]> git.openstreetmap.org Git - rails.git/log
rails.git
6 years agoRemove the unused require_moderator filter
Andy Allan [Wed, 28 Nov 2018 14:46:37 +0000 (15:46 +0100)]
Remove the unused require_moderator filter

Use of this filter has been refactored to use CanCanCan

6 years agoUse CanCanCan for notes authorization
Andy Allan [Wed, 28 Nov 2018 14:33:43 +0000 (15:33 +0100)]
Use CanCanCan for notes authorization

6 years agoMerge remote-tracking branch 'upstream/pull/2073'
Tom Hughes [Wed, 28 Nov 2018 11:54:00 +0000 (11:54 +0000)]
Merge remote-tracking branch 'upstream/pull/2073'

6 years agoUse CanCanCan for changeset comments
Andy Allan [Wed, 14 Nov 2018 14:45:30 +0000 (15:45 +0100)]
Use CanCanCan for changeset comments

This introduces different deny_access handlers for web and api requests, since we want to avoid sending redirects as API responses. See #2064 for discussion.

6 years agoUpdate to rails 5.2.1.1
Tom Hughes [Tue, 27 Nov 2018 23:10:24 +0000 (23:10 +0000)]
Update to rails 5.2.1.1

6 years agoShow tel: links for multiple phone numbers separated by ;
Paul Dexter-Sobkowiak [Mon, 26 Nov 2018 22:15:19 +0000 (22:15 +0000)]
Show tel: links for multiple phone numbers separated by ;

Closes #2069

6 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 26 Nov 2018 07:03:14 +0000 (08:03 +0100)]
Localisation updates from https://translatewiki.net.

6 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 22 Nov 2018 06:38:17 +0000 (07:38 +0100)]
Localisation updates from https://translatewiki.net.

6 years agoAdd links to Welcome Mat on /welcome and /help
Mikel Maron [Tue, 20 Nov 2018 18:46:22 +0000 (18:46 +0000)]
Add links to Welcome Mat on /welcome and /help

Closes #2056

6 years agoUpdate Potlatch 2 to 2.5-59-gdd728d5e build
Tom Hughes [Mon, 19 Nov 2018 18:02:46 +0000 (18:02 +0000)]
Update Potlatch 2 to 2.5-59-gdd728d5e build

6 years agoAllow connect_src to match all sites in Potlatch
Tom Hughes [Mon, 19 Nov 2018 17:34:47 +0000 (17:34 +0000)]
Allow connect_src to match all sites in Potlatch

It seems that Safari matches connections made from a flash application
against connect_src while Firefox uses object_src instead.

Fixes #2067

6 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 19 Nov 2018 07:48:39 +0000 (08:48 +0100)]
Localisation updates from https://translatewiki.net.

6 years agoFix issues with renaming of diary entry controller
Tom Hughes [Sat, 17 Nov 2018 17:47:51 +0000 (17:47 +0000)]
Fix issues with renaming of diary entry controller

6 years agoTake security policy URLs from the configuration file
Tom Hughes [Thu, 15 Nov 2018 18:47:15 +0000 (18:47 +0000)]
Take security policy URLs from the configuration file

6 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 15 Nov 2018 07:24:40 +0000 (08:24 +0100)]
Localisation updates from https://translatewiki.net.

6 years agoFix tests for rails 5.2.1 compatibility
Tom Hughes [Thu, 15 Nov 2018 00:46:53 +0000 (00:46 +0000)]
Fix tests for rails 5.2.1 compatibility

Rails 5.2.1 has changed how the request body is handled
internally for a test which means we can no longer cheat
by stashing it in the request environment and must instead
pass it properly to the request method.

6 years agoUpdate to rails 5.2.1
Tom Hughes [Wed, 14 Nov 2018 22:35:44 +0000 (22:35 +0000)]
Update to rails 5.2.1

6 years agoMerge remote-tracking branch 'upstream/pull/2060'
Tom Hughes [Wed, 14 Nov 2018 13:13:56 +0000 (13:13 +0000)]
Merge remote-tracking branch 'upstream/pull/2060'

6 years agoRemove custom deny_access handlers
Andy Allan [Wed, 14 Nov 2018 10:35:30 +0000 (11:35 +0100)]
Remove custom deny_access handlers

Since these pages are not accessed by normal users, except for url fiddling, it's fine to respond with a generic access denied.

