X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/4f33014464004dee1b45e33831bb6528ead6d3f7..960d13488a875245570ee498ee9a1ed7cac37bbe:/app/controllers/trace_controller.rb?ds=sidebyside diff --git a/app/controllers/trace_controller.rb b/app/controllers/trace_controller.rb index 4db6e8e15..0467e66ba 100644 --- a/app/controllers/trace_controller.rb +++ b/app/controllers/trace_controller.rb @@ -1,7 +1,10 @@ class TraceController < ApplicationController + layout 'site' + before_filter :authorize_web before_filter :authorize, :only => [:api_details, :api_data, :api_create] - layout 'site' + before_filter :check_database_availability, :except => [:api_details, :api_data, :api_create] + before_filter :check_read_availability, :only => [:api_details, :api_data, :api_create] # Counts and selects pages of GPX traces for various criteria (by user, tags, public etc.). # target_user - if set, specifies the user to fetch traces for. if not set will fetch all traces @@ -83,14 +86,17 @@ class TraceController < ApplicationController def view @trace = Trace.find(params[:id]) - @title = "Viewing trace #{@trace.name}" - if !@trace.visible? - render :nothing => true, :status => :not_found - elsif !@trace.public? and @trace.user.id != @user.id - render :nothing => true, :status => :forbidden + + if @trace and @trace.visible? and + (@trace.public? or @trace.user.id == @user.id) + @title = "Viewing trace #{@trace.name}" + else + flash[:notice] = "Trace not found!" + redirect_to :controller => 'trace', :action => 'list' end rescue ActiveRecord::RecordNotFound - render :nothing => true, :status => :not_found + flash[:notice] = "Trace not found!" + redirect_to :controller => 'trace', :action => 'list' end def create @@ -196,7 +202,7 @@ class TraceController < ApplicationController conditions[0] += " AND users.display_name = ?" conditions << params[:display_name] end - + if params[:tag] conditions[0] += " AND EXISTS (SELECT * FROM gpx_file_tags AS gft WHERE gft.gpx_id = gpx_files.id AND gft.tag = ?)" conditions << params[:tag]