module Api
- class UsersController < ApplicationController
- layout "site", :except => [:api_details]
-
- skip_before_action :verify_authenticity_token
- before_action :disable_terms_redirect, :only => [:api_details]
- before_action :authorize, :only => [:api_details, :api_gpx_files]
- before_action :api_deny_access_handler
+ class UsersController < ApiController
+ before_action :check_api_readable
+ before_action :disable_terms_redirect, :only => [:details]
+ before_action :setup_user_auth, :only => [:show, :index]
+ before_action :authorize, :only => [:details, :gpx_files]
authorize_resource
- before_action :check_api_readable
around_action :api_call_handle_error
- before_action :lookup_user_by_id, :only => [:api_read]
+ before_action :lookup_user_by_id, :only => [:show]
+
+ before_action :set_request_formats, :except => [:gpx_files]
- def api_read
+ def show
if @user.visible?
- render :action => :api_read, :content_type => "text/xml"
+ # Render the result
+ respond_to do |format|
+ format.xml
+ format.json
+ end
else
head :gone
end
end
- def api_details
+ def details
@user = current_user
- render :action => :api_read, :content_type => "text/xml"
+ # Render the result
+ respond_to do |format|
+ format.xml { render :show }
+ format.json { render :show }
+ end
end
- def api_users
+ def index
raise OSM::APIBadUserInput, "The parameter users is required, and must be of the form users=id[,id[,id...]]" unless params["users"]
ids = params["users"].split(",").collect(&:to_i)
@users = User.visible.find(ids)
- render :action => :api_users, :content_type => "text/xml"
+ # Render the result
+ respond_to do |format|
+ format.xml
+ format.json
+ end
end
- def api_gpx_files
- doc = OSM::API.new.get_xml_doc
- current_user.traces.reload.each do |trace|
- doc.root << trace.to_xml_node
- end
- render :xml => doc.to_s
+ def gpx_files
+ @traces = current_user.traces.reload
+ render :content_type => "application/xml"
end
private