# The ChangesetController is the RESTful interface to Changeset objects
class ChangesetController < ApplicationController
+ layout 'site'
require 'xml/libxml'
- require 'diff_reader'
+ session :off, :except => [:list]
+ before_filter :authorize_web, :only => [:list]
before_filter :authorize, :only => [:create, :update, :delete, :upload, :include, :close]
before_filter :check_write_availability, :only => [:create, :update, :delete, :upload, :include]
before_filter :check_read_availability, :except => [:create, :update, :delete, :upload, :download, :query]
# Help methods for checking boundary sanity and area size
include MapBoundary
+ # Helper methods for checking consistency
+ include ConsistencyValidations
+
# Create a changeset from XML.
def create
if request.put?
end
end
+ ##
+ # Return XML giving the basic info about the changeset. Does not
+ # return anything about the nodes, ways and relations in the changeset.
def read
begin
changeset = Changeset.find(params[:id])
return
end
- changeset = Changeset.find(params[:id])
-
- unless @user.id == changeset.user_id
- raise OSM::APIUserChangesetMismatchError
- end
-
+ changeset = Changeset.find(params[:id])
+ check_changeset_consistency(changeset, @user)
+
# to close the changeset, we'll just set its closed_at time to
# now. this might not be enough if there are concurrency issues,
# but we'll have to wait and see.
- changeset.closed_at = DateTime.now
+ changeset.set_closed_time_now
changeset.save!
render :nothing => true
# increase the size of the bounding box. this is a hint that clients can
# set either before uploading a large number of changes, or changes that
# the client (but not the server) knows will affect areas further away.
- def include
+ def expand_bbox
# only allow POST requests, because although this method is
# idempotent, there is no "document" to PUT really...
if request.post?
cs = Changeset.find(params[:id])
-
- # check user credentials - only the user who opened a changeset
- # may alter it.
- unless @user.id == cs.user_id
- raise OSM::APIUserChangesetMismatchError
- end
+ check_changeset_consistency(cs, @user)
# keep an array of lons and lats
lon = Array.new
end
changeset = Changeset.find(params[:id])
-
- # access control - only the user who created a changeset may
- # upload to it.
- unless @user.id == changeset.user_id
- raise OSM::APIUserChangesetMismatchError
- end
+ check_changeset_consistency(changeset, @user)
diff_reader = DiffReader.new(request.raw_post, changeset)
Changeset.transaction do
new_changeset = Changeset.from_xml(request.raw_post)
unless new_changeset.nil?
+ check_changeset_consistency(changeset, @user)
changeset.update_from(new_changeset, @user)
render :text => changeset.to_xml, :mime_type => "text/xml"
else
render ex.render_opts
end
+ ##
+ # list edits belonging to a user
+ def list
+ user = User.find(:first, :conditions => [ "visible = ? and display_name = ?", true, params[:display_name]])
+ @edit_pages, @edits = paginate(:changesets,
+ :include => [:user, :changeset_tags],
+ :conditions => ["changesets.user_id = ? AND min_lat IS NOT NULL", user.id],
+ :order => "changesets.created_at DESC",
+ :per_page => 20)
+
+ @action = 'list'
+ @display_name = user.display_name
+ # FIXME needs rescues in here
+ end
+
+private
#------------------------------------------------------------
# utility functions below.
#------------------------------------------------------------
##
# restrict changes to those which are open
+ #
+ # at the moment this code assumes we're only interested in open
+ # changesets and gives no facility to query closed changesets. this
+ # would be reasonably simple to implement if anyone actually wants
+ # it?
def conditions_open(open)
- return open.nil? ? nil : ['closed_at >= ?', DateTime.now]
+ return open.nil? ? nil : ['closed_at >= ? and num_changes <= ?',
+ DateTime.now, Changeset::MAX_ELEMENTS]
end
end