# The NodeController is the RESTful interface to Node objects
module Api
- class NodesController < ApplicationController
+ class NodesController < ApiController
require "xml/libxml"
- skip_before_action :verify_authenticity_token
+ before_action :check_api_writable, :only => [:create, :update, :delete]
+ before_action :check_api_readable, :except => [:create, :update, :delete]
before_action :authorize, :only => [:create, :update, :delete]
- before_action :api_deny_access_handler
authorize_resource
before_action :require_public_data, :only => [:create, :update, :delete]
- before_action :check_api_writable, :only => [:create, :update, :delete]
- before_action :check_api_readable, :except => [:create, :update, :delete]
around_action :api_call_handle_error, :api_call_timeout
+ before_action :set_request_formats, :except => [:create, :update, :delete]
+
# Create a node from XML.
def create
assert_method :put
- node = Node.from_xml(request.raw_post, true)
+ node = Node.from_xml(request.raw_post, :create => true)
# Assume that Node.from_xml has thrown an exception if there is an error parsing the xml
node.create_with_history current_user
# Dump the details on a node given in params[:id]
def show
- node = Node.find(params[:id])
+ @node = Node.find(params[:id])
- response.last_modified = node.timestamp
+ response.last_modified = @node.timestamp
- if node.visible
- render :xml => node.to_xml.to_s
+ if @node.visible
+ # Render the result
+ respond_to do |format|
+ format.xml
+ format.json
+ end
else
head :gone
end
raise OSM::APIBadUserInput, "No nodes were given to search for" if ids.empty?
- doc = OSM::API.new.get_xml_doc
+ @nodes = Node.find(ids)
- Node.find(ids).each do |node|
- doc.root << node.to_xml_node
+ # Render the result
+ respond_to do |format|
+ format.xml
+ format.json
end
-
- render :xml => doc.to_s
end
end
end