aboutsummaryrefslogtreecommitdiffstats
path: root/perllib/FixMyStreet/App/Controller
Commit message (Collapse)AuthorAgeLines
* Offline process for CSV generation.M Somerville2020-08-11-2/+73
| | | | | Include a status page, the option for access token requests to use this system, and a script for manual generation.
* Refactor out CSV generation to its own package.M Somerville2020-08-11-290/+34
|
* Remove use of $c from various functions.M Somerville2020-08-06-11/+15
| | | | This means these functions can more easily be used in a non-web context.
* Add database index for user full text search.M Somerville2020-08-06-16/+1
|
* Add extra ordering to search query to force full text index use.Matthew Somerville2020-08-06-1/+6
|
* Add photo upload field to inspector formChris Mytton2020-08-06-0/+7
| | | | | This adds the code for photo uploads from the regular update form to the inspector form, and adds details to the documentation.
* Do not error in export if report has bad category.M Somerville2020-08-04-1/+1
| | | | | | If category groups are enabled, the CSV export includes a subcategory, but it was only fetching a valid groups value if the row's contact was found.
* Lowercase contact email when looking for user.Matthew Somerville2020-08-03-1/+1
|
* Add database index for full text search.Matthew Somerville2020-07-31-31/+15
|
* Prefetch user bodies in admin user search.Matthew Somerville2020-07-31-2/+5
|
* Centralise update creation to include fields.Matthew Somerville2020-07-14-54/+7
| | | | | | Given the user, we can infer the name if not provided, and the extra data if a staff user. We can also provide defaults for various other fields. Always have superuser take precedence over from_body.
* Merge branch 'hibp'Matthew Somerville2020-07-08-14/+40
|\
| * Add option to check password on Have I Been Pwned.Matthew Somerville2020-07-07-14/+40
| | | | | | | | | | | | | | If switched on, sends first five letters of the SHA1 hash of the entered password to HIBP's API, which then returns all matching hashes in their database of breached passwords. If we find a match, tell the user they need to pick a different password.
* | Better sort admin user table.Matthew Somerville2020-07-07-14/+9
|/ | | | | Sort the table when showing search results, and show users without name at the bottom, rather than at the top.
* Factor out/default Open311 construction object.Matthew Somerville2020-07-06-29/+1
| | | | This simplifies the code wherever used.
* Add allowed_domains OIDC config to limit logins to specific domainsDave Arter2020-07-02-0/+8
|
* Include redirect URI when fetching OIDC access tokenDave Arter2020-07-02-0/+1
|
* OIDC scope/token parsing improvementsDave Arter2020-07-02-5/+16
| | | | | | | - Cobrand config can now specify custom scope and other params e.g. G Suite supports per-domain customisation and the ‘prompt’ param to always ask the user to select the account they want to login with. - Token may have an ‘name’ claim instead of needing to concat given_/family_name claims
* Rename O::L::C::W::Azure to O::L::C::W::AuthCodeFlowDave Arter2020-07-02-2/+2
| | | | Turns out there’s nothing strictly Azure-specific about it.
* Only show access tokens once, and store hashed.Matthew Somerville2020-06-30-3/+4
|
* Merge branch 'issues/commercial/1906-he-anon-all'Matthew Somerville2020-06-10-19/+14
|\
| * [Highways England] Anonymize all names on cobrand.Matthew Somerville2020-06-09-0/+5
| |
| * [Open311] Return reports in all closed states.Matthew Somerville2020-06-09-1/+1
| |
| * [Open311] Use indexed way of searching by body.Matthew Somerville2020-06-09-18/+8
| |
* | Merge branch 'recaptcha'Matthew Somerville2020-06-09-0/+3
|\ \
| * | [fixmystreet.com] Add option for recaptcha.Matthew Somerville2020-06-04-0/+3
| | | | | | | | | | | | | | | We are getting spam submissions of e.g. alert subscribe form, which causes people to get a confirmation email.
* | | Merge branch 'alert-active-deletion'Matthew Somerville2020-06-09-0/+7
|\ \ \ | |_|/ |/| |
| * | Store staff user when staff make anonymous update.Matthew Somerville2020-06-03-0/+7
| |/ | | | | | | Match the identical code for anonymous reports.
