X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/77bece20ff81805e97e73d87e8dadabf1db13267..c1cccd40fc6af6b9790c9902581cf2e49006c084:/app/controllers/api/users_controller.rb diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb index d97e8774e..5ff275ee9 100644 --- a/app/controllers/api/users_controller.rb +++ b/app/controllers/api/users_controller.rb @@ -1,26 +1,15 @@ module Api class UsersController < ApiController before_action :disable_terms_redirect, :only => [:details] + before_action :setup_user_auth, :only => [:show, :index] before_action :authorize, :only => [:details, :gpx_files] authorize_resource - before_action :check_api_readable around_action :api_call_handle_error - before_action :lookup_user_by_id, :only => [:show] + load_resource :only => :show - def show - if @user.visible? - render :content_type => "text/xml" - else - head :gone - end - end - - def details - @user = current_user - render :action => :show, :content_type => "text/xml" - end + before_action :set_request_formats, :except => [:gpx_files] def index raise OSM::APIBadUserInput, "The parameter users is required, and must be of the form users=id[,id[,id...]]" unless params["users"] @@ -29,9 +18,34 @@ module Api raise OSM::APIBadUserInput, "No users were given to search for" if ids.empty? - @users = User.visible.find(ids) + @users = User.visible.where(:id => ids).in_order_of(:id, ids) - render :content_type => "text/xml" + # Render the result + respond_to do |format| + format.xml + format.json + end + end + + def show + if @user.visible? + # Render the result + respond_to do |format| + format.xml + format.json + end + else + head :gone + end + end + + def details + @user = current_user + # Render the result + respond_to do |format| + format.xml { render :show } + format.json { render :show } + end end def gpx_files @@ -41,14 +55,6 @@ module Api private - ## - # ensure that there is a "user" instance variable - def lookup_user_by_id - @user = User.find(params[:id]) - end - - ## - # def disable_terms_redirect # this is necessary otherwise going to the user terms page, when # having not agreed already would cause an infinite redirect loop.