X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/baf10cd39289cd7e94a819305e46f43e85a136c6..74e1d7336ef926d4c3ef986abd8b899a7c4b6704:/app/controllers/amf_controller.rb diff --git a/app/controllers/amf_controller.rb b/app/controllers/amf_controller.rb index aa2156e8e..fdad432a8 100644 --- a/app/controllers/amf_controller.rb +++ b/app/controllers/amf_controller.rb @@ -38,30 +38,35 @@ class AmfController < ApplicationController include Potlatch - skip_before_filter :verify_authenticity_token - before_filter :check_api_writable + skip_before_action :verify_authenticity_token + before_action :check_api_writable + + # AMF Controller implements its own authentication and authorization checks + # completely independently of the rest of the codebase, so best just to let + # it keep doing its own thing. + skip_authorization_check # Main AMF handlers: process the raw AMF string (using AMF library) and # calls each action (private method) accordingly. def amf_read self.status = :ok - self.content_type = Mime::AMF + self.content_type = Mime[:amf] self.response_body = Dispatcher.new(request.raw_post) do |message, *args| logger.info("Executing AMF #{message}(#{args.join(',')})") case message - when 'getpresets' then result = getpresets(*args) - when 'whichways' then result = whichways(*args) - when 'whichways_deleted' then result = whichways_deleted(*args) - when 'getway' then result = getway(args[0].to_i) - when 'getrelation' then result = getrelation(args[0].to_i) - when 'getway_old' then result = getway_old(args[0].to_i, args[1]) - when 'getway_history' then result = getway_history(args[0].to_i) - when 'getnode_history' then result = getnode_history(args[0].to_i) - when 'findgpx' then result = findgpx(*args) - when 'findrelations' then result = findrelations(*args) - when 'getpoi' then result = getpoi(*args) + when "getpresets" then result = getpresets(*args) + when "whichways" then result = whichways(*args) + when "whichways_deleted" then result = whichways_deleted(*args) + when "getway" then result = getway(args[0].to_i) + when "getrelation" then result = getrelation(args[0].to_i) + when "getway_old" then result = getway_old(args[0].to_i, args[1]) + when "getway_history" then result = getway_history(args[0].to_i) + when "getnode_history" then result = getnode_history(args[0].to_i) + when "findgpx" then result = findgpx(*args) + when "findrelations" then result = findrelations(*args) + when "getpoi" then result = getpoi(*args) end result @@ -74,7 +79,7 @@ class AmfController < ApplicationController err = false # Abort batch on error self.status = :ok - self.content_type = Mime::AMF + self.content_type = Mime[:amf] self.response_body = Dispatcher.new(request.raw_post) do |message, *args| logger.info("Executing AMF #{message}") @@ -82,18 +87,23 @@ class AmfController < ApplicationController result = [-5, nil] else case message - when 'putway' then orn = renumberednodes.dup - result = putway(renumberednodes, *args) - result[4] = renumberednodes.reject { |k, _v| orn.key?(k) } - if result[0] == 0 && result[2] != result[3] then renumberedways[result[2]] = result[3] end - when 'putrelation' then result = putrelation(renumberednodes, renumberedways, *args) - when 'deleteway' then result = deleteway(*args) - when 'putpoi' then result = putpoi(*args) - if result[0] == 0 && result[2] != result[3] then renumberednodes[result[2]] = result[3] end - when 'startchangeset' then result = startchangeset(*args) + when "putway" then + orn = renumberednodes.dup + result = putway(renumberednodes, *args) + result[4] = renumberednodes.reject { |k, _v| orn.key?(k) } + renumberedways[result[2]] = result[3] if result[0].zero? && result[2] != result[3] + when "putrelation" then + result = putrelation(renumberednodes, renumberedways, *args) + when "deleteway" then + result = deleteway(*args) + when "putpoi" then + result = putpoi(*args) + renumberednodes[result[2]] = result[3] if result[0].zero? && result[2] != result[3] + when "startchangeset" then + result = startchangeset(*args) end - err = true if result[0] == -3 # If a conflict is detected, don't execute any more writes + err = true if result[0] == -3 # If a conflict is detected, don't execute any more writes end result @@ -105,17 +115,17 @@ class AmfController < ApplicationController def amf_handle_error(call, rootobj, rootid) yield