]>
git.openstreetmap.org Git - rails.git/log
Tom Hughes [Wed, 30 Aug 2023 18:11:08 +0000 (19:11 +0100)]
Improve testing of changeset comment rate limits
Tom Hughes [Wed, 30 Aug 2023 17:28:32 +0000 (18:28 +0100)]
Move changeset comment rate limit check to a predicate method
Tom Hughes [Wed, 30 Aug 2023 17:25:06 +0000 (18:25 +0100)]
Improve naming of changeset comment rate limit settings
Tom Hughes [Wed, 30 Aug 2023 17:10:20 +0000 (18:10 +0100)]
Merge remote-tracking branch 'upstream/pull/4210'
Tom Hughes [Wed, 30 Aug 2023 17:09:41 +0000 (18:09 +0100)]
Merge remote-tracking branch 'upstream/pull/4209'
Andy Allan [Wed, 30 Aug 2023 16:17:15 +0000 (17:17 +0100)]
Use Activerecord '#or' method for queries
That let's us use relation names (like `sender`) and avoid dealing
directly with ids.
Andy Allan [Wed, 30 Aug 2023 15:51:44 +0000 (16:51 +0100)]
Use trace instead of gpx_id in queries
This makes the queries easier to read.
Andy Allan [Wed, 30 Aug 2023 15:45:04 +0000 (16:45 +0100)]
Avoid using _id in queries
This makes the queries shorter and easier to read.
Andy Allan [Wed, 30 Aug 2023 14:17:11 +0000 (15:17 +0100)]
Merge pull request #4193 from AntonKhorev/lookup-friend
Lookup friend user before make/remove friend action
Andy Allan [Wed, 30 Aug 2023 14:11:57 +0000 (15:11 +0100)]
Merge pull request #4197 from AntonKhorev/user-resources
Move user lookup/error methods from app controller to concerns
Andy Allan [Wed, 30 Aug 2023 10:12:40 +0000 (11:12 +0100)]
Merge pull request #4202 from tomhughes/changeset-comment-limit
Add rate limiting for changeset comments
Tom Hughes [Tue, 29 Aug 2023 17:08:56 +0000 (18:08 +0100)]
Update bundle
Tom Hughes [Tue, 29 Aug 2023 17:08:06 +0000 (18:08 +0100)]
Merge remote-tracking branch 'upstream/pull/4208'
dependabot[bot] [Mon, 28 Aug 2023 23:28:12 +0000 (23:28 +0000)]
Bump osm-community-index from 5.5.5 to 5.6.0
Bumps [osm-community-index](https://github.com/osmlab/osm-community-index) from 5.5.5 to 5.6.0.
- [Release notes](https://github.com/osmlab/osm-community-index/releases)
- [Changelog](https://github.com/osmlab/osm-community-index/blob/main/CHANGELOG.md)
- [Commits](https://github.com/osmlab/osm-community-index/compare/v5.5.5...v5.6.0)
---
updated-dependencies:
- dependency-name: osm-community-index
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
translatewiki.net [Mon, 28 Aug 2023 11:26:20 +0000 (13:26 +0200)]
Localisation updates from https://translatewiki.net.
Tom Hughes [Sun, 27 Aug 2023 08:46:10 +0000 (09:46 +0100)]
Merge remote-tracking branch 'upstream/pull/4198'
Tom Hughes [Sat, 26 Aug 2023 16:41:22 +0000 (17:41 +0100)]
Restore ordering of results from the users#index API call
Tom Hughes [Sat, 26 Aug 2023 11:30:15 +0000 (12:30 +0100)]
Merge remote-tracking branch 'upstream/pull/4203'
ENT8R [Sat, 26 Aug 2023 11:01:05 +0000 (13:01 +0200)]
Add checks to ensure that the response is empty
Tom Hughes [Sat, 26 Aug 2023 09:44:48 +0000 (10:44 +0100)]
Merge remote-tracking branch 'upstream/pull/4204'
ENT8R [Sat, 26 Aug 2023 08:14:40 +0000 (10:14 +0200)]
Sort users by their ids
ENT8R [Sat, 26 Aug 2023 07:37:06 +0000 (09:37 +0200)]
Change tests to expect a successful (empty) response even if the user is not visible anymore
dependabot[bot] [Fri, 25 Aug 2023 23:11:59 +0000 (23:11 +0000)]
Bump eslint from 8.47.0 to 8.48.0
Bumps [eslint](https://github.com/eslint/eslint) from 8.47.0 to 8.48.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.47.0...v8.48.0)
---
updated-dependencies:
- dependency-name: eslint
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
ENT8R [Fri, 25 Aug 2023 22:31:18 +0000 (00:31 +0200)]
Use where instead of find to prevent 404
Tom Hughes [Fri, 25 Aug 2023 18:21:53 +0000 (19:21 +0100)]
Add rate limiting for changeset comments
Fixes #4196
Tom Hughes [Fri, 25 Aug 2023 08:49:44 +0000 (09:49 +0100)]
Test that suspended and deleted users can't use OAuth tokens
Tom Hughes [Fri, 25 Aug 2023 08:44:25 +0000 (09:44 +0100)]
Logout while testing OAuth 1 token usage
This ensures we're not accidentally inheriting any session permissions.
