skip_before_action :verify_authenticity_token
before_action :setup_user_auth, :only => [:history, :version]
+ before_action :api_deny_access_handler
before_action :authorize, :only => [:redact]
- before_action :authorize_moderator, :only => [:redact]
- before_action :require_allow_write_api, :only => [:redact]
+
+ authorize_resource
+
before_action :check_api_readable
before_action :check_api_writable, :only => [:redact]
around_action :api_call_handle_error, :api_call_timeout
# the .where() method used in the lookup_old_element_versions
# call won't throw an error if no records are found, so we have
# to do that ourselves.
- raise OSM::APINotFoundError.new if @elements.empty?
+ raise OSM::APINotFoundError if @elements.empty?
doc = OSM::API.new.get_xml_doc
end
# just return an empty 200 OK for success
- render :nothing => true
+ head :ok
end
private
def show_redactions?
- @user && @user.moderator? && params[:show_redactions] == "true"
+ current_user&.moderator? && params[:show_redactions] == "true"
end
end