rescue OSM::APIAlreadyDeletedError => ex - return [-4, ex.object, ex.object_id] + [-4, ex.object, ex.object_id] rescue OSM::APIVersionMismatchError => ex - return [-3, [rootobj, rootid], [ex.type.downcase, ex.id, ex.latest]] + [-3, [rootobj, rootid], [ex.type.downcase, ex.id, ex.latest]] rescue OSM::APIUserChangesetMismatchError => ex - return [-2, ex.to_s] + [-2, ex.to_s] rescue OSM::APIBadBoundingBox => ex - return [-2, "Sorry - I can't get the map for that area. The server said: #{ex}"] + [-2, "Sorry - I can't get the map for that area. The server said: #{ex}"] rescue OSM::APIError => ex - return [-1, ex.to_s] + [-1, ex.to_s] rescue StandardError => ex - return [-2, "An unusual error happened (in #{call}). The server said: #{ex}"] + [-2, "An unusual error happened (in #{call}). The server said: #{ex}"] end def amf_handle_error_with_timeout(call, rootobj, rootid) @@ -132,12 +142,13 @@ class AmfController < ApplicationController def startchangeset(usertoken, cstags, closeid, closecomment, opennew) amf_handle_error("'startchangeset'", nil, nil) do user = getuser(usertoken) - unless user then return -1, "You are not logged in, so Potlatch can't write any changes to the database." end - if user.blocks.active.exists? then return -1, t('application.setup_user_auth.blocked') end - if REQUIRE_TERMS_AGREED && user.terms_agreed.nil? then return -1, "You must accept the contributor terms before you can edit." end + return -1, "You are not logged in, so Potlatch can't write any changes to the database." unless user + return -1, t("application.setup_user_auth.blocked") if user.blocks.active.exists? + return -1, "You must accept the contributor terms before you can edit." if REQUIRE_TERMS_AGREED && user.terms_agreed.nil? if cstags - unless tags_ok(cstags) then return -1, "One of the tags is invalid. Linux users may need to upgrade to Flash Player 10.1." end + return -1, "One of the tags is invalid. Linux users may need to upgrade to Flash Player 10.1." unless tags_ok(cstags) + cstags = strip_non_xml_chars cstags end @@ -146,11 +157,11 @@ class AmfController < ApplicationController cs = Changeset.find(closeid.to_i) cs.set_closed_time_now if cs.user_id != user.id - fail OSM::APIUserChangesetMismatchError.new + raise OSM::APIUserChangesetMismatchError elsif closecomment.empty? cs.save! else - cs.tags['comment'] = closecomment + cs.tags["comment"] = closecomment # in case closecomment has chars not allowed in xml cs.tags = strip_non_xml_chars cs.tags cs.save_with_tags! @@ -158,12 +169,12 @@ class AmfController < ApplicationController end # open a new changeset - if opennew != 0 + if opennew.nonzero? cs = Changeset.new cs.tags = cstags cs.user_id = user.id unless closecomment.empty? - cs.tags['comment'] = closecomment + cs.tags["comment"] = closecomment # in case closecomment has chars not allowed in xml cs.tags = strip_non_xml_chars cs.tags end @@ -171,9 +182,9 @@ class AmfController < ApplicationController cs.created_at = Time.now.getutc cs.closed_at = cs.created_at + Changeset::IDLE_TIMEOUT cs.save_with_tags! - return [0, '', cs.id] + return [0, "", cs.id] else - return [0, '', nil] + return [0, "", nil] end end end @@ -181,15 +192,17 @@ class AmfController < ApplicationController # Return presets (default tags, localisation etc.): # uses POTLATCH_PRESETS global, set up in OSM::Potlatch. - def getpresets(usertoken, lang) #:doc: + def getpresets(usertoken, _lang) user = getuser(usertoken) - if user && !user.languages.empty? - http_accept_language.user_preferred_languages = user.languages - end + langs = if user && !user.languages.empty? + Locale.list(user.languages) + else + Locale.list(http_accept_language.user_preferred_languages) + end - lang = http_accept_language.compatible_language_from(getlocales) - (real_lang, localised) = getlocalized(lang) + lang = getlocales.preferred(langs) + (real_lang, localised) = getlocalized(lang.to_s) # Tell Potlatch what language it's using localised["__potlatch_locale"] = real_lang @@ -210,19 +223,19 @@ class AmfController < ApplicationController def getlocalized(lang) # What we end up actually using. Reported in Potlatch's created_by=* string - loaded_lang = 'en' + loaded_lang = "en" # Load English defaults - en = YAML.load(File.open("#{Rails.root}/config/potlatch/locales/en.yml"))["en"] + en = YAML.safe_load(File.open(Rails.root.join("config", "potlatch", "locales", "en.yml")))["en"] - if lang == 'en' + if lang == "en" return [loaded_lang, en] else # Use English as a fallback begin - other = YAML.load(File.open("#{Rails.root}/config/potlatch/locales/#{lang}.yml"))[lang] + other = YAML.safe_load(File.open(Rails.root.join("config", "potlatch", "locales", "#{lang}.yml")))[lang] loaded_lang = lang - rescue + rescue StandardError other = en end @@ -246,11 +259,13 @@ class AmfController < ApplicationController # nodes in the bbox, nodes are any visible nodes in the bbox but not # used in any way, rel is any relation which refers to either a way # or node that we're returning. - def whichways(xmin, ymin, xmax, ymax) #:doc: + def whichways(xmin, ymin, xmax, ymax) amf_handle_error_with_timeout("'whichways'", nil, nil) do enlarge = [(xmax - xmin) / 8, 0.01].min - xmin -= enlarge; ymin -= enlarge - xmax += enlarge; ymax += enlarge + xmin -= enlarge + ymin -= enlarge + xmax += enlarge + ymax += enlarge # check boundary is sane and area within defined # see /config/application.yml @@ -281,18 +296,20 @@ class AmfController < ApplicationController relations = relations.collect { |relation| [relation.id, relation.version] }.uniq end - [0, '', ways, points, relations] + [0, "", ways, points, relations] end end # Find deleted ways in current bounding box (similar to whichways, but ways # with a deleted node only - not POIs or relations). - def whichways_deleted(xmin, ymin, xmax, ymax) #:doc: + def whichways_deleted(xmin, ymin, xmax, ymax) amf_handle_error_with_timeout("'whichways_deleted'", nil, nil) do enlarge = [(xmax - xmin) / 8, 0.01].min - xmin -= enlarge; ymin -= enlarge - xmax += enlarge; ymax += enlarge + xmin -= enlarge + ymin -= enlarge + xmax += enlarge + ymax += enlarge # check boundary is sane and area within defined # see /config/application.yml @@ -303,15 +320,15 @@ class AmfController < ApplicationController nodes_in_area = Node.bbox(bbox).joins(:ways_via_history).where(:current_ways => { :visible => false }) way_ids = nodes_in_area.collect { |node| node.ways_via_history.invisible.collect(&:id) }.flatten.uniq - [0, '', way_ids] + [0, "", way_ids] end end # Get a way including nodes and tags. # Returns the way id, a Potlatch-style array of points, a hash of tags, the version number, and the user ID. - def getway(wayid) #:doc: - amf_handle_error_with_timeout("'getway' #{wayid}", 'way', wayid) do + def getway(wayid) + amf_handle_error_with_timeout("'getway' #{wayid}", "way", wayid) do if POTLATCH_USE_SQL points = sql_get_nodes_in_way(wayid) tags = sql_get_tags_in_way(wayid) @@ -324,11 +341,11 @@ class AmfController < ApplicationController way = Way.where(:id => wayid).first # check case where way has been deleted or doesn't exist - return [-4, 'way', wayid] if way.nil? || !way.visible + return [-4, "way", wayid] if way.nil? || !way.visible points = way.nodes.preload(:node_tags).collect do |node| nodetags = node.tags - nodetags.delete('created_by') + nodetags.delete("created_by") [node.lon, node.lat, node.id, nodetags, node.version] end tags = way.tags @@ -336,7 +353,7 @@ class AmfController < ApplicationController uid = way.changeset.user.id end - [0, '', wayid, points, tags, version, uid] + [0, "", wayid, points, tags, version, uid] end end @@ -355,20 +372,21 @@ class AmfController < ApplicationController # 4. version, # 5. is this the current, visible version? (boolean) - def getway_old(id, timestamp) #:doc: - amf_handle_error_with_timeout("'getway_old' #{id}, #{timestamp}", 'way', id) do - if timestamp == '' + def getway_old(id, timestamp) + amf_handle_error_with_timeout("'getway_old' #{id}, #{timestamp}", "way", id) do + if timestamp == "" # undelete old_way = OldWay.where(:visible => true, :way_id => id).unredacted.order("version DESC").first points = old_way.get_nodes_undelete unless old_way.nil? else begin # revert - timestamp = DateTime.strptime(timestamp.to_s, "%d %b %Y, %H:%M:%S") + timestamp = Time.zone.strptime(timestamp.to_s, "%d %b %Y, %H:%M:%S") old_way = OldWay.where("way_id = ? AND timestamp <= ?", id, timestamp).unredacted.order("timestamp DESC").first unless old_way.nil? - points = old_way.get_nodes_revert(timestamp) - unless old_way.visible + if old_way.visible + points = old_way.get_nodes_revert(timestamp) + else