Tom Hughes [Fri, 25 Aug 2023 07:51:41 +0000 (08:51 +0100)]
Separate authenticating user from application owner in OAuth 1 tests
translatewiki.net [Thu, 24 Aug 2023 11:21:00 +0000 (13:21 +0200)]
Localisation updates from https://translatewiki.net.
Tom Hughes [Tue, 22 Aug 2023 20:18:45 +0000 (21:18 +0100)]
Make the TOTP cookie httponly
Tom Hughes [Tue, 22 Aug 2023 20:15:08 +0000 (21:15 +0100)]
Update to rails 7.0.7.2
Tom Hughes [Tue, 22 Aug 2023 17:51:02 +0000 (18:51 +0100)]
Update bundle
Tom Hughes [Tue, 22 Aug 2023 17:32:53 +0000 (18:32 +0100)]
Add support for rate limiting signup requests
Anton Khorev [Sun, 20 Aug 2023 23:17:36 +0000 (02:17 +0300)]
Lookup friend user before make/remove friend action
Anton Khorev [Sun, 20 Aug 2023 22:52:13 +0000 (01:52 +0300)]
Lookup user before action in user's notes list
Anton Khorev [Sun, 20 Aug 2023 22:27:59 +0000 (01:27 +0300)]
Render unknown user with concerns code in notes controller
Anton Khorev [Sun, 20 Aug 2023 22:11:49 +0000 (01:11 +0300)]
Move user lookup and error render to concerns
Tom Hughes [Sun, 20 Aug 2023 17:49:32 +0000 (18:49 +0100)]
Merge remote-tracking branch 'upstream/pull/4190'
Tom Hughes [Sun, 20 Aug 2023 10:04:28 +0000 (11:04 +0100)]
Merge remote-tracking branch 'upstream/pull/4169'
Milan Cvetkovic [Thu, 17 Aug 2023 08:22:13 +0000 (08:22 +0000)]
Change provider name to "microsoft"
Milan Cvetkovic [Wed, 16 Aug 2023 12:04:32 +0000 (12:04 +0000)]
Add migration script
Milan Cvetkovic [Mon, 14 Aug 2023 12:18:40 +0000 (12:18 +0000)]
Update tests for microsoft_graph endpoints
Anton Khorev [Sat, 19 Aug 2023 17:22:19 +0000 (20:22 +0300)]
Respond with plaintext when user not found in changeset query
The response used to be of type xml with empty body, which is not valid xml.
Tom Hughes [Sat, 19 Aug 2023 10:30:33 +0000 (11:30 +0100)]
Merge remote-tracking branch 'upstream/pull/4187'
Tom Hughes [Sat, 19 Aug 2023 10:29:17 +0000 (11:29 +0100)]
Merge remote-tracking branch 'upstream/pull/4186'
Tom Hughes [Sat, 19 Aug 2023 10:22:54 +0000 (11:22 +0100)]
Replace links to donate.osm.org with supporting.osm.org
Anton Khorev [Sat, 19 Aug 2023 02:40:34 +0000 (05:40 +0300)]
Expose note query limit values in api capabilities
Anton Khorev [Sat, 19 Aug 2023 02:40:05 +0000 (05:40 +0300)]
Add missing changeset query limit capabilities test
Anton Khorev [Sat, 19 Aug 2023 02:23:42 +0000 (05:23 +0300)]
Use max note query limit setting in tests
Anton Khorev [Sat, 19 Aug 2023 02:06:00 +0000 (05:06 +0300)]
Move note query limit values to settings
dependabot[bot] [Sat, 19 Aug 2023 02:01:30 +0000 (02:01 +0000)]
Bump puma from 5.6.6 to 5.6.7
Bumps [puma](https://github.com/puma/puma) from 5.6.6 to 5.6.7.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.6.6...v5.6.7)
---
updated-dependencies:
- dependency-name: puma
dependency-type: direct:development
...
