rails.git
2 years agoFix styling of nested lists in rich text
Tom Hughes [Wed, 16 Jan 2019 10:09:47 +0000 (10:09 +0000)]
Fix styling of nested lists in rich text

2 years agoAdd noopener and noreferer to links in user generated content
Tom Hughes [Wed, 9 Jan 2019 18:00:47 +0000 (18:00 +0000)]
Add noopener and noreferer to links in user generated content

2 years agoSwitch to using kramdown for markdown formatting
Tom Hughes [Wed, 9 Jan 2019 17:52:24 +0000 (17:52 +0000)]
Switch to using kramdown for markdown formatting

Fixes #2103

2 years agoAllow everybody to create new notes
Tom Hughes [Wed, 9 Jan 2019 18:13:05 +0000 (18:13 +0000)]
Allow everybody to create new notes

Fixes #2110

2 years agoMerge remote-tracking branch 'upstream/pull/2109'
Tom Hughes [Wed, 9 Jan 2019 17:27:16 +0000 (17:27 +0000)]
Merge remote-tracking branch 'upstream/pull/2109'

2 years agoMerge remote-tracking branch 'upstream/pull/2108'
Tom Hughes [Wed, 9 Jan 2019 17:24:28 +0000 (17:24 +0000)]
Merge remote-tracking branch 'upstream/pull/2108'

2 years agoMerge remote-tracking branch 'upstream/pull/2107'
Tom Hughes [Wed, 9 Jan 2019 17:20:08 +0000 (17:20 +0000)]
Merge remote-tracking branch 'upstream/pull/2107'

2 years agoMerge remote-tracking branch 'upstream/pull/2106'
Tom Hughes [Wed, 9 Jan 2019 17:16:01 +0000 (17:16 +0000)]
Merge remote-tracking branch 'upstream/pull/2106'

2 years agoMerge remote-tracking branch 'upstream/pull/2105'
Tom Hughes [Wed, 9 Jan 2019 17:14:53 +0000 (17:14 +0000)]
Merge remote-tracking branch 'upstream/pull/2105'

2 years agoUse CanCanCan for oauth clients controller
Andy Allan [Wed, 9 Jan 2019 14:34:54 +0000 (15:34 +0100)]
Use CanCanCan for oauth clients controller

2 years agoUse CanCanCan for messages controller
Andy Allan [Wed, 9 Jan 2019 14:27:29 +0000 (15:27 +0100)]
Use CanCanCan for messages controller

2 years agoUse a builder view for the capabilities call
Andy Allan [Wed, 9 Jan 2019 13:30:18 +0000 (14:30 +0100)]
Use a builder view for the capabilities call

This is easier to work with than building the XML document by hand
in the controller.

2 years agoUse full list of osm xml root attributes in builder templates
Andy Allan [Wed, 9 Jan 2019 13:15:39 +0000 (14:15 +0100)]
Use full list of osm xml root attributes in builder templates

2 years agoUse CanCanCan for changesets controller
Andy Allan [Wed, 9 Jan 2019 11:22:39 +0000 (12:22 +0100)]
Use CanCanCan for changesets controller

The expand_bbox method now needs require_write_api capability on tokens.

2 years agoUse CanCanCan for traces controller
Andy Allan [Wed, 9 Jan 2019 10:40:54 +0000 (11:40 +0100)]
Use CanCanCan for traces controller

2 years agoUse CanCanCan for swf controller
Andy Allan [Wed, 9 Jan 2019 09:32:57 +0000 (10:32 +0100)]
Use CanCanCan for swf controller

2 years agoSkip authorization checks for amf controller
Andy Allan [Wed, 9 Jan 2019 09:26:12 +0000 (10:26 +0100)]
Skip authorization checks for amf controller

2 years agoAdd missing authorize_resource declaration to geocoder controller
Andy Allan [Wed, 9 Jan 2019 09:14:52 +0000 (10:14 +0100)]
Add missing authorize_resource declaration to geocoder controller

2 years agoUse CanCanCan for directions controller
Andy Allan [Wed, 9 Jan 2019 09:12:14 +0000 (10:12 +0100)]
Use CanCanCan for directions controller