6 years agoMerge remote-tracking branch 'upstream/pull/2061'
Tom Hughes [Wed, 14 Nov 2018 12:43:35 +0000 (12:43 +0000)]
Merge remote-tracking branch 'upstream/pull/2061'

6 years agoAdd a changeset to exercise that part of the contact rendering
Andy Allan [Wed, 14 Nov 2018 11:25:21 +0000 (12:25 +0100)]
Add a changeset to exercise that part of the contact rendering

6 years agoEnsure that the blocked template rendering works
Andy Allan [Wed, 14 Nov 2018 11:18:53 +0000 (12:18 +0100)]
Ensure that the blocked template rendering works

6 years agoCheck that a request that requires authentication is redirected when the user hasn...
Andy Allan [Wed, 14 Nov 2018 11:09:46 +0000 (12:09 +0100)]
Check that a request that requires authentication is redirected when the user hasn't seen the terms

6 years agoMerge remote-tracking branch 'upstream/pull/2058'
Tom Hughes [Wed, 14 Nov 2018 10:48:18 +0000 (10:48 +0000)]
Merge remote-tracking branch 'upstream/pull/2058'

6 years agoPluralize changesets controller
Andy Allan [Wed, 7 Nov 2018 16:12:23 +0000 (17:12 +0100)]
Pluralize changesets controller

6 years agoSkip CSRF verification for changeset comment actions
Tom Hughes [Tue, 13 Nov 2018 13:17:19 +0000 (13:17 +0000)]
Skip CSRF verification for changeset comment actions

Fixes #2057

6 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 12 Nov 2018 07:48:53 +0000 (08:48 +0100)]
Localisation updates from https://translatewiki.net.

6 years agoUpdate Potlatch 2 to 2.5-57-gaa163622 build
Tom Hughes [Fri, 9 Nov 2018 16:07:35 +0000 (16:07 +0000)]
Update Potlatch 2 to 2.5-57-gaa163622 build

6 years agoUpdate Potlatch 2 to 2.5-56-g550aab49 build
Tom Hughes [Fri, 9 Nov 2018 14:33:00 +0000 (14:33 +0000)]
Update Potlatch 2 to 2.5-56-g550aab49 build

6 years agoAttempt to send pretty 403 errors to web browsers
Tom Hughes [Thu, 8 Nov 2018 19:09:56 +0000 (19:09 +0000)]
Attempt to send pretty 403 errors to web browsers

6 years agoMerge remote-tracking branch 'upstream/pull/2051'
Tom Hughes [Thu, 8 Nov 2018 17:51:23 +0000 (17:51 +0000)]
Merge remote-tracking branch 'upstream/pull/2051'

6 years agoMerge remote-tracking branch 'upstream/pull/2052'
Tom Hughes [Thu, 8 Nov 2018 17:44:57 +0000 (17:44 +0000)]
Merge remote-tracking branch 'upstream/pull/2052'

6 years agoMerge remote-tracking branch 'upstream/pull/2050'
Tom Hughes [Thu, 8 Nov 2018 17:31:30 +0000 (17:31 +0000)]
Merge remote-tracking branch 'upstream/pull/2050'

6 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 8 Nov 2018 09:08:59 +0000 (10:08 +0100)]
Localisation updates from https://translatewiki.net.

6 years agoMerge remote-tracking branch 'upstream/pull/2053'
Tom Hughes [Wed, 7 Nov 2018 15:55:38 +0000 (15:55 +0000)]
Merge remote-tracking branch 'upstream/pull/2053'

6 years agoRemove unnecessary include from redaction model test
Andy Allan [Wed, 7 Nov 2018 15:48:48 +0000 (16:48 +0100)]
Remove unnecessary include from redaction model test

6 years agoRemove unnecessary require statements from tests
Andy Allan [Wed, 7 Nov 2018 15:42:11 +0000 (16:42 +0100)]
Remove unnecessary require statements from tests

6 years agoPluralize diary entries controller
Andy Allan [Wed, 7 Nov 2018 15:31:04 +0000 (16:31 +0100)]
Pluralize diary entries controller

6 years agoPluralize old_ controllers
Andy Allan [Wed, 7 Nov 2018 15:02:22 +0000 (16:02 +0100)]
Pluralize old_ controllers