* / Add Open Location Codes support to search box.M Somerville2020-06-04-0/+25
|/
* Make sure category shown in all its groups.Matthew Somerville2020-05-26-5/+9
| | | | | | | | When compiling the reporting category dropdown, only one instance of each value was used. But if a value appears twice, from two different bodies, in different groups, it would then not appear in all the groups it would be expected to. Make sure we update the list of groups of the category if we come across another with the same value.
* Consistent use of Contact groups.Matthew Somerville2020-05-26-13/+18
|
* admin interface for per category anonymous reportingStruan Donald2020-05-12-1/+1
| | | | | | | | Add an interface to enable a category to accept anonymous reports, plus the code to handle permitting this. It's only available on single body cobrand sites in the default configuration.
* display user detail for contributed_by in report_editStruan Donald2020-05-12-0/+20
| | | | Include name, email and body rather than just user id.
* Merge branch 'tfl-category-restrictions'Matthew Somerville2020-05-12-20/+63
|\
| * Extend assigned_*_only to report lists.Matthew Somerville2020-05-08-3/+27
| | | | | | | | | | Shortlist buttons and extended print information will not appear where not allowed.
| * Add assigned_(users|categories)_only functionalityMatthew Somerville2020-05-08-1/+24
| | | | | | | | | | | | | | | | Users with assigned_categories_only will only see staff features on a report page in their assigned categories. Users will only see staff features on a report page in a category with assigned_users_only if it is in their assigned categories.
| * Refactor report page permissions.Matthew Somerville2020-05-07-16/+12
| | | | | | | | | | Look up user's permissions once at the start, and use that throughout the report page templates.
* | Disable rename on unprotected Open311 categories.Matthew Somerville2020-05-11-3/+7
|/ | | | | | If you rename an Open311 category when it is not protected, it will only get reinstated/deleted by the Open311 populate script shortly after, and can cause issues due to the problem category renaming that occurs.
* Fix dashboard report CSV export.Matthew Somerville2020-05-07-2/+3
| | | | | | The change to join in e16054150 did not include a collapse that the previous prefetch was doing, so multiple rows per result were being returned.
* Merge branch 'category-group-in-csv'Matthew Somerville2020-05-07-5/+24
|\
| * Include group in CSV export if enabled.Matthew Somerville2020-05-07-5/+24
| |
* | Add way to disallow report reopening in a categoryMatthew Somerville2020-05-07-1/+1
|/ | | | | Add a tickbox to the category admin, and do not allow reopening on reports made in the selected categories.
* Add ability to disallow updates in a category.Matthew Somerville2020-05-06-9/+6
| | | | | Add a tickbox to the category admin, and do not allow updates on reports made in those selected categories.
* Move per-row Contact lookup to the database.Matthew Somerville2020-05-06-22/+56
| | | | | | | | | | | On admin report lists, and in front-end lists when an inspector, each row was querying the database for `category_display`. We create a new relationship for this query, and join/prefetch it wherever we request this data. Include staff joins on /around page, copying what happens on /reports to prevent more lookups there too. Also add some joins for user email in admin report list.
* Allow template to be an initial update on reports.Matthew Somerville2020-05-04-5/+43
|
* Merge branch 'server-side-cursor-dashboard-export'Matthew Somerville2020-04-29-4/+9
|\
| * Only request needed join data in places.Matthew Somerville2020-04-28-4/+7
| | | | | | | | | | The export flow and the admin search request more data from the database than they need, which slows it down.
| * Use server cursors on dashboard export.Matthew Somerville2020-04-28-0/+2
| |
* | Error page when submitting /import with web param.Matthew Somerville2020-04-28-8/+13
|/ | | | | | If the web param is used, show an error web page rather than the normal plain text output. Also do the normal remember/show uploaded photos feature, and hide the inputs better if unneeded.
*-. Merge branches '2961-disable-private-tickbox', ↵Matthew Somerville2020-04-28-43/+54
|\ \ | | | | | | | | | '2962-pin-move-category-group' and 'move-admin-index-stats-to-stats-page'
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-25 22:50:45 +0000