2 years agoUse CanCanCan for browse controller
Andy Allan [Wed, 9 Jan 2019 09:10:12 +0000 (10:10 +0100)]
Use CanCanCan for browse controller

2 years agoUpdate bundle
Tom Hughes [Tue, 8 Jan 2019 18:21:03 +0000 (18:21 +0000)]
Update bundle

2 years agoRevert to omniauth-google-oauth2 version 0.5.3
Tom Hughes [Tue, 8 Jan 2019 09:40:38 +0000 (09:40 +0000)]
Revert to omniauth-google-oauth2 version 0.5.3

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 7 Jan 2019 09:19:15 +0000 (10:19 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoFix new rubocop warning
Tom Hughes [Mon, 7 Jan 2019 09:04:13 +0000 (09:04 +0000)]
Fix new rubocop warning

2 years agoUpdate bundle
Tom Hughes [Mon, 7 Jan 2019 08:58:37 +0000 (08:58 +0000)]
Update bundle

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 3 Jan 2019 15:50:51 +0000 (16:50 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoUse CanCanCan for export controller
Andy Allan [Wed, 2 Jan 2019 18:21:10 +0000 (19:21 +0100)]
Use CanCanCan for export controller

2 years agoUse CanCanCan for search controller
Andy Allan [Wed, 2 Jan 2019 18:17:32 +0000 (19:17 +0100)]
Use CanCanCan for search controller

2 years agoMerge remote-tracking branch 'gravitystorm/terms_capabilities'
Tom Hughes [Wed, 2 Jan 2019 17:24:18 +0000 (17:24 +0000)]
Merge remote-tracking branch 'gravitystorm/terms_capabilities'

2 years agoRequire terms agreement for abilities and capabilities related to api write methods
Andy Allan [Wed, 2 Jan 2019 16:40:43 +0000 (17:40 +0100)]
Require terms agreement for abilities and capabilities related to api write methods

2 years agoReplace custom panning with new panInside leaflet method
Tom Hughes [Wed, 2 Jan 2019 11:03:06 +0000 (11:03 +0000)]
Replace custom panning with new panInside leaflet method

2 years agoUpdate leaflet.locate.js
Tom Hughes [Wed, 2 Jan 2019 10:58:28 +0000 (10:58 +0000)]
Update leaflet.locate.js

2 years agoUpdate leaflet to 1.4.0
Tom Hughes [Wed, 2 Jan 2019 10:51:31 +0000 (10:51 +0000)]
Update leaflet to 1.4.0

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 31 Dec 2018 17:05:03 +0000 (18:05 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoAllow inline styling on pages that display the map
Tom Hughes [Mon, 31 Dec 2018 09:30:40 +0000 (09:30 +0000)]
Allow inline styling on pages that display the map

Both leaflet itself and at least one of our plugins use inline
styling to style markers so we need to allow it.

Fixes #2093

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 27 Dec 2018 09:58:51 +0000 (10:58 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 17 Dec 2018 08:04:08 +0000 (09:04 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoMerge remote-tracking branch 'upstream/pull/2087'
Tom Hughes [Thu, 13 Dec 2018 15:49:34 +0000 (15:49 +0000)]
Merge remote-tracking branch 'upstream/pull/2087'

2 years agoUpdate to iD v2.12.2
Bryan Housel [Thu, 13 Dec 2018 15:34:21 +0000 (10:34 -0500)]
Update to iD v2.12.2

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 13 Dec 2018 08:17:29 +0000 (09:17 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoAllow abilities that require no login for token based access
Tom Hughes [Wed, 12 Dec 2018 22:41:29 +0000 (22:41 +0000)]
Allow abilities that require no login for token based access

Fixes #2085

2 years agoMerge remote-tracking branch 'upstream/pull/2084'
Tom Hughes [Wed, 12 Dec 2018 18:40:13 +0000 (18:40 +0000)]
Merge remote-tracking branch 'upstream/pull/2084'

