- def api_read
- trace = Trace.visible.find(params[:id])
-
- if trace.public? || trace.user == current_user
- render :xml => trace.to_xml.to_s
- else
- head :forbidden
- end
- end
-
- def api_update
- trace = Trace.visible.find(params[:id])
-
- if trace.user == current_user
- trace.update_from_xml(request.raw_post)
- trace.save!
-
- head :ok
- else
- head :forbidden
- end
- end
-
- def api_delete
- trace = Trace.visible.find(params[:id])
-
- if trace.user == current_user
- trace.visible = false
- trace.save!
-
- head :ok
- else
- head :forbidden
- end
- end
-
- def api_data
- trace = Trace.visible.find(params[:id])
-
- if trace.public? || trace.user == current_user
- if request.format == Mime[:xml]
- send_data(trace.xml_file.read, :filename => "#{trace.id}.xml", :type => request.format.to_s, :disposition => "attachment")
- elsif request.format == Mime[:gpx]
- send_data(trace.xml_file.read, :filename => "#{trace.id}.gpx", :type => request.format.to_s, :disposition => "attachment")
- else
- send_file(trace.trace_name, :filename => "#{trace.id}#{trace.extension_name}", :type => trace.mime_type, :disposition => "attachment")
- end
- else
- head :forbidden
- end
- end
-
- def api_create
- tags = params[:tags] || ""
- description = params[:description] || ""
- visibility = params[:visibility]
-
- if visibility.nil?
- visibility = if params[:public] && params[:public].to_i.nonzero?
- "public"
- else
- "private"
- end
- end
-
- if params[:file].respond_to?(:read)
- trace = do_create(params[:file], tags, description, visibility)
-
- if trace.id
- render :plain => trace.id.to_s
- elsif trace.valid?
- head :internal_server_error
- else
- head :bad_request
- end
- else
- head :bad_request
- end
- end
-