6 years agoPluralize nodes, ways and relations controllers
Andy Allan [Wed, 7 Nov 2018 14:53:04 +0000 (15:53 +0100)]
Pluralize nodes, ways and relations controllers

6 years agoUse CanCanCan for redaction authorizations
Andy Allan [Wed, 7 Nov 2018 12:28:58 +0000 (13:28 +0100)]
Use CanCanCan for redaction authorizations

6 years agoMigrate UserBlocksController to use CanCanCan
Andy Allan [Wed, 7 Nov 2018 12:07:08 +0000 (13:07 +0100)]
Migrate UserBlocksController to use CanCanCan

6 years agoReduce the max class length after splitting the changeset comments controller tests out
Andy Allan [Wed, 7 Nov 2018 10:25:12 +0000 (11:25 +0100)]
Reduce the max class length after splitting the changeset comments controller tests out

6 years agoUse relative translations for changeset comments
Andy Allan [Wed, 7 Nov 2018 10:07:29 +0000 (11:07 +0100)]
Use relative translations for changeset comments

6 years agoRename hide_comment and unhide_comment to destroy and restore
Andy Allan [Wed, 7 Nov 2018 09:51:43 +0000 (10:51 +0100)]
Rename hide_comment and unhide_comment to destroy and restore

This preserves the API endpoints and HTTP methods, which could be changed in the next API version

6 years agoRename comments_feed to index
Andy Allan [Wed, 7 Nov 2018 08:58:21 +0000 (09:58 +0100)]
Rename comments_feed to index

6 years agoRename comment to create
Andy Allan [Wed, 31 Oct 2018 19:01:01 +0000 (20:01 +0100)]
Rename comment to create

6 years agoSplit changeset comment handling into a changeset_comments controller
Andy Allan [Wed, 31 Oct 2018 18:56:26 +0000 (19:56 +0100)]
Split changeset comment handling into a changeset_comments controller

6 years agoFix rubocop warning
Tom Hughes [Wed, 7 Nov 2018 09:16:14 +0000 (09:16 +0000)]
Fix rubocop warning

6 years agoMerge remote-tracking branch 'upstream/pull/2049'
Tom Hughes [Wed, 7 Nov 2018 09:03:01 +0000 (09:03 +0000)]
Merge remote-tracking branch 'upstream/pull/2049'

6 years agoUpdate leaflet.locate.js
Dominik Moritz [Wed, 7 Nov 2018 05:04:16 +0000 (21:04 -0800)]
Update leaflet.locate.js

6 years agoAvoid ordering points from public and private traces
Tom Hughes [Wed, 7 Nov 2018 08:57:14 +0000 (08:57 +0000)]
Avoid ordering points from public and private traces

Closes #2046

6 years agoMerge remote-tracking branch 'upstream/pull/2044'
Tom Hughes [Mon, 5 Nov 2018 21:22:48 +0000 (21:22 +0000)]
Merge remote-tracking branch 'upstream/pull/2044'

6 years agoUse character validate to exclude URL characters for trace tags
Tom Hughes [Mon, 5 Nov 2018 19:07:26 +0000 (19:07 +0000)]
Use character validate to exclude URL characters for trace tags

6 years agoImprove character validator error messages
Tom Hughes [Mon, 5 Nov 2018 18:58:08 +0000 (18:58 +0000)]
Improve character validator error messages

6 years agoMerge character validators
Tom Hughes [Mon, 5 Nov 2018 18:54:19 +0000 (18:54 +0000)]
Merge character validators

6 years agoMerge leading and trailing whitespace validators
Tom Hughes [Mon, 5 Nov 2018 18:29:17 +0000 (18:29 +0000)]
Merge leading and trailing whitespace validators

6 years agoImprove consistency of text validations
Tom Hughes [Mon, 5 Nov 2018 17:06:48 +0000 (17:06 +0000)]
Improve consistency of text validations

6 years agoAdded tests for validators
J Guthrie [Mon, 5 Nov 2018 15:41:35 +0000 (15:41 +0000)]
Added tests for validators

6 years agoChanged User model to not allow nil display_name (w/ tests)
J Guthrie [Mon, 5 Nov 2018 15:40:37 +0000 (15:40 +0000)]
Changed User model to not allow nil display_name (w/ tests)

