X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/cbea796ef412840af9a3ec2fd26bf08657fc4cd3..6cd694431ed325ce2013e9732b640234610271cc:/app/controllers/api/changesets_controller.rb diff --git a/app/controllers/api/changesets_controller.rb b/app/controllers/api/changesets_controller.rb index ffd9a112b..c9c806de6 100644 --- a/app/controllers/api/changesets_controller.rb +++ b/app/controllers/api/changesets_controller.rb @@ -2,27 +2,42 @@ module Api class ChangesetsController < ApiController - layout "site" require "xml/libxml" + before_action :check_api_writable, :only => [:create, :update, :upload, :subscribe, :unsubscribe] + before_action :check_api_readable, :except => [:create, :update, :upload, :download, :query, :subscribe, :unsubscribe] before_action :authorize, :only => [:create, :update, :upload, :close, :subscribe, :unsubscribe] authorize_resource before_action :require_public_data, :only => [:create, :update, :upload, :close, :subscribe, :unsubscribe] - before_action :check_api_writable, :only => [:create, :update, :upload, :subscribe, :unsubscribe] - before_action :check_api_readable, :except => [:create, :update, :upload, :download, :query, :subscribe, :unsubscribe] + before_action :set_request_formats, :except => [:create, :close, :upload] + around_action :api_call_handle_error around_action :api_call_timeout, :except => [:upload] # Helper methods for checking consistency include ConsistencyValidations + ## + # Return XML giving the basic info about the changeset. Does not + # return anything about the nodes, ways and relations in the changeset. + def show + @changeset = Changeset.find(params[:id]) + @include_discussion = params[:include_discussion].presence + render "changeset" + + respond_to do |format| + format.xml + format.json + end + end + # Create a changeset from XML. def create assert_method :put - cs = Changeset.from_xml(request.raw_post, true) + cs = Changeset.from_xml(request.raw_post, :create => true) # Assume that Changeset.from_xml has thrown an exception if there is an error parsing the xml cs.user = current_user @@ -34,15 +49,6 @@ module Api render :plain => cs.id.to_s end - ## - # Return XML giving the basic info about the changeset. Does not - # return anything about the nodes, ways and relations in the changeset. - def show - @changeset = Changeset.find(params[:id]) - @include_discussion = params[:include_discussion].presence - render "changeset" - end - ## # marks a changeset as closed. this may be called multiple times # on the same changeset, so is idempotent. @@ -61,50 +67,6 @@ module Api head :ok end - ## - # insert a (set of) points into a changeset bounding box. this can only - # increase the size of the bounding box. this is a hint that clients can - # set either before uploading a large number of changes, or changes that - # the client (but not the server) knows will affect areas further away. - def expand_bbox - # only allow POST requests, because although this method is - # idempotent, there is no "document" to PUT really... - assert_method :post - - cs = Changeset.find(params[:id]) - check_changeset_consistency(cs, current_user) - - # keep an array of lons and lats - lon = [] - lat = [] - - # the request is in pseudo-osm format... this is kind-of an - # abuse, maybe should change to some other format? - doc = XML::Parser.string(request.raw_post, :options => XML::Parser::Options::NOERROR).parse - doc.find("//osm/node").each do |n| - lon << n["lon"].to_f * GeoRecord::SCALE - lat << n["lat"].to_f * GeoRecord::SCALE - end - - # add the existing bounding box to the lon-lat array - lon << cs.min_lon unless cs.min_lon.nil? - lat << cs.min_lat unless cs.min_lat.nil? - lon << cs.max_lon unless cs.max_lon.nil? - lat << cs.max_lat unless cs.max_lat.nil? - - # collapse the arrays to minimum and maximum - cs.min_lon = lon.min - cs.min_lat = lat.min - cs.max_lon = lon.max - cs.max_lat = lat.max - - # save the larger bounding box and return the changeset, which - # will include the bigger bounding box. - cs.save! - @changeset = cs - render "changeset" - end - ## # Upload a diff in a single transaction. # @@ -130,6 +92,10 @@ module Api diff_reader = DiffReader.new(request.raw_post, changeset) Changeset.transaction do result = diff_reader.commit + # the number of changes in this changeset has already been + # updated and is visible in this transaction so we don't need + # to allow for any more when checking the limit + check_rate_limit(0) render :xml => result.to_s end end @@ -167,40 +133,36 @@ module Api end end - # create changeset and user caches - changeset_cache = {} - user_display_name_cache = {} - - # create an osmChange document for the output - result = OSM::API.new.get_xml_doc - result.root.name = "osmChange" - # generate an output element for each operation. note: we avoid looking # at the history because it is simpler - but it would be more correct to # check these assertions. + @created = [] + @modified = [] + @deleted = [] + elements.each do |elt| - result.root << - if elt.version == 1 - # first version, so it must be newly-created. - created = XML::Node.new "create" - created << elt.to_xml_node(changeset_cache, user_display_name_cache) - elsif elt.visible - # must be a modify - modified = XML::Node.new "modify" - modified << elt.to_xml_node(changeset_cache, user_display_name_cache) - else - # if the element isn't visible then it must have been deleted - deleted = XML::Node.new "delete" - deleted << elt.to_xml_node(changeset_cache, user_display_name_cache) - end + if elt.version == 1 + # first version, so it must be newly-created. + @created << elt + elsif elt.visible + # must be a modify + @modified << elt + else + # if the element isn't visible then it must have been deleted + @deleted << elt + end end - render :xml => result.to_s + respond_to do |format| + format.xml + end end ## # query changesets by bounding box, time, user or open/closed status. def query + raise OSM::APIBadUserInput, "cannot use order=oldest with time" if params[:time] && params[:order] == "oldest" + # find any bounding box bbox = BoundingBox.from_bbox_params(params) if params["bbox"] @@ -210,16 +172,29 @@ module Api changesets = conditions_bbox(changesets, bbox) changesets = conditions_user(changesets, params["user"], params["display_name"]) changesets = conditions_time(changesets, params["time"]) + changesets = conditions_from_to(changesets, params["from"], params["to"]) changesets = conditions_open(changesets, params["open"]) changesets = conditions_closed(changesets, params["closed"]) changesets = conditions_ids(changesets, params["changesets"]) - # sort and limit the changesets - changesets = changesets.order("created_at DESC").limit(100) + # sort the changesets + changesets = if params[:order] == "oldest" + changesets.order(:created_at => :asc) + else + changesets.order(:created_at => :desc) + end + + # limit the result + changesets = changesets.limit(result_limit) # preload users, tags and comments, and render result @changesets = changesets.preload(:user, :changeset_tags, :comments) render "changesets" + + respond_to do |format| + format.xml + format.json + end end ## @@ -240,6 +215,11 @@ module Api check_changeset_consistency(@changeset, current_user) @changeset.update_from(new_changeset, current_user) render "changeset" + + respond_to do |format| + format.xml + format.json + end end ## @@ -261,6 +241,11 @@ module Api # Return a copy of the updated changeset @changeset = changeset render "changeset" + + respond_to do |format| + format.xml + format.json + end end ## @@ -282,6 +267,11 @@ module Api # Return a copy of the updated changeset @changeset = changeset render "changeset" + + respond_to do |format| + format.xml + format.json + end end private @@ -293,7 +283,6 @@ module Api ## # if a bounding box was specified do some sanity checks. # restrict changesets to those enclosed by a bounding box - # we need to return both the changesets and the bounding box def conditions_bbox(changesets, bbox) if bbox bbox.check_boundaries @@ -321,7 +310,7 @@ module Api # user input checking, we don't have any UIDs < 1 raise OSM::APIBadUserInput, "invalid user ID" if user.to_i < 1 - u = User.find(user.to_i) + u = User.find_by(:id => user.to_i) else u = User.find_by(:display_name => name) end @@ -339,12 +328,12 @@ module Api raise OSM::APINotFoundError if current_user.nil? || current_user != u end - changesets.where(:user_id => u.id) + changesets.where(:user => u) end end ## - # restrict changes to those closed during a particular time period + # restrict changesets to those during a particular time period def conditions_time(changesets, time) if time.nil? changesets @@ -353,23 +342,48 @@ module Api # low, second is high - same as with bounding boxes. # check that we actually have 2 elements in the array - times = time.split(/,/) + times = time.split(",") raise OSM::APIBadUserInput, "bad time range" if times.size != 2 - from, to = times.collect { |t| Time.parse(t) } + from, to = times.collect { |t| Time.parse(t).utc } changesets.where("closed_at >= ? and created_at <= ?", from, to) else # if there is no comma, assume its a lower limit on time - changesets.where("closed_at >= ?", Time.parse(time)) + changesets.where("closed_at >= ?", Time.parse(time).utc) end # stupid Time seems to throw both of these for bad parsing, so # we have to catch both and ensure the correct code path is taken. - rescue ArgumentError => e - raise OSM::APIBadUserInput, e.message.to_s - rescue RuntimeError => e + rescue ArgumentError, RuntimeError => e raise OSM::APIBadUserInput, e.message.to_s end + ## + # restrict changesets to those opened during a particular time period + # works similar to from..to of notes controller, including the requirement of 'from' when specifying 'to' + def conditions_from_to(changesets, from, to) + if from + begin + from = Time.parse(from).utc + rescue ArgumentError + raise OSM::APIBadUserInput, "Date #{from} is in a wrong format" + end + + begin + to = if to + Time.parse(to).utc + else + Time.now.utc + end + rescue ArgumentError + raise OSM::APIBadUserInput, "Date #{to} is in a wrong format" + end + + changesets.where(:created_at => from..to) + else + changesets + end + end + ## # return changesets which are open (haven't been closed yet) # we do this by seeing if the 'closed at' time is in the future. Also if we've @@ -380,7 +394,7 @@ module Api changesets else changesets.where("closed_at >= ? and num_changes <= ?", - Time.now.getutc, Changeset::MAX_ELEMENTS) + Time.now.utc, Changeset::MAX_ELEMENTS) end end @@ -392,7 +406,7 @@ module Api changesets else changesets.where("closed_at < ? or num_changes > ?", - Time.now.getutc, Changeset::MAX_ELEMENTS) + Time.now.utc, Changeset::MAX_ELEMENTS) end end @@ -409,5 +423,19 @@ module Api changesets.where(:id => ids) end end + + ## + # Get the maximum number of results to return + def result_limit + if params[:limit] + if params[:limit].to_i.positive? && params[:limit].to_i <= Settings.max_changeset_query_limit + params[:limit].to_i + else + raise OSM::APIBadUserInput, "Changeset limit must be between 1 and #{Settings.max_changeset_query_limit}" + end + else + Settings.default_changeset_query_limit + end + end end end