X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/95fa8931637edf5c2250cb11aa59fd3a5ab2e6a1..38255f9f8d7363b51350338fdda5753647aca1af:/app/controllers/application_controller.rb?ds=sidebyside diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 70a635404..4ac3297c6 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -3,6 +3,8 @@ class ApplicationController < ActionController::Base protect_from_forgery + before_filter :fetch_body + if STATUS == :database_readonly or STATUS == :database_offline def self.cache_sweeper(*sweepers) end @@ -53,6 +55,10 @@ class ApplicationController < ActionController::Base end end + def require_oauth + @oauth = @user.access_token(OAUTH_KEY) if @user and defined? OAUTH_KEY + end + ## # requires the user to be logged in by the token or HTTP methods, or have an # OAuth token with the right capability. this method is a bit of a pain to call @@ -404,7 +410,20 @@ class ApplicationController < ActionController::Base format.all { render :nothing => true, :status => :not_found } end end - + + ## + # Unfortunately if a PUT or POST request that has a body fails to + # read it then Apache will sometimes fail to return the response it + # is given to the client properly, instead erroring: + # + # https://issues.apache.org/bugzilla/show_bug.cgi?id=44782 + # + # To work round this we call rewind on the body here, which is added + # as a filter, to force it to be fetched from Apache into a file. + def fetch_body + request.body.rewind + end + private # extract authorisation credentials from headers, returns user = nil if none