layout 'site', :only => [:mine]
before_filter :check_api_readable
- before_filter :authorize_web, :only => [:create, :comment, :close, :destroy, :mine]
+ before_filter :authorize_web, :only => [:mine]
+ before_filter :setup_user_auth, :only => [:create, :comment]
+ before_filter :authorize, :only => [:close, :destroy]
+ before_filter :require_moderator, :only => [:destroy]
before_filter :check_api_writable, :only => [:create, :comment, :close, :destroy]
- before_filter :set_locale, :only => [:mine]
+ before_filter :require_allow_write_notes, :only => [:create, :comment, :close, :destroy]
+ before_filter :set_locale
after_filter :compress_output
around_filter :api_call_handle_error, :api_call_timeout
# Check the arguments are sane
raise OSM::APIBadUserInput.new("No lat was given") unless params[:lat]
raise OSM::APIBadUserInput.new("No lon was given") unless params[:lon]
- raise OSM::APIBadUserInput.new("No text was given") unless params[:text]
+ raise OSM::APIBadUserInput.new("No text was given") if params[:text].blank?
# Extract the arguments
lon = params[:lon].to_f
# Extract the arguments
id = params[:id].to_i
+ comment = params[:text]
# Find the note and check it is valid
- note = Note.find(id)
- raise OSM::APINotFoundError unless note
- raise OSM::APIAlreadyDeletedError.new("note", note.id) unless note.visible?
+ @note = Note.find(id)
+ raise OSM::APINotFoundError unless @note
+ raise OSM::APIAlreadyDeletedError.new("note", @note.id) unless @note.visible?
# Mark the note as hidden
Note.transaction do
- note.status = "hidden"
- note.save
+ @note.status = "hidden"
+ @note.save
- add_comment(note, nil, "hidden")
+ add_comment(@note, comment, "hidden")
end
- # Render the result
- render :text => "ok\n", :content_type => "text/html"
+ # Return a copy of the updated note
+ respond_to do |format|
+ format.xml { render :action => :show }
+ format.json { render :action => :show }
+ end
end
##