+ # Get a list of the tiles that have changed within a specified time
+ # period
+ def changes
+ zoom = (params[:zoom] || "12").to_i
+
+ if params.include?(:start) && params.include?(:end)
+ starttime = Time.parse(params[:start])
+ endtime = Time.parse(params[:end])
+ else
+ hours = (params[:hours] || "1").to_i.hours
+ endtime = Time.now.getutc
+ starttime = endtime - hours
+ end
+
+ if zoom >= 1 && zoom <= 16 &&
+ endtime > starttime && endtime - starttime <= 24.hours
+ mask = (1 << zoom) - 1
+
+ tiles = Node.where(:timestamp => starttime..endtime).group("maptile_for_point(latitude, longitude, #{zoom})").count
+
+ doc = OSM::API.new.get_xml_doc
+ changes = XML::Node.new "changes"
+ changes["starttime"] = starttime.xmlschema
+ changes["endtime"] = endtime.xmlschema
+
+ tiles.each do |tile, count|
+ x = (tile.to_i >> zoom) & mask
+ y = tile.to_i & mask
+
+ t = XML::Node.new "tile"
+ t["x"] = x.to_s
+ t["y"] = y.to_s
+ t["z"] = zoom.to_s
+ t["changes"] = count.to_s
+
+ changes << t
+ end
+
+ doc.root << changes
+
+ render :xml => doc.to_s
+ else
+ render :plain => "Requested zoom is invalid, or the supplied start is after the end time, or the start duration is more than 24 hours", :status => :bad_request
+ end
+ end
+
+ # External apps that use the api are able to query the api to find out some
+ # parameters of the API. It currently returns:
+ # * minimum and maximum API versions that can be used.
+ # * maximum area that can be requested in a bbox request in square degrees
+ # * number of tracepoints that are returned in each tracepoints page
+ def capabilities
+ doc = OSM::API.new.get_xml_doc
+
+ api = XML::Node.new "api"
+ version = XML::Node.new "version"
+ version["minimum"] = API_VERSION.to_s
+ version["maximum"] = API_VERSION.to_s
+ api << version
+ area = XML::Node.new "area"
+ area["maximum"] = MAX_REQUEST_AREA.to_s
+ api << area
+ notearea = XML::Node.new "note_area"
+ notearea["maximum"] = MAX_NOTE_REQUEST_AREA.to_s
+ api << notearea
+ tracepoints = XML::Node.new "tracepoints"
+ tracepoints["per_page"] = TRACEPOINTS_PER_PAGE.to_s
+ api << tracepoints
+ waynodes = XML::Node.new "waynodes"
+ waynodes["maximum"] = MAX_NUMBER_OF_WAY_NODES.to_s
+ api << waynodes
+ changesets = XML::Node.new "changesets"
+ changesets["maximum_elements"] = Changeset::MAX_ELEMENTS.to_s
+ api << changesets
+ timeout = XML::Node.new "timeout"
+ timeout["seconds"] = API_TIMEOUT.to_s
+ api << timeout
+ status = XML::Node.new "status"
+ status["database"] = database_status.to_s
+ status["api"] = api_status.to_s
+ status["gpx"] = gpx_status.to_s
+ api << status
+ doc.root << api
+ policy = XML::Node.new "policy"
+ blacklist = XML::Node.new "imagery"
+ IMAGERY_BLACKLIST.each do |url_regex|
+ xnd = XML::Node.new "blacklist"
+ xnd["regex"] = url_regex.to_s
+ blacklist << xnd
+ end
+ policy << blacklist
+ doc.root << policy
+
+ render :xml => doc.to_s
+ end
+
+ # External apps that use the api are able to query which permissions
+ # they have. This currently returns a list of permissions granted to the current user:
+ # * if authenticated via OAuth, this list will contain all permissions granted by the user to the access_token.
+ # * if authenticated via basic auth all permissions are granted, so the list will contain all permissions.
+ # * unauthenticated users have no permissions, so the list will be empty.
+ def permissions
+ @permissions = if current_token.present?
+ ClientApplication.all_permissions.select { |p| current_token.read_attribute(p) }
+ elsif current_user
+ ClientApplication.all_permissions
+ else
+ []
+ end
+ end