2 years agoMerge remote-tracking branch 'upstream/pull/2083'
Tom Hughes [Wed, 12 Dec 2018 18:33:23 +0000 (18:33 +0000)]
Merge remote-tracking branch 'upstream/pull/2083'

2 years agoRefactor users_controller to use CanCanCan for authorisation
Andy Allan [Wed, 12 Dec 2018 15:01:54 +0000 (16:01 +0100)]
Refactor users_controller to use CanCanCan for authorisation

2 years agoUse only token capabilities when a token is provided
Andy Allan [Wed, 12 Dec 2018 12:58:38 +0000 (13:58 +0100)]
Use only token capabilities when a token is provided

The Authenticate#allow? method (from oauth-plugin) sets current_user as a side
effect of checking the token. But this allows a valid token to access
all actions that are available to that user, beyond the capabilities for
that token.

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 10 Dec 2018 07:19:29 +0000 (08:19 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoOnly check IP addresses for anonymous note comments
Tom Hughes [Wed, 5 Dec 2018 12:54:55 +0000 (12:54 +0000)]
Only check IP addresses for anonymous note comments

2 years agoMerge remote-tracking branch 'upstream/pull/2080'
Tom Hughes [Wed, 5 Dec 2018 08:23:54 +0000 (08:23 +0000)]
Merge remote-tracking branch 'upstream/pull/2080'

2 years agoUpdate to iD v2.12.1
Bryan Housel [Wed, 5 Dec 2018 07:04:18 +0000 (02:04 -0500)]
Update to iD v2.12.1

2 years agoMerge remote-tracking branch 'upstream/pull/2079'
Tom Hughes [Tue, 4 Dec 2018 20:41:34 +0000 (20:41 +0000)]
Merge remote-tracking branch 'upstream/pull/2079'

2 years agoUpdate to rails 5.2.2
Tom Hughes [Tue, 4 Dec 2018 20:41:06 +0000 (20:41 +0000)]
Update to rails 5.2.2

2 years agoUpdate to iD v2.12.0
Bryan Housel [Tue, 4 Dec 2018 03:25:48 +0000 (22:25 -0500)]
Update to iD v2.12.0

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 3 Dec 2018 06:50:33 +0000 (07:50 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 29 Nov 2018 17:01:06 +0000 (18:01 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoMerge remote-tracking branch 'upstream/pull/2078'
Tom Hughes [Wed, 28 Nov 2018 21:11:32 +0000 (21:11 +0000)]
Merge remote-tracking branch 'upstream/pull/2078'

2 years agoUse CanCanCan for user_roles auth
Andy Allan [Wed, 28 Nov 2018 16:20:13 +0000 (17:20 +0100)]
Use CanCanCan for user_roles auth

2 years agoMerge remote-tracking branch 'upstream/pull/2072'
Tom Hughes [Wed, 28 Nov 2018 18:24:04 +0000 (18:24 +0000)]
Merge remote-tracking branch 'upstream/pull/2072'

2 years agoSplit browse_helper.rb into two modules due to rubocop ModuleLength
Paul Dexter-Sobkowiak [Tue, 27 Nov 2018 01:08:57 +0000 (01:08 +0000)]
Split browse_helper.rb into two modules due to rubocop ModuleLength

2 years agoMerge remote-tracking branch 'upstream/pull/2075'
Tom Hughes [Wed, 28 Nov 2018 18:09:20 +0000 (18:09 +0000)]
Merge remote-tracking branch 'upstream/pull/2075'

2 years agoMerge remote-tracking branch 'upstream/pull/2074'
Tom Hughes [Wed, 28 Nov 2018 18:09:17 +0000 (18:09 +0000)]
Merge remote-tracking branch 'upstream/pull/2074'

2 years agoRemove user_roles integration test since it is not meaningful
Andy Allan [Wed, 28 Nov 2018 16:21:12 +0000 (17:21 +0100)]
Remove user_roles integration test since it is not meaningful

This test has not been meaningful for a long while, since both check_success and check_fail contain exactly the same code.

Additionally, the test doesn't cover any integrations (beyond logging in), and so it is only covering the same ground as the controller test.

