X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/945ff7911ca51dc250ffaba71f62821b5c0c0a95..6e612d953a555cabd24b49aa9e7d008c6b077086:/app/controllers/api_controller.rb?ds=inline diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb index 25e1e3b95..9324a8ed5 100644 --- a/app/controllers/api_controller.rb +++ b/app/controllers/api_controller.rb @@ -100,7 +100,7 @@ class ApiController < ApplicationController response.headers["Content-Disposition"] = "attachment; filename=\"tracks.gpx\"" - render :text => doc.to_s, :content_type => "text/xml" + render :xml => doc.to_s end # This is probably the most common call of all. It is used for getting the @@ -198,7 +198,7 @@ class ApiController < ApplicationController response.headers["Content-Disposition"] = "attachment; filename=\"map.osm\"" - render :text => doc.to_s, :content_type => "text/xml" + render :xml => doc.to_s end # Get a list of the tiles that have changed within a specified time @@ -241,9 +241,9 @@ class ApiController < ApplicationController doc.root << changes - render :text => doc.to_s, :content_type => "text/xml" + render :xml => doc.to_s else - render :text => "Requested zoom is invalid, or the supplied start is after the end time, or the start duration is more than 24 hours", :status => :bad_request + render :plain => "Requested zoom is invalid, or the supplied start is after the end time, or the start duration is more than 24 hours", :status => :bad_request end end @@ -263,6 +263,9 @@ class ApiController < ApplicationController area = XML::Node.new "area" area["maximum"] = MAX_REQUEST_AREA.to_s api << area + notearea = XML::Node.new "note_area" + notearea["maximum"] = MAX_NOTE_REQUEST_AREA.to_s + api << notearea tracepoints = XML::Node.new "tracepoints" tracepoints["per_page"] = TRACEPOINTS_PER_PAGE.to_s api << tracepoints @@ -291,7 +294,7 @@ class ApiController < ApplicationController policy << blacklist doc.root << policy - render :text => doc.to_s, :content_type => "text/xml" + render :xml => doc.to_s end # External apps that use the api are able to query which permissions @@ -300,10 +303,9 @@ class ApiController < ApplicationController # * if authenticated via basic auth all permissions are granted, so the list will contain all permissions. # * unauthenticated users have no permissions, so the list will be empty. def permissions - @permissions = case - when current_token.present? + @permissions = if current_token.present? ClientApplication.all_permissions.select { |p| current_token.read_attribute(p) } - when @user + elsif current_user ClientApplication.all_permissions else []