aboutsummaryrefslogtreecommitdiffstats
path: root/spec
Commit message (Collapse)AuthorAgeLines
* Fix typoGareth Rees2014-06-16-2/+2
| | | | Fixes typo in 6bd0bfe
* Merge branch 'replace-xxx-todo' into rails-3-developGareth Rees2014-06-16-25/+25
|\
| * Rename XXX comments with TODO:Gareth Rees2014-06-10-25/+25
| | | | | | | | Picks these up in `rake notes` and adds semantic meaning
* | Merge branch 'issues/788-notification-email-cache-buster' into rails-3-developGareth Rees2014-06-16-47/+147
|\ \
| * | Remove DateTimeHelper#year_from_dateGareth Rees2014-06-05-17/+0
| | | | | | | | | | | | DateTime, Date and Time all have #year methods
| * | Minor tidying of DateTimeHelper and specsGareth Rees2014-06-05-4/+4
| | |
| * | Add specs for DateTimeHelper#simple_timeGareth Rees2014-06-05-0/+18
| | |
| * | Add specs for DateTimeHelper#year_from_dateGareth Rees2014-06-05-0/+16
| | |
| * | Move date helpers to DateTimeHelperGareth Rees2014-06-05-47/+54
| | |
| * | Remove duplication from new correspondence urlsGareth Rees2014-06-05-7/+15
| | |
| * | Add cache-busting to request response notificationGareth Rees2014-06-04-1/+69
| |/ | | | | | | | | | | Users get a new response email, click the link, but get a cached page. This is a quick fix to ensure they always see the response when clicking the link.
* | Merge remote-tracking branch 'origin/hotfix/0.18.0.3' into rails-3-developLouise Crow2014-06-06-0/+11
|\ \
| * | Handle converting empty RTF fileshotfix/0.18.0.3Gareth Rees2014-06-06-0/+11
| | | | | | | | | | | | Fixes https://github.com/mysociety/alaveteli/issues/1563
* | | Merge branch 'hotfix/0.18.0.2' into rails-3-developLouise Crow2014-06-06-0/+18
|\ \ \ | |_|/ |/| |
| * | Allow a message with more than one event to be destroyed.hotfix/0.18.0.2Louise Crow2014-06-06-0/+18
| |/ | | | | | | Fixes #1569
* | Merge branch 'issues/1448-no-error-on-spam' into rails-3-developLouise Crow2014-06-02-0/+11
|\ \
| * | Redirect to the frontpage rather than error on invalid paramsLouise Crow2014-06-02-0/+11
| |/ | | | | | | Fixes #1448.
* / Support simple searching of bodies by short_nameGareth Rees2014-05-28-0/+5
|/
* Update specs for changes to translations in ↵Louise Crow2014-05-15-24/+24
| | | | 962e1d2b0edb6c0933ba42dd7690c38ba7d08f91
* Work around bug#77932 in pdftohtmlGareth Rees2014-05-06-0/+37
| | | | | | | | | Sometimes pdftohtml will generate thousands of images when converting an image embedded in a PDF. This causes a request spike when a user tries to view the converted PDF as HTML. See https://bugs.freedesktop.org/show_bug.cgi?id=77932 for the bug report.
* Remove dependency on timezone in configLouise Crow2014-05-02-10/+12
|
* Merge branch 'issues/1390-james-cheshire-infographic' into rails-3-developGareth Rees2014-05-01-0/+29
|\
| * Extract quarters_between to DateQuarter libGareth Rees2014-05-01-0/+29
| |
* | Merge branch 'hotfix/0.17.0.1' into rails-3-developLouise Crow2014-04-25-0/+5
|\ \ | |/ |/|
| * Fix for badly-formed content-disposition header.Louise Crow2014-04-25-0/+5
| | | | | | | | Taken from https://github.com/mikel/mail/pull/602
* | Merge branch 'issues/337-attachment-title' into rails-3-developGareth Rees2014-04-14-2/+541
|\ \
| * | Dynamically inject AttachmentToHTML::View contentGareth Rees2014-04-07-0/+5
| | |
| * | Remove redundant AttachmentToHTML::HTMLGareth Rees2014-04-07-24/+0
| | |
| * | Update AttachmentToHTML for new View classGareth Rees2014-04-07-6/+24
| | |
| * | Simpler AttachmentToHTML::Adapters::CouldNotConvert interfaceGareth Rees2014-04-07-40/+9
| | |
| * | Simpler AttachmentToHTML::Adapters::GoogleDocsViewer interfaceGareth Rees2014-04-07-42/+10
| | |
| * | Simpler AttachmentToHTML::Adapters::RTF interfaceGareth Rees2014-04-07-60/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | TODO: We really should be testing the full output of RTF#body, but we currently want to remain consistent with Adapters::PDF as many methods are shared between the Adapters. A more correct spec might be: expected = %Q(<font size=3><font color="#000000">thisisthebody</font></font>) adapter.body.should == expected
| * | Simpler AttachmentToHTML::Adapters::PDF interfaceGareth Rees2014-04-07-56/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | TODO: We really should be testing the full output of PDF#body, but inconsistencies between pdftohtml prevent sensible means of doing this. For example: adapter.body.should == %Q(\n<A name=1></a>thisisthebody<br/>\n<hr>\n) Fails because some versions (correctly!) use lower case tag names.
