1 # this class pulls together the logic for all the old_* controllers
2 # into one place. as it turns out, the API methods for historical
3 # nodes, ways and relations are basically identical.
4 class OldController < ApplicationController
7 skip_before_action :verify_authenticity_token
8 before_action :setup_user_auth, :only => [:history, :version]
9 before_action :authorize, :only => [:redact]
10 before_action :authorize_moderator, :only => [:redact]
11 before_action :require_allow_write_api, :only => [:redact]
12 before_action :check_api_readable
13 before_action :check_api_writable, :only => [:redact]
14 around_action :api_call_handle_error, :api_call_timeout
15 before_action :lookup_old_element, :except => [:history]
16 before_action :lookup_old_element_versions, :only => [:history]
19 # the .where() method used in the lookup_old_element_versions
20 # call won't throw an error if no records are found, so we have
21 # to do that ourselves.
22 raise OSM::APINotFoundError.new if @elements.empty?
24 doc = OSM::API.new.get_xml_doc
26 visible_elements = if show_redactions?
32 visible_elements.each do |element|
33 doc.root << element.to_xml_node
36 render :text => doc.to_s, :content_type => "text/xml"
40 if @old_element.redacted? && !show_redactions?
41 render :text => "", :status => :forbidden
44 response.last_modified = @old_element.timestamp
46 doc = OSM::API.new.get_xml_doc
47 doc.root << @old_element.to_xml_node
49 render :text => doc.to_s, :content_type => "text/xml"
54 redaction_id = params["redaction"]
56 # if no redaction ID was provided, then this is an unredact
58 @old_element.redact!(nil)
60 # if a redaction ID was specified, then set this element to
61 # be redacted in that redaction.
62 redaction = Redaction.find(redaction_id.to_i)
63 @old_element.redact!(redaction)
66 # just return an empty 200 OK for success
73 @user && @user.moderator? && params[:show_redactions] == "true"