return [-1, "Sorry, the way was deleted at that time - please revert to a previous version.", id] end end @@ -383,8 +401,8 @@ class AmfController < ApplicationController return [-1, "Sorry, the server could not find a way at that time.", id] else curway = Way.find(id) - old_way.tags['history'] = "Retrieved from v#{old_way.version}" - return [0, '', id, points, old_way.tags, curway.version, (curway.version == old_way.version && curway.visible)] + old_way.tags["history"] = "Retrieved from v#{old_way.version}" + return [0, "", id, points, old_way.tags, curway.version, (curway.version == old_way.version && curway.visible)] end end end @@ -399,16 +417,16 @@ class AmfController < ApplicationController # sort and collapse list (to within 2 seconds); trim all dates before the # start date of the way. - def getway_history(wayid) #:doc: + def getway_history(wayid) revdates = [] revusers = {} Way.find(wayid).old_ways.unredacted.collect do |a| revdates.push(a.timestamp) - unless revusers.key?(a.timestamp.to_i) then revusers[a.timestamp.to_i] = change_user(a) end + revusers[a.timestamp.to_i] = change_user(a) unless revusers.key?(a.timestamp.to_i) a.nds.each do |n| Node.find(n).old_nodes.unredacted.collect do |o| revdates.push(o.timestamp) - unless revusers.key?(o.timestamp.to_i) then revusers[o.timestamp.to_i] = change_user(o) end + revusers[o.timestamp.to_i] = change_user(o) unless revusers.key?(o.timestamp.to_i) end end end @@ -425,25 +443,25 @@ class AmfController < ApplicationController revdates.collect! { |d| [(d + 1).strftime("%d %b %Y, %H:%M:%S")] + revusers[d.to_i] } revdates.uniq! - return ['way', wayid, revdates] + ["way", wayid, revdates] rescue ActiveRecord::RecordNotFound - return ['way', wayid, []] + ["way", wayid, []] end # Find history of a node. Returns 'node', id, and an array of previous versions as above. - def getnode_history(nodeid) #:doc: + def getnode_history(nodeid) history = Node.find(nodeid).old_nodes.unredacted.reverse.collect do |old_node| [(old_node.timestamp + 1).strftime("%d %b %Y, %H:%M:%S")] + change_user(old_node) end - return ['node', nodeid, history] + ["node", nodeid, history] rescue ActiveRecord::RecordNotFound - return ['node', nodeid, []] + ["node", nodeid, []] end def change_user(obj) user_object = obj.changeset.user - user = user_object.data_public? ? user_object.display_name : 'anonymous' + user = user_object.data_public? ? user_object.display_name : "anonymous" uid = user_object.data_public? ? user_object.id : 0 [user, uid] end @@ -454,19 +472,20 @@ class AmfController < ApplicationController def findgpx(searchterm, usertoken) amf_handle_error_with_timeout("'findgpx'", nil, nil) do user = getuser(usertoken) - unless user then return -1, "You must be logged in to search for GPX traces." end - if user.blocks.active.exists? then return -1, t('application.setup_user_auth.blocked') end + + return -1, "You must be logged in to search for GPX traces." unless user + return -1, t("application.setup_user_auth.blocked") if user.blocks.active.exists? query = Trace.visible_to(user) - if searchterm.to_i > 0 - query = query.where(:id => searchterm.to_i) - else - query = query.where("MATCH(name) AGAINST (?)", searchterm).limit(21) - end + query = if searchterm.to_i.positive? + query.where(:id => searchterm.to_i) + else + query.where("MATCH(name) AGAINST (?)", searchterm).limit(21) + end gpxs = query.collect do |gpx| [gpx.id, gpx.name, gpx.description] end - [0, '', gpxs] + [0, "", gpxs] end end @@ -479,12 +498,13 @@ class AmfController < ApplicationController # 4. list of members, # 5. version. - def getrelation(relid) #:doc: - amf_handle_error("'getrelation' #{relid}", 'relation', relid) do + def getrelation(relid) + amf_handle_error("'getrelation' #{relid}", "relation", relid) do rel = Relation.where(:id => relid).first - return [-4, 'relation', relid] if rel.nil? || !rel.visible - [0, '', relid, rel.tags, rel.members, rel.version] + return [-4, "relation", relid] if rel.nil? || !rel.visible + + [0, "", relid, rel.tags, rel.members, rel.version] end end @@ -493,16 +513,12 @@ class AmfController < ApplicationController def findrelations(searchterm) rels = [] - if searchterm.to_i > 0 + if searchterm.to_i.positive? rel = Relation.where(:id => searchterm.to_i).first - if rel && rel.visible - rels.push([rel.id, rel.tags, rel.members, rel.version]) - end + rels.push([rel.id, rel.tags, rel.members, rel.version]) if rel&.visible else RelationTag.where("v like ?", "%#{searchterm}%").limit(11).each do |t| - if t.relation.visible - rels.push([t.relation.id, t.relation.tags, t.relation.members, t.relation.version]) - end + rels.push([t.relation.id, t.relation.tags, t.relation.members, t.relation.version]) if t.relation.visible end end rels @@ -515,26 +531,26 @@ class AmfController < ApplicationController # 2. new relation id, # 3. version. - def putrelation(renumberednodes, renumberedways, usertoken, changeset_id, version, relid, tags, members, visible) #:doc: - amf_handle_error("'putrelation' #{relid}", 'relation', relid) do + def putrelation(renumberednodes, renumberedways, usertoken, changeset_id, version, relid, tags, members, visible) + amf_handle_error("'putrelation' #{relid}", "relation", relid) do user = getuser(usertoken) - unless user then return -1, "You are not logged in, so the relation could not be saved." end - if user.blocks.active.exists? then return -1, t('application.setup_user_auth.blocked') end - if REQUIRE_TERMS_AGREED && user.terms_agreed.nil? then return -1, "You must accept the contributor terms before you can edit." end - unless tags_ok(tags) then return -1, "One of the tags is invalid. Linux users may need to upgrade to Flash Player 10.1." end + return -1, "You are not logged in, so the relation could not be saved." unless user + return -1, t("application.setup_user_auth.blocked") if user.blocks.active.exists? + return -1, "You must accept the contributor terms before you can edit." if REQUIRE_TERMS_AGREED && user.terms_agreed.nil? + + return -1, "One of the tags is invalid. Linux users may need to upgrade to Flash Player 10.1." unless tags_ok(tags) + tags = strip_non_xml_chars tags relid = relid.to_i - visible = (visible.to_i != 0) + visible = visible.to_i.nonzero? new_relation = nil relation = nil Relation.transaction do # create a new relation, or find the existing one - if relid > 0 - relation = Relation.find(relid) - end + relation = Relation.find(relid) if relid.positive? # We always need a new node, based on the data that has been sent to us new_relation = Relation.new @@ -542,13 +558,11 @@ class AmfController < ApplicationController typedmembers = [] members.each do |m| mid = m[1].to_i - if mid < 0 - mid = renumberednodes[mid] if m[0] == 'Node' - mid = renumberedways[mid] if m[0] == 'Way' - end - if mid - typedmembers << [m[0], mid, m[2].delete("\000-\037\ufffe\uffff", "^\011\012\015")] + if mid.negative? + mid = renumberednodes[mid] if m[0] == "Node" + mid = renumberedways[mid] if m[0] == "Way" end + typedmembers << [m[0], mid, m[2].delete("\000-\037\ufffe\uffff", "^\011\012\015")] if mid end # assign new contents @@ -570,12 +584,12 @@ class AmfController < ApplicationController new_relation.id = relid relation.delete_with_history!(new_relation, user) end - end # transaction + end if relid <= 0 - return [0, '', relid, new_relation.id, new_relation.version] + return [0, "", relid, new_relation.id, new_relation.version] else - return [0, '', relid, relid, relation.version] + return [0, "", relid, relid, relation.version] end end end @@ -601,20 +615,22 @@ class AmfController < ApplicationController # 3. new way id, # 4. hash of renumbered nodes (old id=>new id), # 5. way version, - # 6. hash of node versions (node=>version) + # 6. hash of changed node versions (node=>version) + # 7. hash of deleted node versions (node=>version) - def putway(renumberednodes, usertoken, changeset_id, wayversion, originalway, pointlist, attributes, nodes, deletednodes) #:doc: - amf_handle_error("'putway' #{originalway}", 'way', originalway) do + def putway(renumberednodes, usertoken, changeset_id, wayversion, originalway, pointlist, attributes, nodes, deletednodes) + amf_handle_error("'putway' #{originalway}", "way", originalway) do # -- Initialise user = getuser(usertoken) - unless user then return -1, "You are not logged in, so the way could not be saved." end - if user.blocks.active.exists? then return -1, t('application.setup_user_auth.blocked') end - if REQUIRE_TERMS_AGREED && user.terms_agreed.nil? then return -1, "You must accept the contributor terms before you can edit." end + return -1, "You are not logged in, so the way could not be saved." unless