| Commit message (Collapse) | Author | Age | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
Specifically using save! so that anything other than an
ActiveRecord::RecordInvalid doesn't get missed
Note that ActiveModel::Errors#full_messages includes the attribute key
in the message. This is by design, so we should consider whether we can
improve the way that we use translated validation messages.
|
| |
|
|
|
| |
There's a unique index on public_bodies url_name, so we should have a
validation for that.
|
| |
|
|
|
| |
Should have been run after related migrations.
Could automate this to always run after migrations.
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The volume of spam in the holding pen in WDTK has increased.
Over a few weeks in January 2014 the pattern was roughly:
- 8 were sent "To" the same address, which was a nearly valid old request
address - correct hash, but missing the second hyphen.
- 1 was sent "To" an invalid request address (nearly correct hash)
- 1 was sent "BCC" a valid request address
- 1 was sent "BCC" request@whatdotheyknow.com
If a spam was sent "To" an old valid request address then it would be
rejected.
It's not entirely safe to just reject mails to old requests with any
hash, because sometimes authorities miss out a digit in the request
number, though perhaps simply getting a failure bounce would cause them
to check.
In any case that wouldn't trivially catch the most frequent case above
as it doesn't have an obvious request number.
---
We looked at greylisting and configuring the MTA with an RBL.
Greylisting was rejected as it would slow down the responsiveness of the
application when people email in. This could be revisited if/when emails
are parsed through a queue system depending on how we find the
performance there.
An RBL is already configured, but this ticket refers more to where the
email is sent rather than who it came from.
---
We elected to:
- Create spam_address model
- Add code to RequestMailer.receive to check the list of spam addresses
and silently discard an incoming mail if it's addressed to one of them
- Add page to admin interface for adding/removing spam addresses
---
Thanks to Ganesh Sittampalam for the research and Louise Crow for the
implementation strategy.
|
| |\ \
| | |
| | |
| | |
| | | |
Conflicts:
spec/factories.rb
|
| | |/
| |
| |
| |
| |
| | |
In the largest Alaveteli instance, WDTK, only a fraction of tracks use
filters and these specs represent those that have actually been used
commonly.
|
| |/ |
|
| |
|
|
| |
The code being tested is specific in that way.
|
| |\
| |
| |
| | |
'opennewzealand_github/feature/encode-utf8-messages' into rails-3-develop
|
| | | |
|
| |\ \
| | |
| | |
| | |
| | |
| | | |
Conflicts:
config/general.yml-example
spec/factories.rb
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | | |
The requests may not have been created at this point.
|
| | | |
| | |
| | |
| | | |
We're going to want to actually create and send the requests later.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Also, wrap model creation in a transaction and do the message sending
separately - we may ultimately want to do this outside the request
cycle.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
They're not finding by the existing object, they're finding an existing
object.
|
| | | |
| | |
| | |
| | |
| | | |
Re-annotate models. Index InfoRequestBatches by user - we'll display the
batches for a user when they view their own requests.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
It doesn't make logical sense that they would. However I am preserving
the ability to make batch requests as a separate thing from not having a
daily limit - I think batch sending requires a (perhaps marginally)
bigger level of trust.
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
A virtual attribute to use to customise some info request behaviours
when we are using one request as a template for creating multiple
requests.
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
Conflicts:
doc/CHANGES.md
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Also add editable text for an email to be sent to the person requesting
the change.
|
| | | |/
| |/| |
|
| |\ \ \ |
|
| | |/ /
| | |
| | |
| | | |
Make specs a bit more focused, remove view specs - they're not relevant to the new code in their current form and don't seem to merit updating.
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Just expecting the parsed file to include the expected one would mean
success in the case where nothing has been folded. Tighten up the
expectation, and add quoting placeholders to expected files that didn't
have them.
|
| |\ \ \ \
| |/ / /
|/| | | |
|
| | |/ / |
|
| |/ /
| |
| |
| |
| |
| |
| |
| | |
The internal admin body should be created automatically if it
doesn't exist on calls to PublicBody.internal_admin_body; we've
seen errors (#1001) where this fails after the default locale
changes. (Although these tests don't actually replicate that
problem.)
|
| |\ \ |
|
| | | | |
|
| | |/ |
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Under Ruby 1.8.7, you can parse a CSV file with the
following code (Example A):
require 'csv'
CSV.parse('foo.csv') do |row|
puts "got row: #{row.inspect}"
end
Rather confusingly, under Ruby 1.8.7, CSV.parse can also
take a string representation of the contents of the file
as its parameter, so this also works (Example B):
require 'csv'
CSV.parse("1,hello,red\n2,goodbye,green") do |row|
puts "got row: #{row.inspect}"
end
However under Ruby 1.9.3, CSV.parse only expects a string
representation of the contents of the CSV file, so only
Example B works; Example B fails silently (interpreting
the filename as a single cell CSV file, typically).
The import:import_csv rake task unfortunately relied on
both A and B working. This commit fixes this by adding
PublicBody.import_csv_from_file, and refactoring
PublicBody.import_csv to use the newly added class method,
and adds a test to check for any regression in this
behaviour.
(This means that the usage of import_csv in the admin public
body controller's import_csv action could now be changed
to use PublicBody.import_csv_from_file directly from the
uploaded file, which would be more efficient and cope
with larger files without using lots of memory.)
Fixes #1229
|
| |\ |
|
| | |
| |
| |
| |
| | |
This includes making making sure that xapiandbs directory is moved
with this version of the code.
|
| | | |
|
| |/ |
|
| |
|
|
|
|
|
|
|
|
| |
In the initial release of public body statistics to WhatDoTheyKnow
a public body only intended for testing ("mySociety Test Quango")
was included in the statistics. This commit causes public bodies
tagged with "test" to be excluded from the public body statistics
page.
Fixes #1115.
|
| |
|
|
|
|
|
|
| |
The WDTK volunteers pointed out that it's not fair to include
hidden requests in the denominator, since they're typically hidden
for a good reason (e.g. being vexatious, spam, etc.), and we have
no information about those that are awaiting_description (i.e.
unclassified) so they should be excluded as well.
|
| |
|
|
|
|
| |
This counts only those info requests that have prominence 'normal'
(i.e. are not hidden) and are not 'awaiting_description' (i.e. that
they have had some basic status classification).
|
| |
|
|
| |
These are regenerated with "bundle exec annotate"
|
| |
|
|
| |
This causes several specs to fail.
|
| |\
| |
| |
| | |
rails-3-develop
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In a subsequent commit, we will want to wrap an additional section
of code with the addition and removal of a hook that creates a
duplicate xapian job, so it's useful for this to be factored out.
This commit introduces a 'with_duplicate_xapian_job_creation'
method that can be passed a block which will be run with the forced
duplicate xapian job creation.
|