Signed-off-by: dependabot[bot] <support@github.com>
Tom Hughes [Fri, 18 Aug 2023 18:32:38 +0000 (19:32 +0100)]
Merge remote-tracking branch 'upstream/pull/4185'
Tom Hughes [Fri, 18 Aug 2023 18:26:53 +0000 (19:26 +0100)]
Make the versions call default to XML
Tom Hughes [Fri, 18 Aug 2023 18:25:36 +0000 (19:25 +0100)]
Merge remote-tracking branch 'upstream/pull/4182'
Tom Hughes [Fri, 18 Aug 2023 18:20:55 +0000 (19:20 +0100)]
Merge remote-tracking branch 'upstream/pull/4180'
Tom Hughes [Fri, 18 Aug 2023 18:20:36 +0000 (19:20 +0100)]
Merge remote-tracking branch 'upstream/pull/4181'
Anton Khorev [Fri, 18 Aug 2023 15:48:38 +0000 (18:48 +0300)]
Add 'User' to selectable types in issues search for moderators
Reported users are either directly assigned to moderators or ofter reassigned to them.
Anton Khorev [Fri, 18 Aug 2023 02:08:41 +0000 (05:08 +0300)]
Add JSON output to /api/versions
dependabot[bot] [Thu, 17 Aug 2023 23:39:40 +0000 (23:39 +0000)]
Bump osm-community-index from 5.5.4 to 5.5.5
Bumps [osm-community-index](https://github.com/osmlab/osm-community-index) from 5.5.4 to 5.5.5.
- [Release notes](https://github.com/osmlab/osm-community-index/releases)
- [Changelog](https://github.com/osmlab/osm-community-index/blob/main/CHANGELOG.md)
- [Commits](https://github.com/osmlab/osm-community-index/compare/v5.5.4...v5.5.5)
---
updated-dependencies:
- dependency-name: osm-community-index
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Martin Raifer [Thu, 17 Aug 2023 21:48:49 +0000 (23:48 +0200)]
Update to iD v2.27.1
Tom Hughes [Thu, 17 Aug 2023 18:07:37 +0000 (19:07 +0100)]
Merge remote-tracking branch 'upstream/pull/4171'
Tom Hughes [Thu, 17 Aug 2023 17:55:03 +0000 (18:55 +0100)]
Merge remote-tracking branch 'upstream/pull/4179'
Tom Hughes [Thu, 17 Aug 2023 17:51:17 +0000 (18:51 +0100)]
Merge remote-tracking branch 'upstream/pull/4178'
Anton Khorev [Thu, 17 Aug 2023 16:20:37 +0000 (19:20 +0300)]
Add color keys to note tables
Anton Khorev [Wed, 16 Aug 2023 15:34:53 +0000 (18:34 +0300)]
Remove right leaflet toolbar position override
Has no effect, doesn't take rtl into account.
Was added in https://github.com/openstreetmap/openstreetmap-website/commit/
537d72b0f66562475808249a1a2ef3223df5dd52 #diff-fe520170ce0c939dc1e59f3395a360a1866b4da19b474c9f0b35112f72e952d8R117
Milan Cvetkovic [Mon, 14 Aug 2023 08:42:14 +0000 (08:42 +0000)]
Replace references to windowslive with microsoft_graph
Milan Cvetkovic [Mon, 14 Aug 2023 10:32:14 +0000 (10:32 +0000)]
Use omniauth-microsoft_graph instead of omniauth-windowslive
Omniauth-microsoft_graph correctly populates 'email' and 'name' fields used by OpenStreetMap.
It also uses updated endpoints for Microsoft identity provider.
Use email address returned by microsoft_graph provider as a verified address.
Upgrading exisiting users from windowslive to microsoft_graph:
- upon next login existing `windowslive` users will have to authorizei
OpenStreetMap application to "Read Your Profile," required for proper reading
of display name field.
The name of the identity provider in OSM is kept to 'windowslive':
- the entries in users table with `provider == 'windowslive'`
can be reused for microsoft_graph provider, since
the uid field is preserved. Users will not need to repeat the sign up process.
- OAuth2 callback is still `/auth/windowslive`, no updates to Microsoft Identity Provider portal
App registration are necessary.
translatewiki.net [Thu, 17 Aug 2023 11:22:14 +0000 (13:22 +0200)]
Localisation updates from https://translatewiki.net.
