X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/d07277efba0c0069705bbefa68f2624a9c6c9ff0..88a206b0f2979caf066a3127afd3cd71b39da7c8:/app/controllers/api_controller.rb?ds=sidebyside diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb index 73fd9aa8c..7451a91b9 100644 --- a/app/controllers/api_controller.rb +++ b/app/controllers/api_controller.rb @@ -3,12 +3,22 @@ class ApiController < ApplicationController before_filter :authorize after_filter :compress_output + helper :user + model :user + + def authorize_web + @current_user = User.find_by_token(session[:token]) + end + + # The maximum area you're allowed to request, in square degrees + MAX_REQUEST_AREA = 0.25 + def map - response.headers["Content-Type"] = 'application/xml' + response.headers["Content-Type"] = 'text/xml' # Figure out the bbox bbox = params['bbox'] unless bbox and bbox.count(',') == 3 - render :nothing => true, :status => 400 + report_error("The parameter bbox is required, and must be of the form min_lon,min_lat,max_lon,max_lat") return end @@ -19,17 +29,42 @@ class ApiController < ApplicationController max_lon = bbox[2].to_f max_lat = bbox[3].to_f + # check the bbox is sane + unless min_lon <= max_lon + report_error("The minimum longitude must be less than the maximum longitude, but it wasn't") + return + end + unless min_lat <= max_lat + report_error("The minimum latitude must be less than the maximum latitude, but it wasn't") + return + end + unless min_lon >= -180 && min_lat >= -90 && max_lon <= 180 && max_lat <= 90 + report_error("The latitudes must be between -90 and 90, and longitudes between -180 and 180") + return + end + + # check the bbox isn't too large + requested_area = (max_lat-min_lat)*(max_lon-min_lon) + if requested_area > MAX_REQUEST_AREA + report_error("The maximum bbox size is " + MAX_REQUEST_AREA.to_s + ", and your request was too large. Either request a smaller area, or use planet.osm") + return + end + # get all the nodes nodes = Node.find(:all, :conditions => ['latitude > ? AND longitude > ? AND latitude < ? AND longitude < ? AND visible = 1', min_lat, min_lon, max_lat, max_lon]) node_ids = nodes.collect {|node| node.id } + + # (in the future, we may wish to abort here if we found too many nodes) + + # grab the segments segments = Array.new if node_ids.length > 0 node_ids_sql = "(#{node_ids.join(',')})" # get the referenced segments segments = Segment.find_by_sql "select * from current_segments where visible = 1 and (node_a in #{node_ids_sql} or node_b in #{node_ids_sql})" end - # see if we have nay missing nodes + # see if we have any missing nodes segments_nodes = segments.collect {|segment| segment.node_a } segments_nodes += segments.collect {|segment| segment.node_b } @@ -40,7 +75,7 @@ class ApiController < ApplicationController # get missing nodes if there are any nodes += Node.find(missing_nodes) if missing_nodes.length > 0 - doc = get_xml_doc + doc = OSM::API.new.get_xml_doc # get ways # find which ways are needed