user + return -1, t("application.setup_user_auth.blocked") if user.blocks.active.exists? + return -1, "You must accept the contributor terms before you can edit." if REQUIRE_TERMS_AGREED && user.terms_agreed.nil? + + return -2, "Server error - way is only #{pointlist.length} points long." if pointlist.length < 2 - if pointlist.length < 2 then return -2, "Server error - way is only #{points.length} points long." end + return -1, "One of the tags is invalid. Linux users may need to upgrade to Flash Player 10.1." unless tags_ok(attributes) - unless tags_ok(attributes) then return -1, "One of the tags is invalid. Linux users may need to upgrade to Flash Player 10.1." end attributes = strip_non_xml_chars attributes originalway = originalway.to_i @@ -631,9 +647,10 @@ class AmfController < ApplicationController id = a[2].to_i version = a[3].to_i - if id == 0 then return -2, "Server error - node with id 0 found in way #{originalway}." end - if lat == 90 then return -2, "Server error - node with latitude -90 found in way #{originalway}." end - if renumberednodes[id] then id = renumberednodes[id] end + return -2, "Server error - node with id 0 found in way #{originalway}." if id.zero? + return -2, "Server error - node with latitude -90 found in way #{originalway}." if lat == 90 + + id = renumberednodes[id] if renumberednodes[id] node = Node.new node.changeset_id = changeset_id @@ -642,10 +659,11 @@ class AmfController < ApplicationController node.tags = a[4] # fixup node tags in a way as well - unless tags_ok(node.tags) then return -1, "One of the tags is invalid. Linux users may need to upgrade to Flash Player 10.1." end + return -1, "One of the tags is invalid. Linux users may need to upgrade to Flash Player 10.1." unless tags_ok(node.tags) + node.tags = strip_non_xml_chars node.tags - node.tags.delete('created_by') + node.tags.delete("created_by") node.version = version if id <= 0 # We're creating the node @@ -663,9 +681,9 @@ class AmfController < ApplicationController # -- Save revised way - pointlist.collect! do|a| - renumberednodes[a] ? renumberednodes[a] : a - end # renumber nodes + pointlist.collect! do |a| + renumberednodes[a] || a + end new_way = Way.new new_way.tags = attributes new_way.nds = pointlist @@ -697,9 +715,9 @@ class AmfController < ApplicationController # and we don't want to delete it end end - end # transaction + end - [0, '', originalway, way.id, renumberednodes, way.version, nodeversions, deletednodes] + [0, "", originalway, way.id, renumberednodes, way.version, nodeversions, deletednodes] end end @@ -712,14 +730,15 @@ class AmfController < ApplicationController # 3. new node id, # 4. version. - def putpoi(usertoken, changeset_id, version, id, lon, lat, tags, visible) #:doc: - amf_handle_error("'putpoi' #{id}", 'node', id) do + def putpoi(usertoken, changeset_id, version, id, lon, lat, tags, visible) + amf_handle_error("'putpoi' #{id}", "node", id) do user = getuser(usertoken) - unless user then return -1, "You are not logged in, so the point could not be saved." end - if user.blocks.active.exists? then return -1, t('application.setup_user_auth.blocked') end - if REQUIRE_TERMS_AGREED && user.terms_agreed.nil? then return -1, "You must accept the contributor terms before you can edit." end + return -1, "You are not logged in, so the point could not be saved." unless user + return -1, t("application.setup_user_auth.blocked") if user.blocks.active.exists? + return -1, "You must accept the contributor terms before you can edit." if REQUIRE_TERMS_AGREED && user.terms_agreed.nil? + + return -1, "One of the tags is invalid. Linux users may need to upgrade to Flash Player 10.1." unless tags_ok(tags) - unless tags_ok(tags) then return -1, "One of the tags is invalid. Linux users may need to upgrade to Flash Player 10.1." end tags = strip_non_xml_chars tags id = id.to_i @@ -727,12 +746,14 @@ class AmfController < ApplicationController node = nil new_node = nil Node.transaction do - if id > 0 - node = Node.find(id) - - unless visible - unless node.ways.empty? then return -1, "Point #{id} has since become part of a way, so you cannot save it as a POI.", id, id, version end + if id.positive? + begin + node = Node.find(id) + rescue ActiveRecord::RecordNotFound + return [-4, "node", id] end + + return -1, "Point #{id} has since become part of a way, so you cannot save it as a POI.", id, id, version unless visible || node.ways.empty? end # We always need a new node, based on the data that has been sent to us new_node = Node.new @@ -754,12 +775,12 @@ class AmfController < ApplicationController new_node.id = id node.delete_with_history!