1. 08 May, 2019 1 commit
    • dgt's avatar
      Fix: render posts without redirect · e8492e70
      dgt authored
      seems like some browser loose the accept header for javascript when redirecting.
      this makes rails look for a non existing html template
  2. 26 Nov, 2018 1 commit
  3. 18 Oct, 2018 1 commit
  4. 11 Oct, 2018 1 commit
    • dgt's avatar
      Remove event pages code · 9d0288ce
      dgt authored
      events have not been used for a long time.
      this commit removes everything besides the icons
  5. 02 Jul, 2018 1 commit
    • azul's avatar
      fix: prevent 500 on invalid format urls · b83bc9bb
      azul authored
      during scans we often see requests for
      and similar.
      Since a test group exists this request will trigger the Group::HomeController
      and attempt to render an xml version.
      This leads to a  template not found exception resulting in a 500 response.
      Instead we now only accept html requests to the context_urls (the ones without a prefix).
      This should deal with most of these requests.
      We might want to add format constraints to all routes
       - this would result in blocking requests
  6. 17 May, 2018 1 commit
  7. 16 May, 2018 1 commit
  8. 08 May, 2018 1 commit
    • dgt's avatar
      Remove prototype_legacy_helper · 9364bca5
      dgt authored
      it was only used in dead code which was formerly used for wiki diffs
      Wiki::DiffsController, routes, view, translation key  and controller tests are removed as well.
  9. 13 Feb, 2018 1 commit
  10. 30 Sep, 2017 1 commit
  11. 12 Sep, 2017 2 commits
  12. 02 Jul, 2017 1 commit
    • azul's avatar
      refactor: only use short routes for GET requests · 65c64ba7
      azul authored
      We don't really need beautiful paths to PUT form data to.
      This is meant to make refactoring the context_pages_controller
      from a DispatchController to a real controller easier.
      Dropping some responsibilities so we do not have to worry about them.
  13. 31 Jan, 2017 1 commit
    • azul's avatar
      cleanup: activities controller and views · 219130ff
      azul authored
      We don't link to it right now anyway and it's broken so we should
      not have routes to it and while we're at it we might as well remove
      it entirely as we can always bring it back from history.
  14. 01 Sep, 2016 2 commits
  15. 15 Jul, 2015 1 commit
  16. 14 Jul, 2015 1 commit
  17. 11 Jul, 2015 1 commit
  18. 05 Jul, 2015 1 commit
  19. 01 Jul, 2015 1 commit
    • azul's avatar
      make comments and messages more robust · c650b485
      azul authored
      We now use two controller actions ... one for generating the post and
      then we redirect to one for rerendering the list of posts.
      This way we can set @post to the created post in the creation action
      and track it and have a new Post as @post in the index action.
  20. 30 Jun, 2015 1 commit
    • azul's avatar
      use redirects to PagePostsController#show to rerender comments · 8f8f416b
      azul authored
       When updating or staring a post we redirect to it which will rerender it
       on the page.
       The redirect also means that page reloads work nicely. They do not trigger
       the starring again. In the long run it may also allow us to benefit from
       turbo links as turbo links handles GET requests only - which include GETs as
       a result of redirects.
       This way we can ignore all error cases for starring because the current state
       will be rendered to the view either way. So if a post already was starred and
       a user tries to star it again it will just see the starred post when the
       request returns - no need for an error message.
  21. 26 Jun, 2015 1 commit
  22. 11 Jun, 2015 1 commit
    • azul's avatar
      use destroy action for removing posts · 0ca108d2
      azul authored
      We used update before with a destroy flag. This probably was because
      the button should show up in a form that submits to update.
      So instead of using a submit button for destroy i now use a link styled
      as a button with method: :delete and remote: true.
  23. 01 Jun, 2015 1 commit
  24. 29 May, 2015 1 commit
  25. 28 May, 2015 1 commit
  26. 19 May, 2015 1 commit
    • azul's avatar
      remove new avatar action, avoid polymorphic path · 07f9eb93
      azul authored
      We can always use the edit action. There is one avatar per entity only.
      Note however that the edit action will either use the current avatar or Avatar.new
      which leads to different urls in the rendered file upload form.
      This way we still have a create and an update action - which makes sense because
      we want to behave different for the first avatar uploaded.
      Having one action also makes it easier to pick the right path in avatar_field.
      This way we can avoid both - the polymorphic path that has caused 500's lately
      and a nested if else structure for :new and :edit, group and me.
  27. 06 May, 2015 1 commit
    • azul's avatar
      cleanup: remove all traces of MODS · 63f3ba3d
      azul authored
      We can bring them back in case we need them again at some point.
      Rails seems to have it's own mechanisms for allowing such things now such
      as the engine load order and overwriting model behaviour by including
      Concerns in config.to_prepare.
      I think this also does what we want in terms of reloading files in development
      and caching them in production.
  28. 12 Feb, 2015 1 commit
    • azul's avatar
      ghosts now link to /none and display :deleted.t · ee13ef1c
      azul authored
      /anonymous was already taken on we.riseup.net - so was /ghost.
      Whenever link_to_user is used we will also not link at all but add the ghost
      class instead so ghost users can be styled and we have less dead links.
  29. 08 Dec, 2014 1 commit
    • azul's avatar
      fix avatar uploads - fixes #8341 · e7608b23
      azul authored
      when setting perform_caching to true we also protected the method
      -> broke external call of that method. using hide_action instead.
      Also moved this into a shared module and changed avatar into singular
      resource for groups and me
  30. 07 Dec, 2014 1 commit
  31. 16 Nov, 2014 1 commit
  32. 23 Oct, 2014 1 commit
    • azul's avatar
      add POST routes for page search · 1128e881
      azul authored
      at some point we should probably make this controller restful:
       * show - show current page filter
       * create - add a new filter
       * delete - remove a filter
      The path could remain the same.
  33. 09 Oct, 2014 1 commit
  34. 08 Oct, 2014 1 commit
    • azul's avatar
      restrict routes to only match actions that are available · df6e67cf
      azul authored
      here's what i did to find the routes that are too permissive:
      routes = Rails.application.routes.routes; nil
      route_defaults = routes.map(&:defaults); nil
      route_actions = route_defaults.inject(Hash.new) do |h, d|
        h[d[:controller]] ||= []
        h[d[:controller]] << d[:action]
      end ; nil
      routes_too_permissive = route_actions.map do |controller, actions|
             next unless controller.present?
           controller_class = "#{controller}_controller".classify
          next unless defined?(controller_class)
           controller_actions =
           next if (actions - controller_actions).blank?
           {controller: controller, route_actions: actions.sort.uniq,
      controller_actions: controller_actions.map(&:to_sym)}
        end; nil
      pp routes_too_permissive.compact
  35. 07 Oct, 2014 2 commits
  36. 04 Oct, 2014 1 commit
  37. 03 Oct, 2014 1 commit