X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/4ec85171fd7b484ea701e5d9d6c009e72dbbd7de..473d7cd179b2be697c8f1d9104fd3c556d14483e:/app/controllers/api/changesets_controller.rb diff --git a/app/controllers/api/changesets_controller.rb b/app/controllers/api/changesets_controller.rb index 354b0b9c2..0dffd4de2 100644 --- a/app/controllers/api/changesets_controller.rb +++ b/app/controllers/api/changesets_controller.rb @@ -4,13 +4,13 @@ module Api class ChangesetsController < ApiController require "xml/libxml" + before_action :check_api_writable, :only => [:create, :update, :upload, :subscribe, :unsubscribe] + before_action :check_api_readable, :except => [:create, :update, :upload, :download, :query, :subscribe, :unsubscribe] before_action :authorize, :only => [:create, :update, :upload, :close, :subscribe, :unsubscribe] authorize_resource before_action :require_public_data, :only => [:create, :update, :upload, :close, :subscribe, :unsubscribe] - before_action :check_api_writable, :only => [:create, :update, :upload, :subscribe, :unsubscribe] - before_action :check_api_readable, :except => [:create, :update, :upload, :download, :query, :subscribe, :unsubscribe] before_action :set_request_formats, :except => [:create, :close, :upload] around_action :api_call_handle_error @@ -19,6 +19,20 @@ module Api # Helper methods for checking consistency include ConsistencyValidations + ## + # Return XML giving the basic info about the changeset. Does not + # return anything about the nodes, ways and relations in the changeset. + def show + @changeset = Changeset.find(params[:id]) + @include_discussion = params[:include_discussion].presence + render "changeset" + + respond_to do |format| + format.xml + format.json + end + end + # Create a changeset from XML. def create assert_method :put @@ -35,20 +49,6 @@ module Api render :plain => cs.id.to_s end - ## - # Return XML giving the basic info about the changeset. Does not - # return anything about the nodes, ways and relations in the changeset. - def show - @changeset = Changeset.find(params[:id]) - @include_discussion = params[:include_discussion].presence - render "changeset" - - respond_to do |format| - format.xml - format.json - end - end - ## # marks a changeset as closed. this may be called multiple times # on the same changeset, so is idempotent. @@ -171,7 +171,7 @@ module Api changesets = conditions_ids(changesets, params["changesets"]) # sort and limit the changesets - changesets = changesets.order("created_at DESC").limit(100) + changesets = changesets.order("created_at DESC").limit(result_limit) # preload users, tags and comments, and render result @changesets = changesets.preload(:user, :changeset_tags, :comments) @@ -383,5 +383,19 @@ module Api changesets.where(:id => ids) end end + + ## + # Get the maximum number of results to return + def result_limit + if params[:limit] + if params[:limit].to_i.positive? && params[:limit].to_i <= Settings.max_changeset_query_limit + params[:limit].to_i + else + raise OSM::APIBadUserInput, "Changeset limit must be between 1 and #{Settings.max_changeset_query_limit}" + end + else + Settings.default_changeset_query_limit + end + end end end