aboutsummaryrefslogtreecommitdiffstats
path: root/perllib/FixMyStreet
Commit message (Collapse)AuthorAgeLines
...
* | add bodies_id to stash for around and report/newStruan Donald2019-11-26-0/+2
| | | | | | | | | | | | | | | | This resolved the problem of checking user body permissions on both around and report/new by adding a variable to stash specifically for this purpose. Previously staff users could not see the mark private tick if the report form was loaded via javascript from the around page as there was no bodies variable in the stash.
* | pass cobrand name to state display from alert scriptStruan Donald2019-11-26-1/+1
|/ | | | | This was passing the cobrand object so the checks in State::display that were relying on the moniker were not working.
* Merge branch 'peterborough-include-email-categories-on-cobrand'Struan Donald2019-11-25-13/+0
|\
| * [Peterborough] Include email categories on cobrandChris Mytton2019-11-22-13/+0
| | | | | | | | They've requested that these be added to the cobrand now.
* | Merge branch 'csp-uk'Matthew Somerville2019-11-25-11/+23
|\ \
| * | [UK] Uses a feature to allow per-cobrand CSP.Matthew Somerville2019-11-25-10/+5
| | |
| * | Add configuration for setting CSP header.Matthew Somerville2019-11-25-1/+18
| |/ | | | | | | | | | | This allows you to output a working Content-Security-Policy header, with optional third-party domains, by setting a new CONTENT_SECURITY_POLICY configuration option.
* | Merge branch 'qr-code-generator'Matthew Somerville2019-11-25-6/+33
|\ \
| * | Switch to internal QR code generator.Matthew Somerville2019-11-23-6/+33
| | |
* | | [Oxfordshire] re-enable inspector permissionsStruan Donald2019-11-22-7/+0
|/ / | | | | | | | | Re-enable the inspector permissions that were disabled at a cobrand level
* / Rotate session ID after successful login.Matthew Somerville2019-11-22-3/+6
|/
* [UK] Updates only by reporter on open reports confMatthew Somerville2019-11-19-4/+10
|
* Recheck cached front page details against databaseMatthew Somerville2019-11-18-4/+7
| | | | | It was only checking the cached details, so not spotting if a report had been hidden in the time since being cached.
* Remove cached photos before updating db field.Matthew Somerville2019-11-18-2/+2
| | | | | If the photo field is updated first, then the cache removal doesn't think there are any photos to remove.
* Merge branch 'issues/freshdesk/98-staff-ignore-emergency-message'Struan Donald2019-11-15-0/+13
|\
| * allow staff to submit in disabled categoriesStruan Donald2019-11-15-0/+13
| | | | | | | | | | | | | | If a user belongs to a body override the disabled form check upon submission as mostly staff users can submit in those categories. Fixes mysociety/fixmystreet-freshdesk#98
* | Merge branch 'rss-fix-greenwich'Matthew Somerville2019-11-15-5/+5
|\ \
| * | [UK] Fix Greenwich RSS feed.Matthew Somerville2019-11-15-5/+5
| |/
* / Add cobrand-specific XSL to RSS feeds.Matthew Somerville2019-11-15-0/+15
|/
* Merge branch 'bexley-reviewed'Matthew Somerville2019-11-13-13/+32
|\
| * [Bexley] Provide Confirm parameters required.Matthew Somerville2019-11-13-13/+32
| |
* | Merge branch 'cheshire-east-reviewed'Matthew Somerville2019-11-10-0/+139
|\ \ | |/ |/|
| * [Cheshire East] Initial cobrand.Matthew Somerville2019-11-10-0/+139
| |
* | Merge branch 'admin-auditing'Matthew Somerville2019-11-10-682/+852
|\ \
| * | Add user admin log page.Matthew Somerville2019-11-08-0/+107
| | |
| * | Store a moderation history on admin report edit.Matthew Somerville2019-11-08-1/+16
| | |
| * | Add admin log entry for more objects and things.Matthew Somerville2019-11-08-17/+21
| | | | | | | | | | | | | | | Namely templates, roles, bodies, categories, various user edits, and when using the inspect form and changing category.
| * | Ignore empty paragraphs in html_para.Matthew Somerville2019-11-08-2/+3
| | | | | | | | | | | | And do not generate them needlessly.
| * | Refactor user controller to use chained action.Matthew Somerville2019-11-08-9/+14
| | |
| * | Factor out admin reports code to own controller.Matthew Somerville2019-11-08-495/+517
| | |
| * | Factor out admin template code to own controller.Matthew Somerville2019-11-08-160/+176
| |/
* / Store email addresses report sent to on the reportMatthew Somerville2019-11-10-0/+7
|/
* Fix about template name being passed as username.Matthew Somerville2019-11-06-1/+1
| | | | | As this detach() comes from an action with an argument, that argument then got picked up as the override username.
* Fix password reset on 2FA accounts again.Matthew Somerville2019-11-05-2/+5
| | | | | | Just after fixing it, 3d593bc68 broke it again, because it took anyone who must have 2FA switched on to the must-have-2FA sign up flow, even if they already had 2FA set up.
* Merge branch 'password-expiry'Matthew Somerville2019-11-05-3/+53
|\
| * Add optional enforced password expiry.Matthew Somerville2019-11-04-2/+43
| |
| * Record time of password change.Matthew Somerville2019-11-04-1/+10
| |
* | [Peterborough] Disable questionnairesChris Mytton2019-11-01-0/+2
| |
* | Merge branch 'remove-extra-cat-heading'Matthew Somerville2019-10-31-14/+44
|\ \ | |/ |/|
| * Sort reporting categories in display order.Matthew Somerville2019-10-31-13/+43
| |
| * Do not output empty disable_form hash in ajax call.Matthew Somerville2019-10-29-1/+1
| |
* | Merge branch '2fa-improvements'Matthew Somerville2019-10-31-115/+110
|\ \
| * | If 2FA enforced, do it for an email login as well.Matthew Somerville2019-10-30-0/+31
| | |
| * | Fix password reset on 2FA accounts.Matthew Somerville2019-10-30-4/+21
| | |
| * | [UK] Mandate 2FA on superusers.Matthew Somerville2019-10-30-0/+6
| | |
| * | Allow enforcement of 2FA for staff users.Matthew Somerville2019-10-30-0/+6
| | |
| * | Require code to be entered when activating 2FA.Matthew Somerville2019-10-28-10/+42
| | |
| * | Allow non-superusers to store 2FA secrets.Matthew Somerville2019-10-28-6/+6
| | |
| * | Remove unused inspection required/reputation code.Matthew Somerville2019-10-28-97/+0
| | |
* | | [Mobile] Make sure disable message findable by appMatthew Somerville2019-10-30-5/+17
| |/ |/| | | | | | | | | | | | | | | | | The mobile app is looking at the old extra.datatype_description location rather than the new disable_form location for per-question disabling (it does look there for all-category disabling). So we need to make sure the JSON includes the message in the place where it will be looking. Note if an extra data question has two answers that disable the form and they have different messaging, the app will only take one of them.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-01 21:50:22 +0000