2 years agoRemove the unused require_moderator filter
Andy Allan [Wed, 28 Nov 2018 14:46:37 +0000 (15:46 +0100)]
Remove the unused require_moderator filter

Use of this filter has been refactored to use CanCanCan

2 years agoUse CanCanCan for notes authorization
Andy Allan [Wed, 28 Nov 2018 14:33:43 +0000 (15:33 +0100)]
Use CanCanCan for notes authorization

2 years agoMerge remote-tracking branch 'upstream/pull/2073'
Tom Hughes [Wed, 28 Nov 2018 11:54:00 +0000 (11:54 +0000)]
Merge remote-tracking branch 'upstream/pull/2073'

2 years agoUse CanCanCan for changeset comments
Andy Allan [Wed, 14 Nov 2018 14:45:30 +0000 (15:45 +0100)]
Use CanCanCan for changeset comments

This introduces different deny_access handlers for web and api requests, since we want to avoid sending redirects as API responses. See #2064 for discussion.

2 years agoUpdate to rails 5.2.1.1
Tom Hughes [Tue, 27 Nov 2018 23:10:24 +0000 (23:10 +0000)]
Update to rails 5.2.1.1

2 years agoShow tel: links for multiple phone numbers separated by ;
Paul Dexter-Sobkowiak [Mon, 26 Nov 2018 22:15:19 +0000 (22:15 +0000)]
Show tel: links for multiple phone numbers separated by ;

Closes #2069

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 26 Nov 2018 07:03:14 +0000 (08:03 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 22 Nov 2018 06:38:17 +0000 (07:38 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoAdd links to Welcome Mat on /welcome and /help
Mikel Maron [Tue, 20 Nov 2018 18:46:22 +0000 (18:46 +0000)]
Add links to Welcome Mat on /welcome and /help

Closes #2056

2 years agoUpdate Potlatch 2 to 2.5-59-gdd728d5e build
Tom Hughes [Mon, 19 Nov 2018 18:02:46 +0000 (18:02 +0000)]
Update Potlatch 2 to 2.5-59-gdd728d5e build

2 years agoAllow connect_src to match all sites in Potlatch
Tom Hughes [Mon, 19 Nov 2018 17:34:47 +0000 (17:34 +0000)]
Allow connect_src to match all sites in Potlatch

It seems that Safari matches connections made from a flash application
against connect_src while Firefox uses object_src instead.

Fixes #2067

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 19 Nov 2018 07:48:39 +0000 (08:48 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoFix issues with renaming of diary entry controller
Tom Hughes [Sat, 17 Nov 2018 17:47:51 +0000 (17:47 +0000)]
Fix issues with renaming of diary entry controller

2 years agoTake security policy URLs from the configuration file
Tom Hughes [Thu, 15 Nov 2018 18:47:15 +0000 (18:47 +0000)]
Take security policy URLs from the configuration file

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 15 Nov 2018 07:24:40 +0000 (08:24 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoFix tests for rails 5.2.1 compatibility
Tom Hughes [Thu, 15 Nov 2018 00:46:53 +0000 (00:46 +0000)]
Fix tests for rails 5.2.1 compatibility

Rails 5.2.1 has changed how the request body is handled
internally for a test which means we can no longer cheat
by stashing it in the request environment and must instead
pass it properly to the request method.

2 years agoUpdate to rails 5.2.1
Tom Hughes [Wed, 14 Nov 2018 22:35:44 +0000 (22:35 +0000)]
Update to rails 5.2.1

2 years agoMerge remote-tracking branch 'upstream/pull/2060'
Tom Hughes [Wed, 14 Nov 2018 13:13:56 +0000 (13:13 +0000)]
Merge remote-tracking branch 'upstream/pull/2060'

2 years agoRemove custom deny_access handlers
Andy Allan [Wed, 14 Nov 2018 10:35:30 +0000 (11:35 +0100)]
Remove custom deny_access handlers

Since these pages are not accessed by normal users, except for url fiddling, it's fine to respond with a generic access denied.

