From: Andy Allan Date: Wed, 13 Mar 2024 15:51:41 +0000 (+0000) Subject: Merge pull request #4557 from AntonKhorev/rename-api-old-version X-Git-Tag: live~1388 X-Git-Url: https://git.openstreetmap.org/rails.git/commitdiff_plain/ac01ada27496434ff20394278faafb3a0277eb8d?hp=ad96da4518adbe378eedb072ef5834a992ea6576 Merge pull request #4557 from AntonKhorev/rename-api-old-version Rename api old element actions and path helpers --- diff --git a/Gemfile b/Gemfile index 832b96c9a..0b7e25ec9 100644 --- a/Gemfile +++ b/Gemfile @@ -53,6 +53,7 @@ gem "bootstrap_form", "~> 5.0" gem "cancancan" gem "config" gem "delayed_job_active_record" +gem "dry-validation" gem "frozen_record" gem "http_accept_language", "~> 2.1.1" gem "i18n-js", "~> 3.9.2" diff --git a/Gemfile.lock b/Gemfile.lock index 384a3055b..b8d62ae73 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -95,7 +95,7 @@ GEM autoprefixer-rails (10.4.16.0) execjs (~> 2) aws-eventstream (1.3.0) - aws-partitions (1.894.0) + aws-partitions (1.896.0) aws-sdk-core (3.191.3) aws-eventstream (~> 1, >= 1.3.0) aws-partitions (~> 1, >= 1.651.0) @@ -123,8 +123,8 @@ GEM parser (>= 2.4) smart_properties bigdecimal (3.1.6) - binding_of_caller (1.0.0) - debug_inspector (>= 0.0.1) + binding_of_caller (1.0.1) + debug_inspector (>= 1.2.0) bootsnap (1.18.3) msgpack (~> 1.2) bootstrap (5.3.2) @@ -153,9 +153,8 @@ GEM regexp_parser (>= 1.5, < 3.0) xpath (~> 3.2) concurrent-ruby (1.2.3) - config (5.1.0) + config (5.3.0) deep_merge (~> 1.2, >= 1.2.1) - dry-validation (~> 1.0, >= 1.0.0) connection_pool (2.4.1) crack (1.0.0) bigdecimal @@ -186,8 +185,7 @@ GEM doorkeeper-openid_connect (1.8.8) doorkeeper (>= 5.5, < 5.7) jwt (>= 2.5) - drb (2.2.0) - ruby2_keywords + drb (2.2.1) dry-configurable (1.1.0) dry-core (~> 1.0, < 2) zeitwerk (~> 2.6) @@ -260,7 +258,7 @@ GEM highline (3.0.1) htmlentities (4.3.4) http_accept_language (2.1.1) - i18n (1.14.1) + i18n (1.14.4) concurrent-ruby (~> 1.0) i18n-js (3.9.2) i18n (>= 0.6.6) @@ -291,7 +289,7 @@ GEM image_size (3.4.0) in_threads (1.6.0) io-console (0.7.2) - irb (1.11.2) + irb (1.12.0) rdoc reline (>= 0.4.2) jbuilder (2.11.5) @@ -303,14 +301,14 @@ GEM railties (>= 4.2.0) thor (>= 0.14, < 2.0) json (2.7.1) - jwt (2.8.0) + jwt (2.8.1) base64 kgio (2.11.4) kramdown (2.4.0) rexml language_server-protocol (3.17.0.3) libv8-node (18.16.0.0) - libxml-ruby (5.0.2) + libxml-ruby (5.0.3) listen (3.9.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) @@ -325,7 +323,7 @@ GEM net-imap net-pop net-smtp - marcel (1.0.2) + marcel (1.0.4) matrix (0.4.2) maxminddb (0.1.22) mini_magick (4.12.0) @@ -406,7 +404,7 @@ GEM parser (3.3.0.5) ast (~> 2.4.1) racc - pg (1.5.5) + pg (1.5.6) popper_js (2.11.8) progress (3.6.0) psych (5.1.2) @@ -417,7 +415,7 @@ GEM quad_tile (1.0.1) racc (1.7.3) rack (2.2.8.1) - rack-cors (2.0.1) + rack-cors (2.0.2) rack (>= 2.0.0) rack-openid (1.4.2) rack (>= 1.1.0) @@ -487,7 +485,7 @@ GEM rouge (4.2.0) rtlcss (0.2.1) mini_racer (>= 0.6.3) - rubocop (1.60.2) + rubocop (1.62.1) json (~> 2.3) language_server-protocol (>= 3.17.0) parallel (~> 1.10) @@ -495,33 +493,32 @@ GEM rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 1.8, < 3.0) rexml (>= 3.2.5, < 4.0) - rubocop-ast (>= 1.30.0, < 2.0) + rubocop-ast (>= 1.31.1, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 2.4.0, < 3.0) - rubocop-ast (1.30.0) - parser (>= 3.2.1.0) + rubocop-ast (1.31.2) + parser (>= 3.3.0.4) rubocop-capybara (2.20.0) rubocop (~> 1.41) rubocop-factory_bot (2.25.1) rubocop (~> 1.41) - rubocop-minitest (0.34.5) - rubocop (>= 1.39, < 2.0) - rubocop-ast (>= 1.30.0, < 2.0) + rubocop-minitest (0.35.0) + rubocop (>= 1.61, < 2.0) + rubocop-ast (>= 1.31.1, < 2.0) rubocop-performance (1.20.2) rubocop (>= 1.48.1, < 2.0) rubocop-ast (>= 1.30.0, < 2.0) - rubocop-rails (2.23.1) + rubocop-rails (2.24.0) activesupport (>= 4.2.0) rack (>= 1.1) rubocop (>= 1.33.0, < 2.0) - rubocop-ast (>= 1.30.0, < 2.0) + rubocop-ast (>= 1.31.1, < 2.0) rubocop-rake (0.6.0) rubocop (~> 1.0) ruby-openid (2.9.2) ruby-progressbar (1.13.0) ruby-vips (2.2.1) ffi (~> 1.12) - ruby2_keywords (0.0.5) rubyzip (2.3.2) sanitize (6.1.0) crass (~> 1.0.2) @@ -557,7 +554,7 @@ GEM activesupport (>= 5.2) sprockets (>= 3.0.0) stringio (3.1.0) - strong_migrations (1.7.0) + strong_migrations (1.8.0) activerecord (>= 5.2) terminal-table (3.0.2) unicode-display_width (>= 1.1.1, < 3) @@ -619,6 +616,7 @@ DEPENDENCIES doorkeeper doorkeeper-i18n doorkeeper-openid_connect + dry-validation erb_lint factory_bot_rails faraday diff --git a/app/assets/javascripts/login.js b/app/assets/javascripts/login.js index 5853193bc..43e2cf660 100644 --- a/app/assets/javascripts/login.js +++ b/app/assets/javascripts/login.js @@ -14,7 +14,8 @@ $(document).ready(function () { }); // Add click handler to show OpenID field - $("#openid_open_url").click(function () { + $("#openid_open_url").click(function (e) { + e.preventDefault(); $("#openid_url").val("http://"); $("#login_auth_buttons").hide(); $("#login_openid_url").show(); diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb index 75db7f73b..686e81630 100644 --- a/app/controllers/api_controller.rb +++ b/app/controllers/api_controller.rb @@ -112,8 +112,6 @@ class ApiController < ApplicationController # authenticate per-scheme self.current_user = if username.nil? nil # no authentication provided - perhaps first connect (client should retry after 401) - elsif username == "token" - User.authenticate(:token => passwd) # preferred - random token for user from db, passed in basic auth else User.authenticate(:username => username, :password => passwd) # basic auth end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 0a7df0994..488e6a818 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -44,8 +44,6 @@ class ApplicationController < ActionController::Base redirect_to :controller => "users", :action => "terms", :referer => request.fullpath end end - elsif session[:token] - session[:user] = current_user.id if self.current_user = User.authenticate(:token => session[:token]) end session[:fingerprint] = current_user.fingerprint if current_user && session[:fingerprint].nil? diff --git a/app/controllers/confirmations_controller.rb b/app/controllers/confirmations_controller.rb index 48b8dabf2..7bbb3a093 100644 --- a/app/controllers/confirmations_controller.rb +++ b/app/controllers/confirmations_controller.rb @@ -15,10 +15,7 @@ class ConfirmationsController < ApplicationController def confirm if request.post? - token = params[:confirm_string] - - user = User.find_by_token_for(:new_user, token) || - UserToken.unexpired.find_by(:token => token)&.user + user = User.find_by_token_for(:new_user, params[:confirm_string]) if !user flash[:error] = t(".unknown token") @@ -34,7 +31,6 @@ class ConfirmationsController < ApplicationController flash[:notice] = gravatar_status_message(user) if gravatar_enable(user) user.save! referer = safe_referer(params[:referer]) if params[:referer] - UserToken.delete_by(:token => token) pending_user = session.delete(:pending_user) @@ -70,10 +66,7 @@ class ConfirmationsController < ApplicationController def confirm_email if request.post? - token = params[:confirm_string] - - self.current_user = User.find_by_token_for(:new_email, token) || - UserToken.unexpired.find_by(:token => params[:confirm_string])&.user + self.current_user = User.find_by_token_for(:new_email, params[:confirm_string]) if current_user&.new_email? current_user.email = current_user.new_email @@ -89,7 +82,6 @@ class ConfirmationsController < ApplicationController else flash[:errors] = current_user.errors end - current_user.tokens.delete_all session[:user] = current_user.id session[:fingerprint] = current_user.fingerprint elsif current_user diff --git a/app/controllers/passwords_controller.rb b/app/controllers/passwords_controller.rb index 25b2b9607..26b21b6d9 100644 --- a/app/controllers/passwords_controller.rb +++ b/app/controllers/passwords_controller.rb @@ -19,8 +19,7 @@ class PasswordsController < ApplicationController @title = t ".title" if params[:token] - self.current_user = User.find_by_token_for(:password_reset, params[:token]) || - UserToken.unexpired.find_by(:token => params[:token])&.user + self.current_user = User.find_by_token_for(:password_reset, params[:token]) if current_user.nil? flash[:error] = t ".flash token bad" @@ -51,8 +50,7 @@ class PasswordsController < ApplicationController def update if params[:token] - self.current_user = User.find_by_token_for(:password_reset, params[:token]) || - UserToken.unexpired.find_by(:token => params[:token])&.user + self.current_user = User.find_by_token_for(:password_reset, params[:token]) if current_user if params[:user] @@ -62,7 +60,6 @@ class PasswordsController < ApplicationController current_user.email_valid = true if current_user.save - UserToken.delete_by(:token => params[:token]) session[:fingerprint] = current_user.fingerprint flash[:notice] = t ".flash changed" successful_login(current_user) diff --git a/app/models/user.rb b/app/models/user.rb index 125e5e973..45ecbcc1b 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -57,7 +57,6 @@ class User < ApplicationRecord has_many :muted_messages, -> { where(:to_user_visible => true, :muted => true).order(:sent_on => :desc).preload(:sender, :recipient) }, :class_name => "Message", :foreign_key => :to_user_id has_many :friendships, -> { joins(:befriendee).where(:users => { :status => %w[active confirmed] }) } has_many :friends, :through => :friendships, :source => :befriendee - has_many :tokens, :class_name => "UserToken", :dependent => :destroy has_many :preferences, :class_name => "UserPreference" has_many :changesets, -> { order(:created_at => :desc) }, :inverse_of => :user has_many :changeset_comments, :foreign_key => :author_id, :inverse_of => :author @@ -165,9 +164,6 @@ class User < ApplicationRecord else user = nil end - elsif options[:token] - token = UserToken.find_by(:token => options[:token]) - user = token.user if token end if user && @@ -177,8 +173,6 @@ class User < ApplicationRecord user = nil end - token.update(:expiry => 1.week.from_now) if token && user - user end @@ -366,9 +360,9 @@ class User < ApplicationRecord diary_comment_score = diary_comments.visible.inject(0) { |acc, elem| acc + elem.body.spam_score } score = description.spam_score / 4.0 - score += diary_entries.where("created_at > ?", 1.day.ago).count * 10 - score += diary_entry_score / diary_entries.length unless diary_entries.empty? - score += diary_comment_score / diary_comments.length unless diary_comments.empty? + score += diary_entries.visible.where("created_at > ?", 1.day.ago).count * 10 + score += diary_entry_score / diary_entries.visible.length unless diary_entries.visible.empty? + score += diary_comment_score / diary_comments.visible.length unless diary_comments.visible.empty? score -= changeset_score score -= trace_score diff --git a/app/models/user_token.rb b/app/models/user_token.rb deleted file mode 100644 index fbd276a6f..000000000 --- a/app/models/user_token.rb +++ /dev/null @@ -1,38 +0,0 @@ -# == Schema Information -# -# Table name: user_tokens -# -# id :bigint(8) not null, primary key -# user_id :bigint(8) not null -# token :string not null -# expiry :datetime not null -# referer :text -# -# Indexes -# -# user_tokens_token_idx (token) UNIQUE -# user_tokens_user_id_idx (user_id) -# -# Foreign Keys -# -# user_tokens_user_id_fkey (user_id => users.id) -# - -class UserToken < ApplicationRecord - belongs_to :user - - scope :unexpired, -> { where("expiry >= now()") } - - after_initialize :set_defaults - - def expired? - expiry < Time.now.utc - end - - private - - def set_defaults - self.token = OSM.make_token if token.blank? - self.expiry = 1.week.from_now if expiry.blank? - end -end diff --git a/app/views/changesets/show.html.erb b/app/views/changesets/show.html.erb index 57a3fdb56..fdaf7654c 100644 --- a/app/views/changesets/show.html.erb +++ b/app/views/changesets/show.html.erb @@ -80,11 +80,11 @@ <%= render :partial => "paging_nav", :locals => { :type => "way", :pages => @way_pages } %> <% end %> @@ -93,11 +93,11 @@ <%= render :partial => "paging_nav", :locals => { :type => "relation", :pages => @relation_pages } %> <% end %> @@ -106,11 +106,11 @@ <%= render :partial => "paging_nav", :locals => { :type => "node", :pages => @node_pages } %> <% end %> diff --git a/app/views/layouts/map.html.erb b/app/views/layouts/map.html.erb index f6a7473a4..9c1eb7020 100644 --- a/app/views/layouts/map.html.erb +++ b/app/views/layouts/map.html.erb @@ -44,10 +44,9 @@