X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/c8f9387420233bd7e845cb205c3b68ede1f90024..69fa4e9940fe2858c90ea39277ef6ffcd84a3ca6:/app/controllers/node_controller.rb?ds=sidebyside diff --git a/app/controllers/node_controller.rb b/app/controllers/node_controller.rb index c27081650..8d29fd072 100644 --- a/app/controllers/node_controller.rb +++ b/app/controllers/node_controller.rb @@ -1,325 +1,84 @@ -class NodeController < ApplicationController - require 'xml/libxml' - - before_filter :authorize - - def create - if request.put? - doc = XML::Document.new(request.raw_post) #THIS IS BROKEN, libxml docus dont talk about creating a doc from a string - doc.find('//osm/node').each do |pt| - render :text => 'arghsd.rkugt;dsrt' - return - lat = pt.attributes['lat'].to_f - lon = pt.attributes['lon'].to_f - node_id = pt.attributes['id'].to_i - - if lat > 90 or lat < -90 or lon > 180 or lon < -180 or node_id != 0 - render :nothing => true, :status => 400 # BAD REQUEST - return - end - - tags = [] - - pt.elements.each('tag') do |tag| - tags << [tag.attributes['k'],tag.attributes['v']] - end - tags = tags.collect { |k,v| "#{k}=#{v}" }.join(';') - tags = '' if tags.nil? - - now = Time.now +# The NodeController is the RESTful interface to Node objects - node = Node.new - node.latitude = lat - node.longitude = lon - node.visible = 1 - node.tags = tags - node.timestamp = now - node.user_id = @user.id +class NodeController < ApplicationController + require "xml/libxml" - #FIXME add a node to the old nodes table too + skip_before_action :verify_authenticity_token + before_action :authorize, :only => [:create, :update, :delete] + before_action :require_allow_write_api, :only => [:create, :update, :delete] + before_action :require_public_data, :only => [:create, :update, :delete] + before_action :check_api_writable, :only => [:create, :update, :delete] + before_action :check_api_readable, :except => [:create, :update, :delete] + around_action :api_call_handle_error, :api_call_timeout - if node.save - render :text => node.id - else - render :nothing => true, :status => 500 - end - end - end + # Create a node from XML. + def create + assert_method :put - render :text => 'WRONG! ' - return + node = Node.from_xml(request.raw_post, true) + # Assume that Node.from_xml has thrown an exception if there is an error parsing the xml + node.create_with_history @user + render :text => node.id.to_s, :content_type => "text/plain" end - def rest - unless Node.exists?(params[:id]) - render :nothing => true, :status => 400 - return - end - + # Dump the details on a node given in params[:id] + def read node = Node.find(params[:id]) + response.last_modified = node.timestamp - case request.method - when :get - doc = XML::Document.new - - # this needs a new libxml: - # doc.encoding = "UTF-8" - - root = XML::Node.new 'osm' - root['version'] = '0.4' - root['generator'] = 'OpenStreetMap server' - doc.root = root - el1 = XML::Node.new 'node' - el1['id'] = node.id.to_s - el1['lat'] = node.latitude.to_s - el1['lon'] = node.longitude.to_s - split_tags(el1, node.tags) - el1['visible'] = node.visible.to_s - el1['timestamp'] = node.timestamp.xmlschema - root << el1 - - render :text => doc.to_s - - # - # DELETE - # - when :delete - - if node.visible - node.visible = 0 - node.save - else - render :nothing => true, :status => 410 - end - - # - # PUT - # - when :put - - doc = XML::Document.new(request.raw_post) - doc.elements.each('osm/node') do |pt| - lat = pt.attributes['lat'].to_f - lon = pt.attributes['lon'].to_f - node_id = pt.attributes['id'].to_i - - if lat > 90 or lat < -90 or lon > 180 or lon < -180 or node_id != params[:id] - render :nothing => true, :status => 400 # BAD REQUEST - return - end - - tags = [] - - pt.elements.each('tag') do |tag| - tags << [tag.attributes['k'],tag.attributes['v']] - end - tags = tags.collect { |k,v| "#{k}=#{v}" }.join(';') - tags = '' if tags.nil? - - now = Time.now - - node.latitude = lat - node.longitude = lon - node.visible = 1 - node.tags = tags - node.timestamp = now - node.user_id = @user.id - - #FIXME add a node to the old nodes table too - - if node.save - render :text => node.id - else - render :nothing => true, :status => 500 - end - end + if node.visible + render :text => node.to_xml.to_s, :content_type => "text/xml" + else + render :text => "", :status => :gone end end + # Update a node from given XML + def update + node = Node.find(params[:id]) + new_node = Node.from_xml(request.raw_post) - def dummy - if request.post? - userid = dao.useridfromcreds(r.user, r.get_basic_auth_pw) - doc = Document.new $stdin.read - - doc.elements.each('osm/node') do |pt| - lat = pt.attributes['lat'].to_f - lon = pt.attributes['lon'].to_f - xmlnodeid = pt.attributes['id'].to_i - - tags = [] - pt.elements.each('tag') do |tag| - tags << [tag.attributes['k'],tag.attributes['v']] - end - - tags = tags.collect { |k,v| "#{k}=#{v}" }.join(';') - - tags = '' unless tags - if xmlnodeid == nodeid && userid != 0 - if nodeid == 0 - new_node_id = dao.create_node(lat, lon, userid, tags) - if new_node_id - puts new_node_id - exit - else - exit HTTP_INTERNAL_SERVER_ERROR - end - else - node = dao.getnode(nodeid) - if node - #FIXME: need to check the node hasn't moved too much - if dao.update_node?