(new_node, user) end - end # transaction + end if id <= 0 - return [0, '', id, new_node.id, new_node.version] + return [0, "", id, new_node.id, new_node.version] else - return [0, '', id, node.id, node.version] + return [0, "", id, node.id, node.version] end end end @@ -769,19 +790,19 @@ class AmfController < ApplicationController # # Returns array of id, long, lat, hash of tags, (current) version. - def getpoi(id, timestamp) #:doc: - amf_handle_error("'getpoi' #{id}", 'node', id) do + def getpoi(id, timestamp) + amf_handle_error("'getpoi' #{id}", "node", id) do id = id.to_i - n = Node.find(id) - v = n.version - unless timestamp == '' - n = OldNode.where("node_id = ? AND timestamp <= ?", id, timestamp).unredacted.order("timestamp DESC").first + n = Node.where(:id => id).first + if n + v = n.version + n = OldNode.where("node_id = ? AND timestamp <= ?", id, timestamp).unredacted.order("timestamp DESC").first unless timestamp == "" end if n - return [0, '', n.id, n.lon, n.lat, n.tags, v] + return [0, "", id, n.lon, n.lat, n.tags, v] else - return [-4, 'node', id] + return [-4, "node", id] end end end @@ -796,12 +817,12 @@ class AmfController < ApplicationController # of the nodes have been changed by someone else then, there is a problem! # Returns 0 (success), unchanged way id, new way version, new node versions. - def deleteway(usertoken, changeset_id, way_id, way_version, deletednodes) #:doc: - amf_handle_error("'deleteway' #{way_id}", 'way', way_id) do + def deleteway(usertoken, changeset_id, way_id, way_version, deletednodes) + amf_handle_error("'deleteway' #{way_id}", "way", way_id) do user = getuser(usertoken) - unless user then return -1, "You are not logged in, so the way could not be deleted." end - if user.blocks.active.exists? then return -1, t('application.setup_user_auth.blocked') end - if REQUIRE_TERMS_AGREED && user.terms_agreed.nil? then return -1, "You must accept the contributor terms before you can edit." end + return -1, "You are not logged in, so the way could not be deleted." unless user + return -1, t("application.setup_user_auth.blocked") if user.blocks.active.exists? + return -1, "You must accept the contributor terms before you can edit." if REQUIRE_TERMS_AGREED && user.terms_agreed.nil? way_id = way_id.to_i nodeversions = {} @@ -833,8 +854,8 @@ class AmfController < ApplicationController # elsewhere and we don't want to delete it end end - end # transaction - [0, '', way_id, old_way.version, nodeversions] + end + [0, "", way_id, old_way.version, nodeversions] end end @@ -846,17 +867,16 @@ class AmfController < ApplicationController # When we are writing to the api, we need the actual user model, # not just the id, hence this abstraction - def getuser(token) #:doc: + def getuser(token) if token =~ /^(.+)\:(.+)$/ - user = User.authenticate(:username => $1, :password => $2) + User.authenticate(:username => Regexp.last_match(1), :password => Regexp.last_match(2)) else - user = User.authenticate(:token => token) + User.authenticate(:token => token) end - user end def getlocales - Dir.glob("#{Rails.root}/config/potlatch/locales/*").collect { |f| File.basename(f, ".yml") } + @getlocales ||= Locale.list(Dir.glob(Rails.root.join("config", "potlatch", "locales", "*")).collect { |f| File.basename(f, ".yml") }) end ## @@ -874,12 +894,10 @@ class AmfController < ApplicationController # in the +tags+ hash. def strip_non_xml_chars(tags) new_tags = {} - unless tags.nil? - tags.each do |k, v| - new_k = k.delete "\000-\037\ufffe\uffff", "^\011\012\015" - new_v = v.delete "\000-\037\ufffe\uffff", "^\011\012\015" - new_tags[new_k] = new_v - end + tags&.each do |k, v| + new_k = k.delete "\000-\037\ufffe\uffff", "^\011\012\015" + new_v = v.delete "\000-\037\ufffe\uffff", "^\011\012\015" + new_tags[new_k] = new_v end new_tags end @@ -888,34 +906,34 @@ class AmfController < ApplicationController # Alternative SQL queries for getway/whichways def sql_find_ways_in_area(bbox) - sql = <<-EOF + sql = <<-SQL SELECT DISTINCT current_ways.id AS wayid,current_ways.version AS version FROM current_way_nodes INNER JOIN current_nodes ON current_nodes.id=current_way_nodes.node_id INNER JOIN current_ways ON current_ways.id =current_way_nodes.id WHERE current_nodes.visible=TRUE AND current_ways.visible=TRUE - AND #{OSM.sql_for_area(bbox, "current_nodes.")