are likely a copy-paste error from when
the test was first written in 39a54f8c14d739c95495e0d2c0ca56826eddfe52

2 years agoBump qs from 6.10.2 to 6.10.3
dependabot[bot] [Tue, 11 Jan 2022 23:00:52 +0000 (23:00 +0000)]
Bump qs from 6.10.2 to 6.10.3

Bumps [qs](https://github.com/ljharb/qs) from 6.10.2 to 6.10.3.
- [Release notes](https://github.com/ljharb/qs/releases)
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ljharb/qs/compare/v6.10.2...v6.10.3)

---
updated-dependencies:
- dependency-name: qs
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2 years agoSwitch github URLs to use https
Tom Hughes [Tue, 11 Jan 2022 21:16:11 +0000 (21:16 +0000)]
Switch github URLs to use https

Fixes #3415

2 years agoAvoid putting ActionController::Parameters objects in the session
Tom Hughes [Tue, 11 Jan 2022 19:42:31 +0000 (19:42 +0000)]
Avoid putting ActionController::Parameters objects in the session

2 years agoUpdate bundle
Tom Hughes [Tue, 11 Jan 2022 19:43:36 +0000 (19:43 +0000)]
Update bundle

2 years agoReplace to_s on TimeWithZone objects with to_formatted_s
Tom Hughes [Mon, 10 Jan 2022 08:38:45 +0000 (08:38 +0000)]
Replace to_s on TimeWithZone objects with to_formatted_s

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 10 Jan 2022 12:09:11 +0000 (13:09 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoUpdate bundle
Tom Hughes [Mon, 10 Jan 2022 08:05:09 +0000 (08:05 +0000)]
Update bundle

2 years agoMerge remote-tracking branch 'upstream/pull/3411'
Tom Hughes [Thu, 6 Jan 2022 15:34:30 +0000 (15:34 +0000)]
Merge remote-tracking branch 'upstream/pull/3411'

2 years agoUse `assert_link` instead of `assert page.has_link?`
Andy Allan [Thu, 6 Jan 2022 13:27:15 +0000 (13:27 +0000)]
Use `assert_link` instead of `assert page.has_link?`

This leads to better error messages if the test fails

2 years agoMerge remote-tracking branch 'upstream/pull/3410'
Tom Hughes [Thu, 6 Jan 2022 13:25:42 +0000 (13:25 +0000)]
Merge remote-tracking branch 'upstream/pull/3410'

2 years agoUse `assert_content` instead of `assert page.has_content?`
Andy Allan [Thu, 6 Jan 2022 13:16:47 +0000 (13:16 +0000)]
Use `assert_content` instead of `assert page.has_content?`

The assert_content comes from capybara, and gives a much more helpful
error message if the test fails.

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 6 Jan 2022 12:08:27 +0000 (13:08 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoUse factory_bot to build new model objects
Andy Allan [Thu, 6 Jan 2022 10:46:38 +0000 (10:46 +0000)]
Use factory_bot to build new model objects

2 years agoUse factorybot to build user objects
Andy Allan [Wed, 5 Jan 2022 20:29:12 +0000 (20:29 +0000)]
Use factorybot to build user objects

This allows us to only specify attributes of interest in the test.

2 years agoMerge remote-tracking branch 'upstream/pull/3409'
Tom Hughes [Wed, 5 Jan 2022 18:40:13 +0000 (18:40 +0000)]
Merge remote-tracking branch 'upstream/pull/3409'

2 years agoAttempt to avoid polynomial time matches on user supplied data
Tom Hughes [Wed, 5 Jan 2022 11:11:14 +0000 (11:11 +0000)]
Attempt to avoid polynomial time matches on user supplied data

2 years agoFix display of suspension message when a user is suspended mid-session
Andy Allan [Wed, 5 Jan 2022 18:14:30 +0000 (18:14 +0000)]
Fix display of suspension message when a user is suspended mid-session

Without the ability defined, the user is still logged out, but then
the deny_access check redirects to the login page. The re-login attempt
would then fail anyway, with an error message, but let's fix the abilities
and use the intended page.