| * | Simpler AttachmentToHTML::Adapters::Text interfaceGareth Rees2014-04-07-73/+22
| | |
| * | Add an AttachmentToHTML::View to deal with renderingGareth Rees2014-04-07-0/+147
| | |
| * | Work around a bug in unrtfGareth Rees2014-04-01-0/+25
| | |
| * | Use AttachmentToHTML to generate FoiAttachment#body_as_htmlGareth Rees2014-03-28-2/+1
| | |
| * | Add AttachmentToHTML libraryGareth Rees2014-03-28-0/+556
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Extracts the attachment processing from FoiAttachment#body_to_html AttachmentToHTML contains adapters which convert - text/plain - application/pdf - application/rtf Results are returned as an AttachmentHTML::HTML instance which contains the raw HTML and other metadata about the conversion.
* | | Merge branch 'issues/1416-csv-update-public-bodies' into rails-3-developGareth Rees2014-04-14-38/+84
|\ \ \
| * | | Handle validation errors in PublicBody.import_csvGareth Rees2014-04-14-0/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Specifically using save! so that anything other than an ActiveRecord::RecordInvalid doesn't get missed Note that ActiveModel::Errors#full_messages includes the attribute key in the message. This is by design, so we should consider whether we can improve the way that we use translated validation messages.
| * | | Add missing validation to PublicBodyGareth Rees2014-04-14-0/+6
| | | | | | | | | | | | | | | | | | | | There's a unique index on public_bodies url_name, so we should have a validation for that.
| * | | Annotate modelsGareth Rees2014-04-09-38/+65
| | | | | | | | | | | | | | | | | | | | Should have been run after related migrations. Could automate this to always run after migrations.
* | | | Merge branch 'issues/1343-ip-spoofing-error' into rails-3-developGareth Rees2014-04-14-0/+11
|\ \ \ \
| * | | | Rescue from IpSpoofAttackError when using remote IPGareth Rees2014-04-14-0/+11
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some proxies seem to be setting the Client-IP HTTP header to 127.0.0.1. Rails checks that Client-IP is contained in X-Forwarded-For and raises the error. We decided to rescue in this individual case rather than adding a middleware to strip Client-IP (http://writeheavy.com/2011/07/31/when-its-ok-to-turn-of-rails-ip-spoof-checking.html#well_thats_stupid_can_we_turn_it_off) so that we don't introduce unexpected behaviour. If we start to do anything more with request.remote_ip, then we should look at doing so. See http://blog.gingerlime.com/2012/rails-ip-spoofing-vulnerabilities-and-protection for an in-depth look at this issue.
* / / / Rescue from non-numeric page parameter exceptionsGareth Rees2014-04-10-0/+8
|/ / / | | | | | | | | | | | | | | | will_paginate intentionally throws an ArgumentError when a non-numeric page parameter is used. Conveniently, they tag it with WillPaginate::InvalidPage, so here we rescue with a 404.
* | | Merge branch 'issues/1317-holding-pen-spam' into rails-3-developGareth Rees2014-04-07-0/+155
|\ \ \
| * | | Add AdminSpamAddressesController and UIGareth Rees2014-03-28-0/+91
| | | |
| * | | Ignore mail sent to known spam addressesGareth Rees2014-03-26-0/+10
| | | |
| * | | Add SpamAddress modelGareth Rees2014-03-26-0/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The volume of spam in the holding pen in WDTK has increased. Over a few weeks in January 2014 the pattern was roughly: - 8 were sent "To" the same address, which was a nearly valid old request address - correct hash, but missing the second hyphen. - 1 was sent "To" an invalid request address (nearly correct hash) - 1 was sent "BCC" a valid request address - 1 was sent "BCC" request@whatdotheyknow.com If a spam was sent "To" an old valid request address then it would be rejected. It's not entirely safe to just reject mails to old requests with any hash, because sometimes authorities miss out a digit in the request number, though perhaps simply getting a failure bounce would cause them to check. In any case that wouldn't trivially catch the most frequent case above as it doesn't have an obvious request number. --- We looked at greylisting and configuring the MTA with an RBL. Greylisting was rejected as it would slow down the responsiveness of the application when people email in. This could be revisited if/when emails are parsed through a queue system depending on how we find the performance there. An RBL is already configured, but this ticket refers more to where the email is sent rather than who it came from. --- We elected to: - Create spam_address model - Add code to RequestMailer.receive to check the list of spam addresses and silently discard an incoming mail if it's addressed to one of them - Add page to admin interface for adding/removing spam addresses --- Thanks to Ganesh Sittampalam for the research and Louise Crow for the implementation strategy.
* | | | Merge branch 'rails-3-develop' of ↵Louise Crow2014-04-04-0/+7
|\ \ \ \ | | | | | | | | | | | | | | | ssh://git.mysociety.org/data/git/public/alaveteli into rails-3-develop
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-05 22:23:09 +0000