module Api
- class NotesController < ApplicationController
- layout "site", :only => [:mine]
-
- skip_before_action :verify_authenticity_token
+ class NotesController < ApiController
before_action :check_api_readable
before_action :setup_user_auth, :only => [:create, :comment, :show]
- before_action :authorize, :only => [:close, :reopen, :destroy]
- before_action :api_deny_access_handler
+ before_action :authorize, :only => [:close, :reopen, :destroy, :comment]
authorize_resource
bbox.check_boundaries
# Check the the bounding box is not too big
- bbox.check_size(MAX_NOTE_REQUEST_AREA)
+ bbox.check_size(Settings.max_note_request_area)
# Find the notes we want to return
@notes = notes.bbox(bbox).order("updated_at DESC").limit(result_limit).preload(:comments)
bbox = BoundingBox.from_bbox_params(params)
bbox.check_boundaries
- bbox.check_size(MAX_NOTE_REQUEST_AREA)
+ bbox.check_size(Settings.max_note_request_area)
notes = notes.bbox(bbox)
end
raise OSM::APIBadUserInput, "Date #{params[:to]} is in a wrong format"
end
- @notes = @notes.where(:created_at => from..to)
+ @notes = if params[:sort] == "updated_at"
+ @notes.where(:updated_at => from..to)
+ else
+ @notes.where(:created_at => from..to)
+ end
end
+ # Choose the sort order
+ @notes = if params[:sort] == "created_at"
+ if params[:order] == "oldest"
+ @notes.order("created_at ASC")
+ else
+ @notes.order("created_at DESC")
+ end
+ else
+ if params[:order] == "oldest"
+ @notes.order("updated_at ASC")
+ else
+ @notes.order("updated_at DESC")
+ end
+ end
+
# Find the notes we want to return
- @notes = @notes.order("updated_at DESC").limit(result_limit).preload(:comments)
+ @notes = @notes.distinct.limit(result_limit).preload(:comments)
# Render the result
respond_to do |format|