+ # Get a list of the tiles that have changed within a specified time
+ # period
+ def changes
+ zoom = (params[:zoom] || '12').to_i
+
+ if params.include?(:start) and params.include?(:end)
+ starttime = Time.parse(params[:start])
+ endtime = Time.parse(params[:end])
+ else
+ hours = (params[:hours] || '1').to_i.hours
+ endtime = Time.now.getutc
+ starttime = endtime - hours
+ end
+
+ if zoom >= 1 and zoom <= 16 and
+ endtime > starttime and endtime - starttime <= 24.hours
+ mask = (1 << zoom) - 1
+
+ tiles = Node.where(:timestamp => starttime .. endtime).group("maptile_for_point(latitude, longitude, #{zoom})").count
+
+ doc = OSM::API.new.get_xml_doc
+ changes = XML::Node.new 'changes'
+ changes["starttime"] = starttime.xmlschema
+ changes["endtime"] = endtime.xmlschema
+
+ tiles.each do |tile, count|
+ x = (tile.to_i >> zoom) & mask
+ y = tile.to_i & mask
+
+ t = XML::Node.new 'tile'
+ t["x"] = x.to_s
+ t["y"] = y.to_s
+ t["z"] = zoom.to_s
+ t["changes"] = count.to_s
+
+ changes << t
+ end
+
+ doc.root << changes
+
+ render :text => doc.to_s, :content_type => "text/xml"
+ else
+ render :text => "Requested zoom is invalid, or the supplied start is after the end time, or the start duration is more than 24 hours", :status => :bad_request
+ end
+ end
+
+ # External apps that use the api are able to query the api to find out some
+ # parameters of the API. It currently returns:
+ # * minimum and maximum API versions that can be used.
+ # * maximum area that can be requested in a bbox request in square degrees
+ # * number of tracepoints that are returned in each tracepoints page
+ def capabilities
+ doc = OSM::API.new.get_xml_doc
+
+ api = XML::Node.new 'api'
+ version = XML::Node.new 'version'
+ version['minimum'] = "#{API_VERSION}";
+ version['maximum'] = "#{API_VERSION}";
+ api << version
+ area = XML::Node.new 'area'
+ area['maximum'] = MAX_REQUEST_AREA.to_s;
+ api << area
+ tracepoints = XML::Node.new 'tracepoints'
+ tracepoints['per_page'] = TRACEPOINTS_PER_PAGE.to_s
+ api << tracepoints
+ waynodes = XML::Node.new 'waynodes'
+ waynodes['maximum'] = MAX_NUMBER_OF_WAY_NODES.to_s
+ api << waynodes
+ changesets = XML::Node.new 'changesets'
+ changesets['maximum_elements'] = Changeset::MAX_ELEMENTS.to_s
+ api << changesets
+ timeout = XML::Node.new 'timeout'
+ timeout['seconds'] = API_TIMEOUT.to_s
+ api << timeout
+ status = XML::Node.new 'status'
+ status['database'] = database_status.to_s
+ status['api'] = api_status.to_s
+ status['gpx'] = gpx_status.to_s
+ api << status
+ doc.root << api
+ policy = XML::Node.new 'policy'
+ blacklist = XML::Node.new 'imagery'
+ IMAGERY_BLACKLIST.each do |url_regex|
+ xnd = XML::Node.new 'blacklist'
+ xnd['regex'] = url_regex.to_s
+ blacklist << xnd
+ end
+ policy << blacklist
+ doc.root << policy
+
+ render :text => doc.to_s, :content_type => "text/xml"
+ end
+
+ # External apps that use the api are able to query which permissions
+ # they have. This currently returns a list of permissions granted to the current user:
+ # * if authenticated via OAuth, this list will contain all permissions granted by the user to the access_token.
+ # * if authenticated via basic auth all permissions are granted, so the list will contain all permissions.
+ # * unauthenticated users have no permissions, so the list will be empty.
+ def permissions
+ @permissions = case
+ when current_token.present?
+ ClientApplication.all_permissions.select { |p| current_token.read_attribute(p) }
+ when @user
+ ClientApplication.all_permissions
+ else
+ []
+ end
+ end