X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/0093db5ffba2c05c5f48824531cd72130b0ba5b1..5cfc163bc2d47c2a1c179127111e287eebbbda75:/app/controllers/old_controller.rb?ds=inline diff --git a/app/controllers/old_controller.rb b/app/controllers/old_controller.rb index c23df70df..9adf141d9 100644 --- a/app/controllers/old_controller.rb +++ b/app/controllers/old_controller.rb @@ -2,28 +2,27 @@ # into one place. as it turns out, the API methods for historical # nodes, ways and relations are basically identical. class OldController < ApplicationController - require 'xml/libxml' + require "xml/libxml" - skip_before_filter :verify_authenticity_token - before_filter :setup_user_auth, :only => [ :history, :version ] - before_filter :authorize, :only => [ :redact ] - before_filter :authorize_moderator, :only => [ :redact ] - before_filter :require_allow_write_api, :only => [ :redact ] - before_filter :check_api_readable - before_filter :check_api_writable, :only => [ :redact ] - after_filter :compress_output - around_filter :api_call_handle_error, :api_call_timeout - before_filter :lookup_old_element, :except => [ :history ] - before_filter :lookup_old_element_versions, :only => [ :history ] + skip_before_action :verify_authenticity_token + before_action :setup_user_auth, :only => [:history, :version] + before_action :authorize, :only => [:redact] + before_action :authorize_moderator, :only => [:redact] + before_action :require_allow_write_api, :only => [:redact] + before_action :check_api_readable + before_action :check_api_writable, :only => [:redact] + around_action :api_call_handle_error, :api_call_timeout + before_action :lookup_old_element, :except => [:history] + before_action :lookup_old_element_versions, :only => [:history] def history # the .where() method used in the lookup_old_element_versions - # call won't throw an error if no records are found, so we have + # call won't throw an error if no records are found, so we have # to do that ourselves. - raise OSM::APINotFoundError.new if @elements.empty? + raise OSM::APINotFoundError if @elements.empty? doc = OSM::API.new.get_xml_doc - + visible_elements = if show_redactions? @elements else @@ -33,45 +32,44 @@ class OldController < ApplicationController visible_elements.each do |element| doc.root << element.to_xml_node end - - render :text => doc.to_s, :content_type => "text/xml" + + render :xml => doc.to_s end - + def version - if @old_element.redacted? and not show_redactions? - render :nothing => true, :status => :forbidden + if @old_element.redacted? && !show_redactions? + head :forbidden else response.last_modified = @old_element.timestamp - + doc = OSM::API.new.get_xml_doc doc.root << @old_element.to_xml_node - - render :text => doc.to_s, :content_type => "text/xml" + + render :xml => doc.to_s end end def redact - redaction_id = params['redaction'] - unless redaction_id.nil? + redaction_id = params["redaction"] + if redaction_id.nil? + # if no redaction ID was provided, then this is an unredact + # operation. + @old_element.redact!(nil) + else # if a redaction ID was specified, then set this element to # be redacted in that redaction. redaction = Redaction.find(redaction_id.to_i) @old_element.redact!(redaction) - - else - # if no redaction ID was provided, then this is an unredact - # operation. - @old_element.redact!(nil) end - + # just return an empty 200 OK for success - render :nothing => true + head :ok end private - + def show_redactions? - @user and @user.moderator? and params[:show_redactions] == "true" + current_user && current_user.moderator? && params[:show_redactions] == "true" end end