(nodeid, userid, lat, lon, tags) - exit - else - exit HTTP_INTERNAL_SERVER_ERROR - end - else - exit HTTP_NOT_FOUND - end - end + unless new_node && new_node.id == node.id + raise OSM::APIBadUserInput.new("The id in the url (#{node.id}) is not the same as provided in the xml (#{new_node.id})") + end - else - exit BAD_REQUEST - end - end - exit HTTP_INTERNAL_SERVER_ERROR + node.update_from(new_node, @user) + render :text => node.version.to_s, :content_type => "text/plain" + end + # Delete a node. Doesn't actually delete it, but retains its history + # in a wiki-like way. We therefore treat it like an update, so the delete + # method returns the new version number. + def delete + node = Node.find(params[:id]) + new_node = Node.from_xml(request.raw_post) + unless new_node && new_node.id == node.id + raise OSM::APIBadUserInput.new("The id in the url (#{node.id}) is not the same as provided in the xml (#{new_node.id})") end + node.delete_with_history!(new_node, @user) + render :text => node.version.to_s, :content_type => "text/plain" end - - def dummydummy - - # - # POST ??? - # - - if request.post? - nodeid = r.args.match(/nodeid=([0-9]+)/).captures.first.to_i - userid = dao.useridfromcreds(r.user, r.get_basic_auth_pw) - doc = Document.new $stdin.read - - doc.elements.each('osm/node') do |pt| - lat = pt.attributes['lat'].to_f - lon = pt.attributes['lon'].to_f - xmlnodeid = pt.attributes['id'].to_i - - tags = [] - pt.elements.each('tag') do |tag| - tags << [tag.attributes['k'],tag.attributes['v']] - end - - tags = tags.collect { |k,v| "#{k}=#{v}" }.join(';') - - tags = '' unless tags - if xmlnodeid == nodeid && userid != 0 - if nodeid == 0 - new_node_id = dao.create_node(lat, lon, userid, tags) - if new_node_id - puts new_node_id - exit - else - exit HTTP_INTERNAL_SERVER_ERROR - end - else - node = dao.getnode(nodeid) - if node - #FIXME: need to check the node hasn't moved too much - if dao.update_node?(nodeid, userid, lat, lon, tags) - exit - else - exit HTTP_INTERNAL_SERVER_ERROR - end - else - exit HTTP_NOT_FOUND - end - end - - else - exit BAD_REQUEST - end - end - exit HTTP_INTERNAL_SERVER_ERROR - + # Dump the details on many nodes whose ids are given in the "nodes" parameter. + def nodes + unless params["nodes"] + raise OSM::APIBadUserInput.new("The parameter nodes is required, and must be of the form nodes=id[,id[,id...]]") end - # - # GET ??? - # + ids = params["nodes"].split(",").collect(&:to_i) - if request.get? - node = node.find(params[:id]) - doc = document.new - doc.encoding = "utf-8" - root = node.new 'osm' - root['version'] = '0.4' - root['generator'] = 'openstreetmap server' - doc.root = root - el1 = node.new 'node' - el1['id'] = node.id.to_s - el1['lat'] = node.latitude.to_s - el1['lon'] = node.longitude.to_s - split_tags(el1, node.tags) - el1['visible'] = node.visible.to_s - el1['timestamp'] = node.timestamp - root << el1 - - render :text => doc.to_s, :template => false + if ids.empty? + raise OSM::APIBadUserInput.new("No nodes were given to search for") end + doc = OSM::API.new.get_xml_doc - # - # DELETE???? - # - - if request.delete? - userid = dao.useridfromcreds(r.user, r.get_basic_auth_pw) - #cgi doesnt work with DELETE so extract manually: - nodeid = r.args.match(/nodeid=([0-9]+)/).captures.first.to_i - - if userid > 0 && nodeid != 0 - node = dao.getnode(nodeid) - if node - if node.visible - if dao.delete_node?(nodeid, userid) - exit - else - exit HTTP_INTERNAL_SERVER_ERROR - end - else - exit HTTP_GONE - end - else - exit HTTP_NOT_FOUND - end - else - exit BAD_REQUEST - - end - - + Node.find(ids).each do |node| + doc.root << node.to_xml_node end - - end - - private - def split_tags(el, tags) - tags.split(';').each do |tag| - parts = tag.split('=') - key = '' - val = '' - key = parts[0].strip unless parts[0].nil? - val = parts[1].strip unless parts[1].nil? - if key != '' && val != '' - el2 = Node.new('tag') - el2['k'] = key.to_s - el2['v'] = val.to_s - el << el2 - end - end + render :text => doc.to_s, :content_type => "text/xml" end - end