require 'xml/libxml'
skip_before_filter :verify_authenticity_token, :except => [:list]
- before_filter :authorize_web, :only => [:list, :feed]
- before_filter :set_locale, :only => [:list, :feed]
- before_filter :authorize, :only => [:create, :update, :delete, :upload, :include, :close]
- before_filter :require_allow_write_api, :only => [:create, :update, :delete, :upload, :include, :close]
- before_filter :require_public_data, :only => [:create, :update, :delete, :upload, :include, :close]
- before_filter :check_api_writable, :only => [:create, :update, :delete, :upload, :include]
- before_filter :check_api_readable, :except => [:create, :update, :delete, :upload, :download, :query, :list, :feed]
- before_filter(:only => [:list, :feed]) { |c| c.check_database_readable(true) }
+ before_filter :authorize_web, :only => [:list, :feed, :comments_feed]
+ before_filter :set_locale, :only => [:list, :feed, :comments_feed]
+ before_filter :authorize, :only => [:create, :update, :delete, :upload, :include, :close, :comment, :subscribe, :unsubscribe, :hide_comment, :unhide_comment]
+ before_filter :require_moderator, :only => [:hide_comment, :unhide_comment]
+ before_filter :require_allow_write_api, :only => [:create, :update, :delete, :upload, :include, :close, :comment, :subscribe, :unsubscribe, :hide_comment, :unhide_comment]
+ before_filter :require_public_data, :only => [:create, :update, :delete, :upload, :include, :close, :comment, :subscribe, :unsubscribe]
+ before_filter :check_api_writable, :only => [:create, :update, :delete, :upload, :include, :comment, :subscribe, :unsubscribe, :hide_comment, :unhide_comment]
+ before_filter :check_api_readable, :except => [:create, :update, :delete, :upload, :download, :query, :list, :feed, :comment, :subscribe, :unsubscribe, :comments_feed]
+ before_filter(:only => [:list, :feed, :comments_feed]) { |c| c.check_database_readable(true) }
after_filter :compress_output
- around_filter :api_call_handle_error, :except => [:list, :feed]
- around_filter :web_timeout, :only => [:list, :feed]
+ around_filter :api_call_handle_error, :except => [:list, :feed, :comments_feed]
+ around_filter :web_timeout, :only => [:list, :feed, :comments_feed]
# Helper methods for checking consistency
include ConsistencyValidations
# Assume that Changeset.from_xml has thrown an exception if there is an error parsing the xml
cs.user_id = @user.id
cs.save_with_tags!
+
+ # Subscribe user to changeset comments
+ cs.subscribers << @user
+
render :text => cs.id.to_s, :content_type => "text/plain"
end
# return anything about the nodes, ways and relations in the changeset.
def read
changeset = Changeset.find(params[:id])
- render :text => changeset.to_xml.to_s, :content_type => "text/xml"
+
+ render :text => changeset.to_xml(params[:include_discussion].presence).to_s, :content_type => "text/xml"
end
##
check_changeset_consistency(cs, @user)
# keep an array of lons and lats
- lon = Array.new
- lat = Array.new
+ lon = []
+ lat = []
