X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/afe8dd51ece21325eea8a108515b9426764de5b2..2e2b556a254e25610d28083c4e87f0f9d3daa542:/app/controllers/changeset_controller.rb?ds=sidebyside diff --git a/app/controllers/changeset_controller.rb b/app/controllers/changeset_controller.rb index ebad59aa0..bba012a9c 100644 --- a/app/controllers/changeset_controller.rb +++ b/app/controllers/changeset_controller.rb @@ -4,8 +4,8 @@ class ChangesetController < ApplicationController layout 'site' require 'xml/libxml' - session :off, :except => [:list] - before_filter :authorize_web, :only => [:list] + session :off, :except => [:list, :list_user, :list_bbox] + before_filter :authorize_web, :only => [:list, :list_user, :list_bbox] before_filter :authorize, :only => [:create, :update, :delete, :upload, :include, :close] before_filter :check_write_availability, :only => [:create, :update, :delete, :upload, :include] before_filter :check_read_availability, :except => [:create, :update, :delete, :upload, :download, :query] @@ -114,6 +114,8 @@ class ChangesetController < ApplicationController render :nothing => true, :status => :method_not_allowed end + rescue LibXML::XML::Error, ArgumentError => ex + raise OSM::APIBadXMLError.new("osm", xml, ex.message) rescue ActiveRecord::RecordNotFound render :nothing => true, :status => :not_found rescue OSM::APIError => ex @@ -320,19 +322,26 @@ class ChangesetController < ApplicationController ## # list edits (changesets) belonging to a user def list_user - #find user by display name - user = User.find(:first, :conditions => [ "visible = ? and display_name = ?", true, params[:display_name]]) + user = User.find_by_display_name(params[:display_name], :conditions => {:visible => true}) - conditions = conditions_user(user.id); - conditions = cond_merge conditions, conditions_nonempty - @edit_pages, @edits = paginate(:changesets, - :include => [:user, :changeset_tags], - :conditions => conditions, - :order => "changesets.created_at DESC", - :per_page => 20) - - @display_name = user.display_name - # FIXME needs rescues in here + if user + @display_name = user.display_name + if not user.data_public? and @user != user + @edits = nil + render + else + conditions = cond_merge conditions, ['user_id = ?', user.id] + conditions = cond_merge conditions, conditions_nonempty + @edit_pages, @edits = paginate(:changesets, + :include => [:user, :changeset_tags], + :conditions => conditions, + :order => "changesets.created_at DESC", + :per_page => 20) + end + else + @not_found_user = params[:display_name] + render :template => 'user/no_such_user', :status => :not_found + end end ## @@ -341,8 +350,11 @@ class ChangesetController < ApplicationController # support 'bbox' param or alternatively 'minlon', 'minlat' etc if params['bbox'] bbox = params['bbox'] - elsif params['minlon'] and params['minlat'] and params['maxlon'] and params['maxlat'] - bbox = params['minlon'] + ',' + params['minlat'] + ',' + params['maxlon'] + ',' + params['maxlat'] + elsif params['minlon'] and params['minlat'] and params['maxlon'] and params['maxlat'] + bbox = h(params['minlon']) + ',' + h(params['minlat']) + ',' + h(params['maxlon']) + ',' + h(params['maxlat']) + else + #TODO: fix bugs in location determination for history tab (and other tabs) then uncomment this redirect + #redirect_to :action => 'list' end conditions = conditions_bbox(bbox); @@ -451,7 +463,7 @@ private # if parameter 'open' is nill then open and closed changsets are returned def conditions_open(open) return open.nil? ? nil : ['closed_at >= ? and num_changes <= ?', - DateTime.now, Changeset::MAX_ELEMENTS] + Time.now.getutc, Changeset::MAX_ELEMENTS] end ## @@ -459,7 +471,7 @@ private # ('closed at' time has passed or changes limit is hit) def conditions_closed(closed) return closed.nil? ? nil : ['closed_at < ? and num_changes > ?', - DateTime.now, Changeset::MAX_ELEMENTS] + Time.now.getutc, Changeset::MAX_ELEMENTS] end ##