6 years agoConverted invalid_chars validator to use locale
J Guthrie [Mon, 5 Nov 2018 01:55:25 +0000 (01:55 +0000)]
Converted invalid_chars validator to use locale

6 years agoFix rubocop errors
J Guthrie [Sun, 4 Nov 2018 18:52:45 +0000 (18:52 +0000)]
Fix rubocop errors

6 years agoCreate invalid_char validators and apply to models
J Guthrie [Sun, 4 Nov 2018 18:28:27 +0000 (18:28 +0000)]
Create invalid_char validators and apply to models

6 years agoAdded more non-ascii chars to validation (matching list of chars in other models)
J Guthrie [Sun, 4 Nov 2018 16:47:02 +0000 (16:47 +0000)]
Added more non-ascii chars to validation (matching list of chars in other models)

6 years agoFix rubucop errors
J Guthrie [Sun, 4 Nov 2018 16:40:01 +0000 (16:40 +0000)]
Fix rubucop errors

6 years agoMake invalid char list more explicit (between ascii and non ascii chars)
J Guthrie [Sun, 4 Nov 2018 16:22:41 +0000 (16:22 +0000)]
Make invalid char list more explicit (between ascii and non ascii chars)

6 years agoAdded trailing/leading whitespace errors to locale
J Guthrie [Sun, 4 Nov 2018 16:17:44 +0000 (16:17 +0000)]
Added trailing/leading whitespace errors to locale

6 years agoSpecifiy invalid chars in username error message
J Guthrie [Sun, 4 Nov 2018 16:06:23 +0000 (16:06 +0000)]
Specifiy invalid chars in username error message
 - Refactored list of invalid chars out to constant

6 years agoAllow note comments with no body
Tom Hughes [Mon, 5 Nov 2018 09:24:51 +0000 (09:24 +0000)]
Allow note comments with no body

6 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 5 Nov 2018 07:57:46 +0000 (08:57 +0100)]
Localisation updates from https://translatewiki.net.

6 years agoMerge remote-tracking branch 'upstream/pull/2009'
Tom Hughes [Sun, 4 Nov 2018 14:50:14 +0000 (14:50 +0000)]
Merge remote-tracking branch 'upstream/pull/2009'

6 years agoMerge remote-tracking branch 'upstream/pull/2042'
Tom Hughes [Sun, 4 Nov 2018 14:49:27 +0000 (14:49 +0000)]
Merge remote-tracking branch 'upstream/pull/2042'

6 years agoLimit notes sizes to 2000 characters
mmd-osm [Sat, 3 Nov 2018 17:32:02 +0000 (18:32 +0100)]
Limit notes sizes to 2000 characters

6 years agoMerge remote-tracking branch 'upstream/pull/2023'
Tom Hughes [Sat, 3 Nov 2018 14:34:18 +0000 (14:34 +0000)]
Merge remote-tracking branch 'upstream/pull/2023'

6 years agoMove abilities to a sepatarate top level directory
Tom Hughes [Sat, 3 Nov 2018 12:28:00 +0000 (12:28 +0000)]
Move abilities to a sepatarate top level directory

6 years agoMerge remote-tracking branch 'upstream/pull/2038'
Tom Hughes [Sat, 3 Nov 2018 11:58:56 +0000 (11:58 +0000)]
Merge remote-tracking branch 'upstream/pull/2038'

6 years agoOnly use DelayedJob in production
Tom Hughes [Sat, 3 Nov 2018 11:57:25 +0000 (11:57 +0000)]
Only use DelayedJob in production

In development just let the default async adaptor be used so
that people don't need to run a daemon.

6 years agoOn hover, change border to a subtle darker orange, increase strokeWidth
J Guthrie [Fri, 2 Nov 2018 01:23:37 +0000 (01:23 +0000)]
On hover, change border to a subtle darker orange, increase strokeWidth

6 years agoUpdate to sassc 2.x
Tom Hughes [Thu, 1 Nov 2018 22:29:27 +0000 (22:29 +0000)]
Update to sassc 2.x

6 years agoUpdate bundle
Tom Hughes [Thu, 1 Nov 2018 18:23:43 +0000 (18:23 +0000)]
Update bundle

6 years agoMerge remote-tracking branch 'upstream/pull/2037'
Tom Hughes [Thu, 1 Nov 2018 18:01:25 +0000 (18:01 +0000)]
Merge remote-tracking branch 'upstream/pull/2037'

6 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 1 Nov 2018 07:19:56 +0000 (08:19 +0100)]
Localisation updates from https://translatewiki.net.