# the request is in pseudo-osm format... this is kind-of an
# abuse, maybe should change to some other format?
changesets = conditions_time(changesets, params['time'])
changesets = conditions_open(changesets, params['open'])
changesets = conditions_closed(changesets, params['closed'])
+ changesets = conditions_ids(changesets, params['changesets'])
# create the results document
results = OSM::API.new.get_xml_doc
##
# list edits (open changesets) in reverse chronological order
def list
- if request.format == :atom and params[:max_id]
- redirect_to params.merge({ :max_id => nil }), :status => :moved_permanently
+ if request.format == :atom && params[:max_id]
+ redirect_to params.merge(:max_id => nil), :status => :moved_permanently
return
end
return
end
- if request.format == :html and !params[:list]
+ if request.format == :html && !params[:list]
require_oauth
render :action => :history, :layout => map_layout
else
changesets = conditions_nonempty(Changeset.all)
if params[:display_name]
- if user.data_public? or user == @user
+ if user.data_public? || user == @user
changesets = changesets.where(:user_id => user.id)
else
changesets = changesets.where("false")
elsif params[:bbox]
changesets = conditions_bbox(changesets, BoundingBox.from_bbox_params(params))
elsif params[:friends] && @user
- changesets = changesets.where(:user_id => @user.friend_users.public)
+ changesets = changesets.where(:user_id => @user.friend_users.identifiable)
elsif params[:nearby] && @user
changesets = changesets.where(:user_id => @user.nearby)
end
list
end
-private
+ ##
+ # Add a comment to a changeset
+ def comment
+ # Check the arguments are sane
+ fail OSM::APIBadUserInput.new("No id was given") unless params[:id]
+ fail OSM::APIBadUserInput.new("No text was given") if params[:text].blank?
+
+ # Extract the arguments
+ id = params[:id].to_i
+ body = params[:text]
+
+ # Find the changeset and check it is valid
+ changeset = Changeset.find(id)
+ fail OSM::APIChangesetNotYetClosedError.new(changeset) if changeset.is_open?
+
+ # Add a comment to the changeset
+ comment = changeset.comments.create(:changeset => changeset,
+ :body => body,
+ :author => @user)
+
+ # Notify current subscribers of the new comment
+ changeset.subscribers.each do |user|
+ if @user != user
+ Notifier.changeset_comment_notification(comment, user).deliver_now
+ end
+ end
+
+ # Add the commenter to the subscribers if necessary
+ changeset.subscribers << @user unless changeset.subscribers.exists?(@user.id)
+
+ # Return a copy of the updated changeset
+ render :text => changeset.to_xml.to_s, :content_type => "text/xml"
+ end
+
+ ##
+ # Adds a subscriber to the changeset
+ def subscribe
+ # Check the arguments are sane
+ fail OSM::APIBadUserInput.new("No id was given") unless params[:id]
+
+ # Extract the arguments
+ id = params[:id].to_i
+
+ # Find the changeset and check it is valid
+ changeset = Changeset.find(id)
+ fail OSM::APIChangesetNotYetClosedError.new(changeset) if changeset.is_open?
+ fail OSM::APIChangesetAlreadySubscribedError.new(changeset) if changeset.subscribers.exists?(@user.id)
+
+ # Add the subscriber
+ changeset.subscribers << @user
+
+ # Return a copy of the updated changeset
+ render :text => changeset.to_xml.to_s, :content_type => "text/xml"
+ end
+
+ ##
+ # Removes a subscriber from the changeset
+ def unsubscribe
+ # Check the arguments are sane
+ fail OSM::APIBadUserInput.new("No id was given") unless params[:id]
+
+ # Extract the arguments
+ id = params[:id].to_i
+
+ # Find the changeset and check it is valid
+ changeset = Changeset.find(id)
+ fail OSM::APIChangesetNotYetClosedError.new(changeset) if changeset.is_open?
