X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/8e5364b2f2162568cb23263cea9ad69122546ff7..1ecf3ebd687929ff9abdccf7373976721eeb2777:/app/controllers/notes_controller.rb?ds=sidebyside diff --git a/app/controllers/notes_controller.rb b/app/controllers/notes_controller.rb index 1f5b990cc..e037a48c9 100644 --- a/app/controllers/notes_controller.rb +++ b/app/controllers/notes_controller.rb @@ -3,9 +3,13 @@ class NotesController < ApplicationController layout 'site', :only => [:mine] before_filter :check_api_readable - before_filter :authorize_web, :only => [:create, :comment, :close, :destroy, :mine] + before_filter :authorize_web, :only => [:mine] + before_filter :setup_user_auth, :only => [:create, :comment] + before_filter :authorize, :only => [:close, :destroy] + before_filter :require_moderator, :only => [:destroy] before_filter :check_api_writable, :only => [:create, :comment, :close, :destroy] - before_filter :set_locale, :only => [:mine] + before_filter :require_allow_write_notes, :only => [:create, :comment, :close, :destroy] + before_filter :set_locale after_filter :compress_output around_filter :api_call_handle_error, :api_call_timeout @@ -52,7 +56,7 @@ class NotesController < ApplicationController # Check the arguments are sane raise OSM::APIBadUserInput.new("No lat was given") unless params[:lat] raise OSM::APIBadUserInput.new("No lon was given") unless params[:lon] - raise OSM::APIBadUserInput.new("No text was given") unless params[:text] + raise OSM::APIBadUserInput.new("No text was given") if params[:text].blank? # Extract the arguments lon = params[:lon].to_f @@ -84,7 +88,7 @@ class NotesController < ApplicationController def comment # Check the arguments are sane raise OSM::APIBadUserInput.new("No id was given") unless params[:id] - raise OSM::APIBadUserInput.new("No text was given") unless params[:text] + raise OSM::APIBadUserInput.new("No text was given") if params[:text].blank? # Extract the arguments id = params[:id].to_i @@ -93,7 +97,8 @@ class NotesController < ApplicationController # Find the note and check it is valid @note = Note.find(id) raise OSM::APINotFoundError unless @note - raise OSM::APIAlreadyDeletedError unless @note.visible? + raise OSM::APIAlreadyDeletedError.new("note", @note.id) unless @note.visible? + raise OSM::APINoteAlreadyClosedError.new(@note) if @note.closed? # Add a comment to the note Note.transaction do @@ -120,7 +125,8 @@ class NotesController < ApplicationController # Find the note and check it is valid @note = Note.find_by_id(id) raise OSM::APINotFoundError unless @note - raise OSM::APIAlreadyDeletedError unless @note.visible? + raise OSM::APIAlreadyDeletedError.new("note", @note.id) unless @note.visible? + raise OSM::APINoteAlreadyClosedError.new(@note) if @note.closed? # Close the note and add a comment Note.transaction do @@ -170,8 +176,8 @@ class NotesController < ApplicationController # Find the note and check it is valid @note = Note.find(params[:id]) raise OSM::APINotFoundError unless @note - raise OSM::APIAlreadyDeletedError unless @note.visible? - + raise OSM::APIAlreadyDeletedError.new("note", @note.id) unless @note.visible? + # Render the result respond_to do |format| format.xml @@ -189,22 +195,26 @@ class NotesController < ApplicationController # Extract the arguments id = params[:id].to_i + comment = params[:text] # Find the note and check it is valid - note = Note.find(id) - raise OSM::APINotFoundError unless note - raise OSM::APIAlreadyDeletedError unless note.visible? + @note = Note.find(id) + raise OSM::APINotFoundError unless @note + raise OSM::APIAlreadyDeletedError.new("note", @note.id) unless @note.visible? # Mark the note as hidden Note.transaction do - note.status = "hidden" - note.save + @note.status = "hidden" + @note.save - add_comment(note, nil, "hidden") + add_comment(@note, comment, "hidden") end - # Render the result - render :text => "ok\n", :content_type => "text/html" + # Return a copy of the updated note + respond_to do |format| + format.xml { render :action => :show } + format.json { render :action => :show } + end end ##