Tom Hughes [Wed, 16 Aug 2023 17:12:01 +0000 (18:12 +0100)]
Merge remote-tracking branch 'upstream/pull/4174'
Martin Raifer [Wed, 16 Aug 2023 16:32:02 +0000 (18:32 +0200)]
Update to iD v2.27.0
Andy Allan [Wed, 16 Aug 2023 12:43:42 +0000 (13:43 +0100)]
Merge pull request #4133 from AntonKhorev/flex-leaflet-controls
Use multiple columns for map controls if they don't fit vertically
Andy Allan [Wed, 16 Aug 2023 12:35:47 +0000 (13:35 +0100)]
Merge pull request #4150 from AntonKhorev/note-table-bootstrap-highlight
Use Bootstrap highlight class in note tables
Andy Allan [Wed, 16 Aug 2023 12:24:11 +0000 (13:24 +0100)]
Merge pull request #4156 from AntonKhorev/bootstrap-code-direction-fix
Don't do direction override from Bootstrap reboot of <code>
Andy Allan [Wed, 16 Aug 2023 10:35:33 +0000 (11:35 +0100)]
Merge pull request #4148 from tomhughes/avatar-image
Use correct extension and type for avatar images attached to mails
Andy Allan [Wed, 16 Aug 2023 10:27:42 +0000 (11:27 +0100)]
Merge pull request #4173 from AntonKhorev/comments
Small changes of diary comments
Andy Allan [Wed, 16 Aug 2023 10:16:22 +0000 (11:16 +0100)]
Merge pull request #4172 from tomhughes/user-predicates
Fix predicate method names in the user model
Anton Khorev [Wed, 16 Aug 2023 01:22:50 +0000 (04:22 +0300)]
Replace top margin on comments with bottom padding on diary posts
Anton Khorev [Wed, 16 Aug 2023 01:17:50 +0000 (04:17 +0300)]
Remove empty comments anchor
Tom Hughes [Tue, 15 Aug 2023 17:53:14 +0000 (18:53 +0100)]
Fix predicate method names in the user model
Tom Hughes [Tue, 15 Aug 2023 17:22:45 +0000 (18:22 +0100)]
Fix new rubocop warnings
Tom Hughes [Tue, 15 Aug 2023 17:19:59 +0000 (18:19 +0100)]
Update bundle
Anton Khorev [Tue, 15 Aug 2023 16:12:11 +0000 (19:12 +0300)]
Add 'from' and 'to' changeset query parameters
Anton Khorev [Tue, 15 Aug 2023 15:57:04 +0000 (18:57 +0300)]
Revert misleading comment about time restriction
Was added in https://github.com/openstreetmap/openstreetmap-website/commit/
afe8dd51ece21325eea8a108515b9426764de5b2 #diff-22d3daaccac3ac960d6dbb47e9c6a9d15b0b4cffbbf9ad32d525600f562827f1R420
Anton Khorev [Tue, 15 Aug 2023 15:40:49 +0000 (18:40 +0300)]
Disallow changesets query with both time and order=oldest
Anton Khorev [Tue, 15 Aug 2023 15:33:51 +0000 (18:33 +0300)]
Sort changesets by creation time
Anton Khorev [Tue, 15 Aug 2023 15:29:43 +0000 (18:29 +0300)]
Add tests for changeset order + from..to queries
translatewiki.net [Mon, 14 Aug 2023 11:20:48 +0000 (13:20 +0200)]
Localisation updates from https://translatewiki.net.
Tom Hughes [Mon, 14 Aug 2023 07:31:10 +0000 (08:31 +0100)]
Make the close icon on banners more visible
Fixes #4165
Tom Hughes [Sun, 13 Aug 2023 20:57:09 +0000 (21:57 +0100)]
Add support for dark banner images that need a white close icon
Guillaume Rischard [Sun, 13 Aug 2023 20:32:16 +0000 (21:32 +0100)]
Remove SotM 2022 banner, add fundraising banner
Closes #4162
Tom Hughes [Sun, 13 Aug 2023 18:09:54 +0000 (19:09 +0100)]
Sort changesets by close time to match selection
This ensures that the sort can be optimised using the index
when selecting by time.
Tom Hughes [Sun, 13 Aug 2023 11:48:02 +0000 (12:48 +0100)]
Make the capabilities call default to XML
Tom Hughes [Sun, 13 Aug 2023 09:50:33 +0000 (10:50 +0100)]
Merge remote-tracking branch 'upstream/pull/4144'
Tom Hughes [Sun, 13 Aug 2023 09:38:58 +0000 (10:38 +0100)]
Merge remote-tracking branch 'upstream/pull/4159'
Tom Hughes [Sun, 13 Aug 2023 09:33:43 +0000 (10:33 +0100)]
Check that the /api/0.6/capabilities.json route is recognised
Tom Hughes [Sun, 13 Aug 2023 09:00:29 +0000 (10:00 +0100)]
Merge remote-tracking branch 'upstream/pull/4158'
Tom Hughes [Sun, 13 Aug 2023 08:42:08 +0000 (09:42 +0100)]
Merge remote-tracking branch 'upstream/pull/4161'
Tom Hughes [Sun, 13 Aug 2023 08:37:27 +0000 (09:37 +0100)]
Allow a srcset to be specified for banners
Anton Khorev [Sat, 12 Aug 2023 16:07:36 +0000 (19:07 +0300)]
Use Settings.generator string in tests
Tom Hughes [Sat, 12 Aug 2023 14:20:41 +0000 (15:20 +0100)]
Merge remote-tracking branch 'upstream/pull/4155'