2 years agoMerge remote-tracking branch 'upstream/pull/2061'
Tom Hughes [Wed, 14 Nov 2018 12:43:35 +0000 (12:43 +0000)]
Merge remote-tracking branch 'upstream/pull/2061'

2 years agoAdd a changeset to exercise that part of the contact rendering
Andy Allan [Wed, 14 Nov 2018 11:25:21 +0000 (12:25 +0100)]
Add a changeset to exercise that part of the contact rendering

2 years agoEnsure that the blocked template rendering works
Andy Allan [Wed, 14 Nov 2018 11:18:53 +0000 (12:18 +0100)]
Ensure that the blocked template rendering works

2 years agoCheck that a request that requires authentication is redirected when the user hasn...
Andy Allan [Wed, 14 Nov 2018 11:09:46 +0000 (12:09 +0100)]
Check that a request that requires authentication is redirected when the user hasn't seen the terms

2 years agoMerge remote-tracking branch 'upstream/pull/2058'
Tom Hughes [Wed, 14 Nov 2018 10:48:18 +0000 (10:48 +0000)]
Merge remote-tracking branch 'upstream/pull/2058'

2 years agoPluralize changesets controller
Andy Allan [Wed, 7 Nov 2018 16:12:23 +0000 (17:12 +0100)]
Pluralize changesets controller

2 years agoSkip CSRF verification for changeset comment actions
Tom Hughes [Tue, 13 Nov 2018 13:17:19 +0000 (13:17 +0000)]
Skip CSRF verification for changeset comment actions

Fixes #2057

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Mon, 12 Nov 2018 07:48:53 +0000 (08:48 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoUpdate Potlatch 2 to 2.5-57-gaa163622 build
Tom Hughes [Fri, 9 Nov 2018 16:07:35 +0000 (16:07 +0000)]
Update Potlatch 2 to 2.5-57-gaa163622 build

2 years agoUpdate Potlatch 2 to 2.5-56-g550aab49 build
Tom Hughes [Fri, 9 Nov 2018 14:33:00 +0000 (14:33 +0000)]
Update Potlatch 2 to 2.5-56-g550aab49 build

2 years agoAttempt to send pretty 403 errors to web browsers
Tom Hughes [Thu, 8 Nov 2018 19:09:56 +0000 (19:09 +0000)]
Attempt to send pretty 403 errors to web browsers

2 years agoMerge remote-tracking branch 'upstream/pull/2051'
Tom Hughes [Thu, 8 Nov 2018 17:51:23 +0000 (17:51 +0000)]
Merge remote-tracking branch 'upstream/pull/2051'

2 years agoMerge remote-tracking branch 'upstream/pull/2052'
Tom Hughes [Thu, 8 Nov 2018 17:44:57 +0000 (17:44 +0000)]
Merge remote-tracking branch 'upstream/pull/2052'

2 years agoMerge remote-tracking branch 'upstream/pull/2050'
Tom Hughes [Thu, 8 Nov 2018 17:31:30 +0000 (17:31 +0000)]
Merge remote-tracking branch 'upstream/pull/2050'

2 years agoLocalisation updates from https://translatewiki.net.
translatewiki.net [Thu, 8 Nov 2018 09:08:59 +0000 (10:08 +0100)]
Localisation updates from https://translatewiki.net.

2 years agoMerge remote-tracking branch 'upstream/pull/2053'
Tom Hughes [Wed, 7 Nov 2018 15:55:38 +0000 (15:55 +0000)]
Merge remote-tracking branch 'upstream/pull/2053'

2 years agoRemove unnecessary include from redaction model test
Andy Allan [Wed, 7 Nov 2018 15:48:48 +0000 (16:48 +0100)]
Remove unnecessary include from redaction model test

2 years agoRemove unnecessary require statements from tests
Andy Allan [Wed, 7 Nov 2018 15:42:11 +0000 (16:42 +0100)]
Remove unnecessary require statements from tests

2 years agoPluralize diary entries controller
Andy Allan [Wed, 7 Nov 2018 15:31:04 +0000 (16:31 +0100)]
Pluralize diary entries controller

2 years agoPluralize old_ controllers
Andy Allan [Wed, 7 Nov 2018 15:02:22 +0000 (16:02 +0100)]
Pluralize old_ controllers