+ fail OSM::APIChangesetNotSubscribedError.new(changeset) unless changeset.subscribers.exists?(@user.id)
+
+ # Remove the subscriber
+ changeset.subscribers.delete(@user)
+
+ # Return a copy of the updated changeset
+ render :text => changeset.to_xml.to_s, :content_type => "text/xml"
+ end
+
+ ##
+ # Sets visible flag on comment to false
+ def hide_comment
+ # Check the arguments are sane
+ fail OSM::APIBadUserInput.new("No id was given") unless params[:id]
+
+ # Extract the arguments
+ id = params[:id].to_i
+
+ # Find the changeset
+ comment = ChangesetComment.find(id)
+
+ # Hide the comment
+ comment.update(:visible => false)
+
+ # Return a copy of the updated changeset
+ render :text => comment.changeset.to_xml.to_s, :content_type => "text/xml"
+ end
+
+ ##
+ # Sets visible flag on comment to true
+ def unhide_comment
+ # Check the arguments are sane
+ fail OSM::APIBadUserInput.new("No id was given") unless params[:id]
+
+ # Extract the arguments
+ id = params[:id].to_i
+
+ # Find the changeset
+ comment = ChangesetComment.find(id)
+
+ # Unhide the comment
+ comment.update(:visible => true)
+
+ # Return a copy of the updated changeset
+ render :text => comment.changeset.to_xml.to_s, :content_type => "text/xml"
+ end
+
+ ##
+ # Get a feed of recent changeset comments
+ def comments_feed
+ if params[:id]
+ # Extract the arguments
+ id = params[:id].to_i
+
+ # Find the changeset
+ changeset = Changeset.find(id)
+
+ # Return comments for this changeset only
+ @comments = changeset.comments.includes(:author, :changeset).limit(comments_limit)
+ else
+ # Return comments
+ @comments = ChangesetComment.includes(:author, :changeset).where(:visible => :true).order("created_at DESC").limit(comments_limit).preload(:changeset)
+ end
+
+ # Render the result
+ respond_to do |format|
+ format.rss
+ end
+ end
+
+ private
+
#------------------------------------------------------------
# utility functions below.
#------------------------------------------------------------
##
# restrict changesets to those by a particular user
def conditions_user(changesets, user, name)
- unless user.nil? and name.nil?
+ unless user.nil? && name.nil?
# shouldn't provide both name and UID
- raise OSM::APIBadUserInput.new("provide either the user ID or display name, but not both") if user and name
+ fail OSM::APIBadUserInput.new("provide either the user ID or display name, but not both") if user && name
# use either the name or the UID to find the user which we're selecting on.
u = if name.nil?
# user input checking, we don't have any UIDs < 1
- raise OSM::APIBadUserInput.new("invalid user ID") if user.to_i < 1
+ fail OSM::APIBadUserInput.new("invalid user ID") if user.to_i < 1
u = User.find(user.to_i)
else
u = User.find_by_display_name(name)
end
# make sure we found a user
- raise OSM::APINotFoundError.new if u.nil?
+ fail OSM::APINotFoundError.new if u.nil?
# should be able to get changesets of public users only, or
# our own changesets regardless of public-ness.
# changesets if they're non-public
setup_user_auth
- raise OSM::APINotFoundError if @user.nil? or @user.id != u.id
+ fail OSM::APINotFoundError if @user.nil? || @user.id != u.id
end
return changesets.where(:user_id => u.id)
else
if time.count(',') == 1
# check that we actually have 2 elements in the array
times = time.split(/,/)
- raise OSM::APIBadUserInput.new("bad time range") if times.size != 2
+ fail OSM::APIBadUserInput.new("bad time range") if times.size != 2
from, to = times.collect { |t| DateTime.parse(t) }
return changesets.where("closed_at >= ? and created_at <= ?", from, to)
end
end
+ ##
+ # query changesets by a list of ids
+ # (either specified as array or comma-separated string)
+ def conditions_ids(changesets, ids)
+ if ids.nil?
+ return changesets
+ elsif ids.empty?
+ fail OSM::APIBadUserInput.new("No changesets were given to search for")
+ else
+ ids = ids.split(',').collect(&:to_i)
+ return changesets.where(:id => ids)
+ end
+ end
+
##
# eliminate empty changesets (where the bbox has not been set)
# this should be applied to all changeset list displays
def conditions_nonempty(changesets)
- return changesets.where("num_changes > 0")
+ changesets.where("num_changes > 0")
end
+ ##
+ # Get the maximum number of comments to return
+ def comments_limit
+ if params[:limit]
+ if params[:limit].to_i > 0 && params[:limit].to_i <= 10000
+ params[:limit].to_i
+ else
+ fail OSM::APIBadUserInput.new("Comments limit must be between 1 and 10000")
+ end
+ else
+ 100
+ end
+ end
end