aboutsummaryrefslogtreecommitdiffstats
path: root/app/controllers
Commit message (Collapse)AuthorAgeLines
* Merge branch '2051-back-to-search' into rails-3-developGareth Rees2015-01-13-0/+6
|\
| * Add a “Back to search results” linkGareth Rees2015-01-13-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Store the search parameters in the flash when a search is made via the select_authority_path page. Stores the parameters for both POST and AJAX typeahead searches. The presence of stored search params renders the link on the PublicBodyController#show template. “keep”s the search params in PublicBodyController#show so that if the user clicks the browser’s back button the “Back to search results” link can still be rendered on the next search result they click. “keep”s all flash keys in ServicesController#other_country_message as it’s called through AJAX and ends up sweeping the flash. [1] [1] More details about this: http://mikenaberezny.com/2007/09/08/keep-the-flash-and-test-it-too/
* | Use a partial to render batch sent messageGareth Rees2015-01-13-7/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Dropped the law_used_full interpolation: So I think there are two significant bits of context here. One is that the law_used_full attribute is derived from law_used, which in turn is set on InfoRequest initialisation based on the tags applied to the public body. So different requests in a batch could have different values for law_used_full - some of them might be to bodies that only accept environmental information requests. So using the value from the batch template is not really a good proxy for the whole collection. The second is that, in any case, the distinction between the two types of request is a UK-specific feature which should be moved to the UK theme (#2085). Given these two factors, I think the cleanest thing might be to drop law_used_full from this descriptive text, and just have it say "Your requests will be sent shortly", without specifying what law will be used. – Louise Crow (@crowbot)
* | Use a partial to render request sent messageGareth Rees2015-01-13-7/+1
|/
* Merge branch 'hotfix/0.20.0.2' into rails-3-developLouise Crow2015-01-07-3/+6
|\
| * Sanitize the contents of HTML attachments before displayLouise Crow2014-12-22-0/+4
| |
| * Fix unvalidated redirectsGareth Rees2014-12-22-3/+3
| |
* | Fix bad merge in 92ba5052a21519af59c2aa904e1e28d9081179fbLouise Crow2014-12-19-51/+0
| |
* | Escape responder name before marking notice as safeLouise Crow2014-12-19-1/+52
| |
* | Merge branch 'brakeman_fixes' into rails-3-developLouise Crow2014-12-18-14/+11
|\ \
| * | Line lengthGareth Rees2014-12-18-1/+9
| | |
| * | Add global protect_from_forgeryGareth Rees2014-12-18-13/+2
| | | | | | | | | | | | | | | | | | | | | Grepping the git logs didn’t bring up a good reason for this to be excluded. Seems like it came along after the app was initially created so it never got fully added for fear of regressions. The specs pass for this commit.
* | | Merge branch 'restful-admin-routes' into rails-3-developLouise Crow2014-12-18-284/+281
|\ \ \
| * | | Don't raise internal error when handling non-user or request rulesLouise Crow2014-12-18-9/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Handle attempts to edit or destroy global or public body censor rules with a notice and a redirect. Closes #2009
| * | | Refactor - group common logic branchesLouise Crow2014-12-18-28/+14
| | | |
| * | | Refactor shared setup to filterLouise Crow2014-12-18-2/+5
| | | |
| * | | RESTful routing for admin censor rule actionsLouise Crow2014-12-18-16/+8
| | | |
| * | | RESTful routing for admin track actionsLouise Crow2014-12-18-9/+10
| | | |
| * | | Make clearing a profile photo a post-restricted actionLouise Crow2014-12-18-4/+0
| | | |
| * | | Use RESTful route for banned user listLouise Crow2014-12-18-1/+1
| | | |
| * | | Use RESTful routes for CRUD admin user actionsLouise Crow2014-12-18-21/+17
| | | |
| * | | Move outgoing message admin actions to RESTful model.Louise Crow2014-12-18-1/+1
| | | |
| * | | Move admin incoming message actions to use RESTful routes.Louise Crow2014-12-18-2/+2
| | | | | | | | | | | | | | | | | | | | So data changing actions require a POST and can be protected against CSRF.
