X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/9cfaeb5460cffcb20422ee3a89d5adf8bdb630bf..e0eb2b79b7ee19bcf6254cd0d652b9f1248a0fe8:/app/controllers/amf_controller.rb diff --git a/app/controllers/amf_controller.rb b/app/controllers/amf_controller.rb index 03b354b6a..7df237de8 100644 --- a/app/controllers/amf_controller.rb +++ b/app/controllers/amf_controller.rb @@ -76,7 +76,7 @@ class AmfController < ApplicationController logger.info("Executing AMF #{message}(#{args.join(',')}):#{index}") case message - when 'getpresets'; results[index]=AMF.putdata(index,getpresets(args[0])) + when 'getpresets'; results[index]=AMF.putdata(index,getpresets(*args)) when 'whichways'; results[index]=AMF.putdata(index,whichways(*args)) when 'whichways_deleted'; results[index]=AMF.putdata(index,whichways_deleted(*args)) when 'getway'; results[index]=AMF.putdata(index,getway(args[0].to_i)) @@ -127,14 +127,13 @@ class AmfController < ApplicationController case message when 'putway'; orn=renumberednodes.dup r=putway(renumberednodes,*args) - r[4]=renumberednodes.dup - r[4].delete_if { |k,v| orn.has_key?(k) } + r[4]=renumberednodes.reject { |k,v| orn.has_key?(k) } if r[2] != r[3] then renumberedways[r[2]] = r[3] end results[index]=AMF.putdata(index,r) when 'putrelation'; results[index]=AMF.putdata(index,putrelation(renumberednodes, renumberedways, *args)) when 'deleteway'; results[index]=AMF.putdata(index,deleteway(*args)) when 'putpoi'; r=putpoi(*args) - if r[2] != r[3] then renumberednodes[r[2]] = r[3] end + if r[2] != r[3] then renumberednodes[r[2]] = r[3] end results[index]=AMF.putdata(index,r) when 'startchangeset'; results[index]=AMF.putdata(index,startchangeset(*args)) end @@ -150,10 +149,10 @@ class AmfController < ApplicationController private - def amf_handle_error(call) + def amf_handle_error(call,rootobj,rootid) yield rescue OSM::APIVersionMismatchError => ex - return [-3, [ex.type.downcase, ex.latest, ex.id]] + return [-3, [rootobj, rootid], [ex.type.downcase, ex.id, ex.latest]] rescue OSM::APIUserChangesetMismatchError => ex return [-2, ex.to_s] rescue OSM::APIBadBoundingBox => ex @@ -164,8 +163,8 @@ class AmfController < ApplicationController return [-2, "An unusual error happened (in #{call}). The server said: #{ex.to_s}"] end - def amf_handle_error_with_timeout(call) - amf_handle_error(call) do + def amf_handle_error_with_timeout(call,rootobj,rootid) + amf_handle_error(call,rootobj,rootid) do Timeout::timeout(APP_CONFIG['api_timeout'], OSM::APITimeoutError) do yield end @@ -176,9 +175,10 @@ class AmfController < ApplicationController # Returns success_code,success_message,changeset id def startchangeset(usertoken, cstags, closeid, closecomment, opennew) - amf_handle_error("'startchangeset'") do + amf_handle_error("'startchangeset'",nil,nil) do user = getuser(usertoken) if !user then return -1,"You are not logged in, so Potlatch can't write any changes to the database." end + unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end # close previous changeset and add comment if closeid @@ -214,23 +214,57 @@ class AmfController < ApplicationController # Return presets (default tags, localisation etc.): # uses POTLATCH_PRESETS global, set up in OSM::Potlatch. - def getpresets(lang) #:doc: - lang.gsub!(/[^\w\-]/,'') + def getpresets(usertoken,lang) #:doc: + user = getuser(usertoken) - begin - localised = YAML::load(File.open("#{RAILS_ROOT}/config/potlatch/localised/#{lang}/localised.yaml")) - rescue - localised = "" # guess we'll just have to use the hardcoded English text instead + if user && !user.languages.empty? + request.user_preferred_languages = user.languages end - begin - help = File.read("#{RAILS_ROOT}/config/potlatch/localised/#{lang}/help.html") - rescue - help = File.read("#{RAILS_ROOT}/config/potlatch/localised/en/help.html") - end + lang = request.compatible_language_from(getlocales) + (real_lang, localised) = getlocalized(lang) + + # Tell Potlatch what language it's using + localised["__potlatch_locale"] = real_lang + + # Get help from i18n but delete it so we won't pass it around + # twice for nothing + help = localised["help_html"] + localised.delete("help_html") + + # Populate icon names + POTLATCH_PRESETS[10].each { |id| + POTLATCH_PRESETS[11][id] = localised["preset_icon_#{id}"] + localised.delete("preset_icon_#{id}") + } + return POTLATCH_PRESETS+[localised,help] end + def getlocalized(lang) + # What we end up actually using. Reported in Potlatch's created_by=* string + loaded_lang = 'en' + + # Load English defaults + en = YAML::load(File.open("#{RAILS_ROOT}/config/potlatch/locales/en.yml"))["en"] + + if lang == 'en' + return [loaded_lang, en] + else + # Use English as a fallback + begin + other = YAML::load(File.open("#{RAILS_ROOT}/config/potlatch/locales/#{lang}.yml"))[lang] + loaded_lang = lang + rescue + other = en + end + + # We have to return a flat list and some of the keys won't be + # translated (probably) + return [loaded_lang, en.merge(other)] + end + end + ## # Find all the ways, POI nodes (i.e. not part of ways), and relations # in a given bounding box. Nodes are returned in full; ways and relations @@ -246,7 +280,7 @@ class AmfController < ApplicationController # used in any way, rel is any relation which refers to either a way # or node that we're returning. def whichways(xmin, ymin, xmax, ymax) #:doc: - amf_handle_error_with_timeout("'whichways'") do + amf_handle_error_with_timeout("'whichways'",nil,nil) do enlarge = [(xmax-xmin)/8,0.01].min xmin -= enlarge; ymin -= enlarge xmax += enlarge; ymax += enlarge @@ -286,7 +320,7 @@ class AmfController < ApplicationController # with a deleted node only - not POIs or relations). def whichways_deleted(xmin, ymin, xmax, ymax) #:doc: - amf_handle_error_with_timeout("'whichways_deleted'") do + amf_handle_error_with_timeout("'whichways_deleted'",nil,nil) do enlarge = [(xmax-xmin)/8,0.01].min xmin -= enlarge; ymin -= enlarge xmax += enlarge; ymax += enlarge @@ -303,14 +337,15 @@ class AmfController < ApplicationController end # Get a way including nodes and tags. - # Returns the way id, a Potlatch-style array of points, a hash of tags, and the version number. + # Returns the way id, a Potlatch-style array of points, a hash of tags, the version number, and the user ID. def getway(wayid) #:doc: - amf_handle_error_with_timeout("'getway' #{wayid}") do + amf_handle_error_with_timeout("'getway' #{wayid}" ,'way',wayid) do if POTLATCH_USE_SQL then points = sql_get_nodes_in_way(wayid) tags = sql_get_tags_in_way(wayid) version = sql_get_way_version(wayid) + uid = sql_get_way_user(wayid) else # Ideally we would do ":include => :nodes" here but if we do that # then rails only seems to return the first copy of a node when a @@ -327,9 +362,10 @@ class AmfController < ApplicationController end tags = way.tags version = way.version + uid = way.changeset.user.id end - [0, '', wayid, points, tags, version] + [0, '', wayid, points, tags, version, uid] end end @@ -349,7 +385,7 @@ class AmfController < ApplicationController # 5. is this the current, visible version? (boolean) def getway_old(id, timestamp) #:doc: - amf_handle_error_with_timeout("'getway_old' #{id}, #{timestamp}") do + amf_handle_error_with_timeout("'getway_old' #{id}, #{timestamp}", 'way',id) do if timestamp == '' # undelete old_way = OldWay.find(:first, :conditions => ['visible = ? AND id = ?', true, id], :order => 'version DESC') @@ -416,7 +452,8 @@ class AmfController < ApplicationController # Remove any elements where 2 seconds doesn't elapse before next one revdates.delete_if { |d| revdates.include?(d+1) or revdates.include?(d+2) } # Collect all in one nested array - revdates.collect! {|d| [d.strftime("%d %b %Y, %H:%M:%S")] + revusers[d.to_i] } + revdates.collect! {|d| [d.succ.strftime("%d %b %Y, %H:%M:%S")] + revusers[d.to_i] } + revdates.uniq! return ['way', wayid, revdates] rescue ActiveRecord::RecordNotFound @@ -429,7 +466,7 @@ class AmfController < ApplicationController def getnode_history(nodeid) #:doc: begin history = Node.find(nodeid).old_nodes.reverse.collect do |old_node| - [old_node.timestamp.strftime("%d %b %Y, %H:%M:%S")] + change_user(old_node) + [old_node.timestamp.succ.strftime("%d %b %Y, %H:%M:%S")] + change_user(old_node) end return ['node', nodeid, history] rescue ActiveRecord::RecordNotFound @@ -448,9 +485,10 @@ class AmfController < ApplicationController # Returns array listing GPXs, each one comprising id, name and description. def findgpx(searchterm, usertoken) - amf_handle_error_with_timeout("'findgpx'") do + amf_handle_error_with_timeout("'findgpx'" ,nil,nil) do user = getuser(usertoken) - if !uid then return -1,"You must be logged in to search for GPX traces.",[] end + if !user then return -1,"You must be logged in to search for GPX traces.",[] end + unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked'),[] end gpxs = [] if searchterm.to_i>0 then @@ -477,7 +515,7 @@ class AmfController < ApplicationController # 5. version. def getrelation(relid) #:doc: - amf_handle_error("'getrelation' #{relid}") do + amf_handle_error("'getrelation' #{relid}" ,'relation',relid) do rel = Relation.find(:first, :conditions => { :id => relid }) return [-4, 'relation', relid, {}, [], nil] if rel.nil? or !rel.visible @@ -513,9 +551,12 @@ class AmfController < ApplicationController # 3. version. def putrelation(renumberednodes, renumberedways, usertoken, changeset_id, version, relid, tags, members, visible) #:doc: - amf_handle_error("'putrelation' #{relid}") do + amf_handle_error("'putrelation' #{relid}" ,'relation',relid) do