6 years agoFix new rubocop warnings
Tom Hughes [Wed, 31 Oct 2018 18:49:21 +0000 (18:49 +0000)]
Fix new rubocop warnings

6 years agoUpdate bundle
Tom Hughes [Wed, 31 Oct 2018 18:42:54 +0000 (18:42 +0000)]
Update bundle

6 years agoMerge remote-tracking branch 'upstream/pull/2039'
Tom Hughes [Wed, 31 Oct 2018 18:33:20 +0000 (18:33 +0000)]
Merge remote-tracking branch 'upstream/pull/2039'

6 years agoMove notifier.rb into app/mailers
Andy Allan [Wed, 31 Oct 2018 16:17:03 +0000 (17:17 +0100)]
Move notifier.rb into app/mailers

This is the expected location for mailers

6 years agoUse deliver_later for all email sending
Andy Allan [Wed, 31 Oct 2018 15:38:12 +0000 (16:38 +0100)]
Use deliver_later for all email sending

6 years agoSet up Delayed Job as the backend for Active Job
Andy Allan [Wed, 31 Oct 2018 14:31:32 +0000 (15:31 +0100)]
Set up Delayed Job as the backend for Active Job

This persists jobs into the database, and uses locking to ensure that
workers from multiple machines avoid treading on each other.

Jobs can be run by using `bundle exec rake jobs:work`

Fixes #2015

6 years agoFix error messages when users should not be able to do things
Andy Allan [Wed, 31 Oct 2018 10:42:49 +0000 (11:42 +0100)]
Fix error messages when users should not be able to do things

6 years agoAdd testing for moderator users and issues
Andy Allan [Wed, 31 Oct 2018 10:41:32 +0000 (11:41 +0100)]
Add testing for moderator users and issues

6 years agoRemove unnecessary token granting from the user_preferences tests
Andy Allan [Wed, 31 Oct 2018 10:36:24 +0000 (11:36 +0100)]
Remove unnecessary token granting from the user_preferences tests

Sufficient permissions are granted by the basic authorisation, so this
isn't testing anything.

6 years agoMerge branch 'master' into cancancan
Andy Allan [Wed, 31 Oct 2018 10:16:47 +0000 (11:16 +0100)]
Merge branch 'master' into cancancan

6 years agoConvert some model mixins to concerns
Tom Hughes [Mon, 29 Oct 2018 19:14:55 +0000 (19:14 +0000)]
Convert some model mixins to concerns

6 years agoUpdate mailmap
Tom Hughes [Mon, 29 Oct 2018 12:48:32 +0000 (12:48 +0000)]
Update mailmap

6 years agoUpdate translation keys for renaming of user to users
Tom Hughes [Mon, 29 Oct 2018 12:45:17 +0000 (12:45 +0000)]
Update translation keys for renaming of user to users

6 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 29 Oct 2018 07:12:55 +0000 (08:12 +0100)]
Localisation updates from https://translatewiki.net.

6 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 25 Oct 2018 08:31:58 +0000 (10:31 +0200)]
Localisation updates from https://translatewiki.net.

6 years agoCheck the oauth token and then use the capabilities directly
Andy Allan [Wed, 24 Oct 2018 14:48:54 +0000 (16:48 +0200)]
Check the oauth token and then use the capabilities directly

6 years agoRework capabilities to avoid assumptions about missing tokens
Andy Allan [Wed, 24 Oct 2018 10:07:00 +0000 (12:07 +0200)]
Rework capabilities to avoid assumptions about missing tokens

The logic about missing tokens implying logged in users (and that
all logged in users have access to any method protected by a token
capability) is correct. However, I believe it is both confusing and
brittle, and leaves a security-related door ajar for future foot-gun
incidents.

Instead, apply Abilities as normal, and keep the Capabilities
involvement only for situations where a token is provided. This
reduces the cognitive burden when considering Abilities in isolation.

6 years agoRework the default denied access handler to give different responses to tokens, logge...
Andy Allan [Wed, 24 Oct 2018 07:39:02 +0000 (09:39 +0200)]
Rework the default denied access handler to give different responses to tokens, logged in users and other users