X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/d6ba46b120806ed5c393cb9768e1f94c4c20c40b..e890528aacd74420e445793b532271996e700577:/app/controllers/amf_controller.rb?ds=inline diff --git a/app/controllers/amf_controller.rb b/app/controllers/amf_controller.rb index aee31295c..aa030ca92 100644 --- a/app/controllers/amf_controller.rb +++ b/app/controllers/amf_controller.rb @@ -76,7 +76,7 @@ class AmfController < ApplicationController logger.info("Executing AMF #{message}(#{args.join(',')}):#{index}") case message - when 'getpresets'; results[index]=AMF.putdata(index,getpresets(args[0])) + when 'getpresets'; results[index]=AMF.putdata(index,getpresets(*args)) when 'whichways'; results[index]=AMF.putdata(index,whichways(*args)) when 'whichways_deleted'; results[index]=AMF.putdata(index,whichways_deleted(*args)) when 'getway'; results[index]=AMF.putdata(index,getway(args[0].to_i)) @@ -213,13 +213,21 @@ class AmfController < ApplicationController # Return presets (default tags, localisation etc.): # uses POTLATCH_PRESETS global, set up in OSM::Potlatch. - def getpresets(lang) #:doc: - lang.gsub!(/[^\w\-]/,'') + def getpresets(usertoken,lang) #:doc: + user = getuser(usertoken) + + if user && !user.languages.empty? + request.user_preferred_languages = user.languages + end + + lang = request.compatible_language_from(getlocales) begin + # if not, try the browser language localised = YAML::load(File.open("#{RAILS_ROOT}/config/potlatch/localised/#{lang}/localised.yaml")) rescue - localised = "" # guess we'll just have to use the hardcoded English text instead + # fall back to hardcoded English text + localised = "" end begin @@ -302,7 +310,7 @@ class AmfController < ApplicationController end # Get a way including nodes and tags. - # Returns the way id, a Potlatch-style array of points, a hash of tags, and the version number. + # Returns the way id, a Potlatch-style array of points, a hash of tags, the version number, and the user ID. def getway(wayid) #:doc: amf_handle_error_with_timeout("'getway' #{wayid}") do @@ -310,6 +318,7 @@ class AmfController < ApplicationController points = sql_get_nodes_in_way(wayid) tags = sql_get_tags_in_way(wayid) version = sql_get_way_version(wayid) + uid = sql_get_way_user(wayid) else # Ideally we would do ":include => :nodes" here but if we do that # then rails only seems to return the first copy of a node when a @@ -326,9 +335,10 @@ class AmfController < ApplicationController end tags = way.tags version = way.version + uid = way.changeset.user.id end - [0, '', wayid, points, tags, version] + [0, '', wayid, points, tags, version, uid] end end @@ -415,7 +425,8 @@ class AmfController < ApplicationController # Remove any elements where 2 seconds doesn't elapse before next one revdates.delete_if { |d| revdates.include?(d+1) or revdates.include?(d+2) } # Collect all in one nested array - revdates.collect! {|d| [d.strftime("%d %b %Y, %H:%M:%S")] + revusers[d.to_i] } + revdates.collect! {|d| [d.succ.strftime("%d %b %Y, %H:%M:%S")] + revusers[d.to_i] } + revdates.uniq! return ['way', wayid, revdates] rescue ActiveRecord::RecordNotFound @@ -428,7 +439,7 @@ class AmfController < ApplicationController def getnode_history(nodeid) #:doc: begin history = Node.find(nodeid).old_nodes.reverse.collect do |old_node| - [old_node.timestamp.strftime("%d %b %Y, %H:%M:%S")] + change_user(old_node) + [old_node.timestamp.succ.strftime("%d %b %Y, %H:%M:%S")] + change_user(old_node) end return ['node', nodeid, history] rescue ActiveRecord::RecordNotFound @@ -515,6 +526,8 @@ class AmfController < ApplicationController amf_handle_error("'putrelation' #{relid}") do user = getuser(usertoken) if !user then return -1,"You are not logged in, so the relation could not be saved." end + if !tags_ok(tags) then return -1,"One of the tags is invalid. Please pester Adobe to fix Flash on Linux." end + tags = strip_non_xml_chars tags relid = relid.to_i visible = (visible.to_i != 0) @@ -601,6 +614,8 @@ class AmfController < ApplicationController user = getuser(usertoken) if !user then return -1,"You are not logged in, so the way could not be saved." end if pointlist.length < 2 then return -2,"Server error - way is only #{points.length} points long." end + if !tags_ok(attributes) then return -1,"One of the tags is invalid. Please pester Adobe to fix Flash on Linux." end + attributes = strip_non_xml_chars attributes originalway = originalway.to_i pointlist.collect! {|a| a.to_i } @@ -625,6 +640,11 @@ class AmfController < ApplicationController node.lat = lat node.lon = lon node.tags = a[4] + + # fixup node tags in a way as well + if !tags_ok(node.tags) then return -1,"One of the tags is invalid. Please pester Adobe to fix Flash on Linux." end + node.tags = strip_non_xml_chars node.tags + node.tags.delete('created_by') node.version = version if id <= 0 @@ -697,6 +717,8 @@ class AmfController < ApplicationController amf_handle_error("'putpoi' #{id}") do user = getuser(usertoken) if !user then return -1,"You are not logged in, so the point could not be saved." end + if !tags_ok(tags) then return -1,"One of the tags is invalid. Please pester Adobe to fix Flash on Linux." end + tags = strip_non_xml_chars tags id = id.to_i visible = (visible.to_i == 1) @@ -748,10 +770,11 @@ class AmfController < ApplicationController def getpoi(id,timestamp) #:doc: amf_handle_error("'getpoi' #{id}") do + id = id.to_i n = Node.find(id) v = n.version unless timestamp == '' - n = OldNode.find(id, :conditions=>['timestamp=?',DateTime.strptime(timestamp, "%d %b %Y, %H:%M:%S")]) + n = OldNode.find(:first, :conditions => ['id = ? AND timestamp <= ?', id, timestamp], :order => 'timestamp DESC') end if n @@ -847,6 +870,34 @@ class AmfController < ApplicationController } end + def getlocales + Dir.glob("#{RAILS_ROOT}/config/potlatch/localised/*").collect { |f| File.basename(f) } + end + + ## + # check that all key-value pairs are valid UTF-8. + def tags_ok(tags) + tags.each do |k, v| + return false unless UTF8.valid? k + return false unless UTF8.valid? v + end + return true + end + + ## + # strip characters which are invalid in XML documents from the strings + # in the +tags+ hash. + def strip_non_xml_chars(tags) + new_tags = Hash.new + unless tags.nil? + tags.each do |k, v| + new_k = k.delete "\000-\037", "^\011\012\015" + new_v = v.delete "\000-\037", "^\011\012\015" + new_tags[new_k] = new_v + end + end + return new_tags + end # ==================================================================== # Alternative SQL queries for getway/whichways @@ -937,7 +988,11 @@ class AmfController < ApplicationController end def sql_get_way_version(wayid) - ActiveRecord::Base.connection.select_one("SELECT version FROM current_ways WHERE id=#{wayid.to_i}") + ActiveRecord::Base.connection.select_one("SELECT version FROM current_ways WHERE id=#{wayid.to_i}")['version'] + end + + def sql_get_way_user(wayid) + ActiveRecord::Base.connection.select_one("SELECT user FROM current_ways,changesets WHERE current_ways.id=#{wayid.to_i} AND current_ways.changeset=changesets.id")['user'] end end