user = getuser(usertoken) if !user then return -1,"You are not logged in, so the relation could not be saved." end + unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end + if !tags_ok(tags) then return -1,"One of the tags is invalid. Please pester Adobe to fix Flash on Linux." end + tags = strip_non_xml_chars tags relid = relid.to_i visible = (visible.to_i != 0) @@ -596,12 +637,15 @@ class AmfController < ApplicationController # 6. hash of node versions (node=>version) def putway(renumberednodes, usertoken, changeset_id, wayversion, originalway, pointlist, attributes, nodes, deletednodes) #:doc: - amf_handle_error("'putway' #{originalway}") do + amf_handle_error("'putway' #{originalway}" ,'way',originalway) do # -- Initialise user = getuser(usertoken) if !user then return -1,"You are not logged in, so the way could not be saved." end + unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end if pointlist.length < 2 then return -2,"Server error - way is only #{points.length} points long." end + if !tags_ok(attributes) then return -1,"One of the tags is invalid. Please pester Adobe to fix Flash on Linux." end + attributes = strip_non_xml_chars attributes originalway = originalway.to_i pointlist.collect! {|a| a.to_i } @@ -626,6 +670,11 @@ class AmfController < ApplicationController node.lat = lat node.lon = lon node.tags = a[4] + + # fixup node tags in a way as well + if !tags_ok(node.tags) then return -1,"One of the tags is invalid. Please pester Adobe to fix Flash on Linux." end + node.tags = strip_non_xml_chars node.tags + node.tags.delete('created_by') node.version = version if id <= 0 @@ -695,9 +744,12 @@ class AmfController < ApplicationController # 4. version. def putpoi(usertoken, changeset_id, version, id, lon, lat, tags, visible) #:doc: - amf_handle_error("'putpoi' #{id}") do + amf_handle_error("'putpoi' #{id}", 'node',id) do user = getuser(usertoken) if !user then return -1,"You are not logged in, so the point could not be saved." end + unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end + if !tags_ok(tags) then return -1,"One of the tags is invalid. Please pester Adobe to fix Flash on Linux." end + tags = strip_non_xml_chars tags id = id.to_i visible = (visible.to_i == 1) @@ -748,11 +800,12 @@ class AmfController < ApplicationController # Returns array of id, long, lat, hash of tags, (current) version. def getpoi(id,timestamp) #:doc: - amf_handle_error("'getpoi' #{id}") do + amf_handle_error("'getpoi' #{id}" ,'node',id) do + id = id.to_i n = Node.find(id) v = n.version unless timestamp == '' - n = OldNode.find(id, :conditions=>['timestamp=?',DateTime.strptime(timestamp, "%d %b %Y, %H:%M:%S")]) + n = OldNode.find(:first, :conditions => ['id = ? AND timestamp <= ?', id, timestamp], :order => 'timestamp DESC') end if n @@ -774,9 +827,10 @@ class AmfController < ApplicationController # Returns 0 (success), unchanged way id, new way version, new node versions. def deleteway(usertoken, changeset_id, way_id, way_version, deletednodes) #:doc: - amf_handle_error("'deleteway' #{way_id}") do + amf_handle_error("'deleteway' #{way_id}" ,'way',id) do user = getuser(usertoken) unless user then return -1,"You are not logged in, so the way could not be deleted." end + unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end way_id = way_id.to_i nodeversions = {} @@ -848,6 +902,34 @@ class AmfController < ApplicationController } end + def getlocales + Dir.glob("#{RAILS_ROOT}/config/potlatch/locales/*").collect { |f| File.basename(f, ".yml") } + end + + ## + # check that all key-value pairs are valid UTF-8. + def tags_ok(tags) + tags.each do |k, v| + return false unless UTF8.valid? k + return false unless UTF8.valid? v + end + return true + end + + ## + # strip characters which are invalid in XML documents from the strings + # in the +tags+ hash. + def strip_non_xml_chars(tags) + new_tags = Hash.new + unless tags.nil? + tags.each do |k, v| + new_k = k.delete "\000-\037", "^\011\012\015" + new_v = v.delete "\000-\037", "^\011\012\015" + new_tags[new_k] = new_v + end + end + return new_tags + end # ==================================================================== # Alternative SQL queries for getway/whichways @@ -938,7 +1020,11 @@ class AmfController < ApplicationController end def sql_get_way_version(wayid) - ActiveRecord::Base.connection.select_one("SELECT version FROM current_ways WHERE id=#{wayid.to_i}") + ActiveRecord::Base.connection.select_one("SELECT version FROM current_ways WHERE id=#{wayid.to_i}")['version'] + end + + def sql_get_way_user(wayid) + ActiveRecord::Base.connection.select_one("SELECT user FROM current_ways,changesets WHERE current_ways.id=#{wayid.to_i} AND current_ways.changeset=changesets.id")['user'] end end