} - EOF - ActiveRecord::Base.connection.select_all(sql).collect { |a| [a['wayid'].to_i, a['version'].to_i] } + AND #{OSM.sql_for_area(bbox, 'current_nodes.')} + SQL + ActiveRecord::Base.connection.select_all(sql).collect { |a| [a["wayid"].to_i, a["version"].to_i] } end def sql_find_pois_in_area(bbox) pois = [] - sql = <<-EOF + sql = <<-SQL SELECT current_nodes.id,current_nodes.latitude*0.0000001 AS lat,current_nodes.longitude*0.0000001 AS lon,current_nodes.version FROM current_nodes LEFT OUTER JOIN current_way_nodes cwn ON cwn.node_id=current_nodes.id WHERE current_nodes.visible=TRUE AND cwn.id IS NULL - AND #{OSM.sql_for_area(bbox, "current_nodes.")} - EOF + AND #{OSM.sql_for_area(bbox, 'current_nodes.')} + SQL ActiveRecord::Base.connection.select_all(sql).each do |row| poitags = {} ActiveRecord::Base.connection.select_all("SELECT k,v FROM current_node_tags WHERE id=#{row['id']}").each do |n| - poitags[n['k']] = n['v'] + poitags[n["k"]] = n["v"] end - pois << [row['id'].to_i, row['lon'].to_f, row['lat'].to_f, poitags, row['version'].to_i] + pois << [row["id"].to_i, row["lon"].to_f, row["lat"].to_f, poitags, row["version"].to_i] end pois end @@ -923,43 +941,43 @@ class AmfController < ApplicationController def sql_find_relations_in_area_and_ways(bbox, way_ids) # ** It would be more Potlatchy to get relations for nodes within ways # during 'getway', not here - sql = <<-EOF + sql = <<-SQL SELECT DISTINCT cr.id AS relid,cr.version AS version FROM current_relations cr INNER JOIN current_relation_members crm ON crm.id=cr.id INNER JOIN current_nodes cn ON crm.member_id=cn.id AND crm.member_type='Node' - WHERE #{OSM.sql_for_area(bbox, "cn.")} - EOF + WHERE #{OSM.sql_for_area(bbox, 'cn.')} + SQL unless way_ids.empty? - sql += <<-EOF + sql += <<-SQL UNION SELECT DISTINCT cr.id AS relid,cr.version AS version FROM current_relations cr INNER JOIN current_relation_members crm ON crm.id=cr.id WHERE crm.member_type='Way' AND crm.member_id IN (#{way_ids.join(',')}) - EOF + SQL end - ActiveRecord::Base.connection.select_all(sql).collect { |a| [a['relid'].to_i, a['version'].to_i] } + ActiveRecord::Base.connection.select_all(sql).collect { |a| [a["relid"].to_i, a["version"].to_i] } end def sql_get_nodes_in_way(wayid) points = [] - sql = <<-EOF + sql = <<-SQL SELECT latitude*0.0000001 AS lat,longitude*0.0000001 AS lon,current_nodes.id,current_nodes.version FROM current_way_nodes,current_nodes WHERE current_way_nodes.id=#{wayid.to_i} AND current_way_nodes.node_id=current_nodes.id AND current_nodes.visible=TRUE ORDER BY sequence_id - EOF + SQL ActiveRecord::Base.connection.select_all(sql).each do |row| nodetags = {} ActiveRecord::Base.connection.select_all("SELECT k,v FROM current_node_tags WHERE id=#{row['id']}").each do |n| - nodetags[n['k']] = n['v'] + nodetags[n["k"]] = n["v"] end - nodetags.delete('created_by') - points << [row['lon'].to_f, row['lat'].to_f, row['id'].to_i, nodetags, row['version'].to_i] + nodetags.delete("created_by") + points << [row["lon"].to_f, row["lat"].to_f, row["id"].to_i, nodetags, row["version"].to_i] end points end @@ -967,16 +985,16 @@ class AmfController < ApplicationController def sql_get_tags_in_way(wayid) tags = {} ActiveRecord::Base.connection.select_all("SELECT k,v FROM current_way_tags WHERE id=#{wayid.to_i}").each do |row| - tags[row['k']] = row['v'] + tags[row["k"]] = row["v"] end tags end def sql_get_way_version(wayid) - ActiveRecord::Base.connection.select_one("SELECT version FROM current_ways WHERE id=#{wayid.to_i}")['version'] + ActiveRecord::Base.connection.select_one("SELECT version FROM current_ways WHERE id=#{wayid.to_i}")["version"] end def sql_get_way_user(wayid) - ActiveRecord::Base.connection.select_one("SELECT user FROM current_ways,changesets WHERE current_ways.id=#{wayid.to_i} AND current_ways.changeset=changesets.id")['user'] + ActiveRecord::Base.connection.select_one("SELECT user FROM current_ways,changesets WHERE current_ways.id=#{wayid.to_i} AND current_ways.changeset=changesets.id")["user"] end end