]> git.openstreetmap.org Git - rails.git/blobdiff - app/models/changeset.rb
Enforce changeset size limit for API calls which make changes
[rails.git] / app / models / changeset.rb
index aa674ea7fc5391ec781119e20f07d5bcef478332..e6bde19a50d8562f63e12e44be146a72e5905ac9 100644 (file)
 #
 # Indexes
 #
-#  changesets_bbox_idx                (min_lat,max_lat,min_lon,max_lon) USING gist
-#  changesets_closed_at_idx           (closed_at)
-#  changesets_created_at_idx          (created_at)
-#  changesets_user_id_created_at_idx  (user_id,created_at)
-#  changesets_user_id_id_idx          (user_id,id)
+#  changesets_bbox_idx                        (min_lat,max_lat,min_lon,max_lon) USING gist
+#  changesets_closed_at_idx                   (closed_at)
+#  changesets_created_at_idx                  (created_at)
+#  changesets_user_id_created_at_idx          (user_id,created_at)
+#  changesets_user_id_id_idx                  (user_id,id)
+#  index_changesets_on_user_id_and_closed_at  (user_id,closed_at)
 #
 # Foreign Keys
 #
@@ -44,8 +45,6 @@ class Changeset < ApplicationRecord
 
   validates :id, :uniqueness => true, :presence => { :on => :update },
                  :numericality => { :on => :update, :only_integer => true }
-  validates :user_id, :presence => true,
-                      :numericality => { :only_integer => true }
   validates :num_changes, :presence => true,
                           :numericality => { :only_integer => true,
                                              :greater_than_or_equal_to => 0 }
@@ -67,17 +66,17 @@ class Changeset < ApplicationRecord
   # Use a method like this, so that we can easily change how we
   # determine whether a changeset is open, without breaking code in at
   # least 6 controllers
-  def is_open?
+  def open?
     # a changeset is open (that is, it will accept further changes) when
     # it has not yet run out of time and its capacity is small enough.
     # note that this may not be a hard limit - due to timing changes and
     # concurrency it is possible that some changesets may be slightly
     # longer than strictly allowed or have slightly more changes in them.
-    ((closed_at > Time.now.getutc) && (num_changes <= MAX_ELEMENTS))
+    (closed_at > Time.now.utc) && (num_changes <= MAX_ELEMENTS)
   end
 
   def set_closed_time_now
-    self.closed_at = Time.now.getutc if is_open?
+    self.closed_at = Time.now.utc if open?
   end
 
   def self.from_xml(xml, create: false)
@@ -97,7 +96,7 @@ class Changeset < ApplicationRecord
   def self.from_xml_node(pt, create: false)
     cs = Changeset.new
     if create
-      cs.created_at = Time.now.getutc
+      cs.created_at = Time.now.utc
       # initial close time is 1h ahead, but will be increased on each
       # modification.
       cs.closed_at = cs.created_at + IDLE_TIMEOUT
@@ -122,7 +121,7 @@ class Changeset < ApplicationRecord
     @bbox ||= BoundingBox.new(min_lon, min_lat, max_lon, max_lat)
   end
 
-  def has_valid_bbox?
+  def bbox_valid?
     bbox.complete?
   end
 
@@ -131,6 +130,8 @@ class Changeset < ApplicationRecord
   def update_bbox!(bbox_update)
     bbox.expand!(bbox_update)
 
+    raise OSM::APISizeLimitExceeded if bbox.linear_size > size_limit
+
     # update active record. rails 2.1's dirty handling should take care of
     # whether this object needs saving or not.
     self.min_lon, self.min_lat, self.max_lon, self.max_lat = @bbox.to_a.collect(&:round) if bbox.complete?
@@ -172,7 +173,7 @@ class Changeset < ApplicationRecord
       save!
 
       tags = self.tags
-      ChangesetTag.where(:changeset_id => id).delete_all
+      ChangesetTag.where(:changeset => id).delete_all
 
       tags.each do |k, v|
         tag = ChangesetTag.new
@@ -189,11 +190,11 @@ class Changeset < ApplicationRecord
   # that would make it more than 24h long, in which case clip to
   # 24h, as this has been decided is a reasonable time limit.
   def update_closed_at
-    if is_open?
+    if open?
       self.closed_at = if (closed_at - created_at) > (MAX_TIME_OPEN - IDLE_TIMEOUT)
                          created_at + MAX_TIME_OPEN
                        else
-                         Time.now.getutc + IDLE_TIMEOUT
+                         Time.now.utc + IDLE_TIMEOUT
                        end
     end
   end
@@ -207,11 +208,29 @@ class Changeset < ApplicationRecord
     raise OSM::APIUserChangesetMismatchError unless user.id == user_id
 
     # can't change a closed changeset
-    raise OSM::APIChangesetAlreadyClosedError, self unless is_open?
+    raise OSM::APIChangesetAlreadyClosedError, self unless open?
 
     # copy the other's tags
     self.tags = other.tags
 
     save_with_tags!
   end
+
+  def subscribe(user)
+    subscribers << user
+  end
+
+  def unsubscribe(user)
+    subscribers.delete(user)
+  end
+
+  def subscribed?(user)
+    subscribers.exists?(user.id)
+  end
+
+  def size_limit
+    @size_limit ||= ActiveRecord::Base.connection.select_value(
+      "SELECT api_size_limit($1)", "api_size_limit", [user_id]
+    )
+  end
 end