| * | | Move show method to use RESTful routingLouise Crow2014-12-18-3/+3
| | | |
| * | | Use RESTful routing for indexLouise Crow2014-12-18-63/+59
| | | |
| * | | Make downloading a raw email a RESTful routeLouise Crow2014-12-18-26/+27
| | | |
| * | | Make marking an event as a clarification a RESTful routeLouise Crow2014-12-18-15/+24
| | | |
| * | | Make hide a RESTful action accessed via POSTLouise Crow2014-12-12-1/+1
| | | |
| * | | Make show_raw_email a RESTful action via GETLouise Crow2014-12-12-28/+37
| | | | | | | | | | | | | | | | | | | | Move specs that involve receiving email and then viewing the interface to be integration specs, which is what they really are.
| * | | RESTful routing for editing and updating commentsLouise Crow2014-12-12-24/+36
| | | |
| * | | Make move a RESTful actionLouise Crow2014-12-12-2/+2
| | | |
| * | | Use RESTful routing for destroy actionLouise Crow2014-12-12-1/+1
| | | |
| * | | Use RESTful routing for resend actionLouise Crow2014-12-12-31/+32
| | | |
| * | | Use RESTful routing for index and show actionsLouise Crow2014-12-12-23/+18
| | | |
* | | | Merge branch 'admin-public-holiday-interface' into rails-3-developLouise Crow2014-12-18-0/+95
|\ \ \ \
| * | | | Allow import of holidays from feed or built-in suggestionsLouise Crow2014-12-15-1/+29
| | | | |
| * | | | Add some inline editingLouise Crow2014-12-15-0/+10
| | | | |
| * | | | Add create actionLouise Crow2014-12-15-0/+9
| | | | |
| * | | | Add new actionLouise Crow2014-12-15-0/+4
| | | | |
| * | | | Add basic destroy action.Louise Crow2014-12-15-0/+7
| | | | |
| * | | | Add basic update action.Louise Crow2014-12-15-0/+18
| | | | |
| * | | | Add basic edit actionLouise Crow2014-12-15-0/+5
| | | | |
| * | | | Add index method for listing existing holidaysLouise Crow2014-12-15-0/+14
| |/ / /
* | | | Refactor the application of masks and censor rules to messages.Louise Crow2014-12-15-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Seems more logical to make this one method that figures out what to do based on file type. Plus, incoming message does so many things, it seemed like having these related methods be separate would make them easier to read and understand. Also, email, mobile and login substitution texts weren't being translated. Finally, I think passing the censor rules and masks as arguments is a first step in some more decoupling of models.
* | | | Enforce a lifetime on session cookiesLouise Crow2014-12-12-9/+26
| | | | | | | | | | | | | | | | | | | | | | | | Problem described in http://seclists.org/fulldisclosure/2013/Sep/145 Pattern taken from https://www.coffeepowered.net/2013/09/26/rails-session-cookies/
* | | | Remove obsolete 'require' statementLouise Crow2014-12-12-2/+1
|/ / /
* | | Merge branch 'owasp-fixes' into rails-3-developLouise Crow2014-12-09-0/+3
|\ \ \
| * | | Add secureheadersLouise Crow2014-12-05-0/+3
| |/ / | | | | | | | | | Issue some security-related headers by default.
* | | Merge branch '1666-related-requests-search' into rails-3-developGareth Rees2014-12-08-4/+12
|\ \ \ | |_|/ |/| |
| * | RequestController#search_typaahead limit resultsGareth Rees2014-11-11-1/+3
| | | | | | | | | | | | Use the per_page parameter to limit the results returned
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-04 03:36:11 +0000