layout 'site'
require 'xml/libxml'
- session :off, :except => [:list]
- before_filter :authorize_web, :only => [:list]
+ session :off, :except => [:list, :list_user, :list_bbox]
+ before_filter :authorize_web, :only => [:list, :list_user, :list_bbox]
before_filter :authorize, :only => [:create, :update, :delete, :upload, :include, :close]
before_filter :check_write_availability, :only => [:create, :update, :delete, :upload, :include]
before_filter :check_read_availability, :except => [:create, :update, :delete, :upload, :download, :query]
##
# list edits (changesets) belonging to a user
def list_user
- #find user by display name
- user = User.find(:first, :conditions => [ "visible = ? and display_name = ?", true, params[:display_name]])
+ user = User.find_by_display_name(params[:display_name], :conditions => {:visible => true})
- conditions = conditions_user(user.id);
- conditions = cond_merge conditions, conditions_nonempty
- @edit_pages, @edits = paginate(:changesets,
- :include => [:user, :changeset_tags],
- :conditions => conditions,
- :order => "changesets.created_at DESC",
- :per_page => 20)
-
- @display_name = user.display_name
- # FIXME needs rescues in here
+ if user
+ @display_name = user.display_name
+ if not user.data_public? and @user != user
+ @edits = nil
+ render
+ else
+ conditions = cond_merge conditions, ['user_id = ?', user.id]
+ conditions = cond_merge conditions, conditions_nonempty
+ @edit_pages, @edits = paginate(:changesets,
+ :include => [:user, :changeset_tags],
+ :conditions => conditions,
+ :order => "changesets.created_at DESC",
+ :per_page => 20)
+ end
+ else
+ @not_found_user = params[:display_name]
+ render :template => 'user/no_such_user', :status => :not_found
+ end
end
##
# support 'bbox' param or alternatively 'minlon', 'minlat' etc
if params['bbox']
bbox = params['bbox']
- elsif params['minlon'] and params['minlat'] and params['maxlon'] and params['maxlat']
- bbox = params['minlon'] + ',' + params['minlat'] + ',' + params['maxlon'] + ',' + params['maxlat']
+ elsif params['minlon'] and params['minlat'] and params['maxlon'] and params['maxlat']
+ bbox = h(params['minlon']) + ',' + h(params['minlat']) + ',' + h(params['maxlon']) + ',' + h(params['maxlat'])
+ else
+ #TODO: fix bugs in location determination for history tab (and other tabs) then uncomment this redirect
+ #redirect_to :action => 'list'
end
conditions = conditions_bbox(bbox);