X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/d9e070e06956801aba2378c1b79b4d9f13ae12ee..747d6f1d11037d79946396270f59fc9aa11cc629:/app/controllers/trace_controller.rb diff --git a/app/controllers/trace_controller.rb b/app/controllers/trace_controller.rb index 899df05df..022c304fb 100644 --- a/app/controllers/trace_controller.rb +++ b/app/controllers/trace_controller.rb @@ -2,6 +2,7 @@ class TraceController < ApplicationController layout 'site' before_filter :authorize_web + before_filter :require_user, :only => [:mine, :edit, :delete, :make_public] before_filter :authorize, :only => [:api_details, :api_data, :api_create] before_filter :check_database_availability, :except => [:api_details, :api_data, :api_create] before_filter :check_read_availability, :only => [:api_details, :api_data, :api_create] @@ -12,7 +13,7 @@ class TraceController < ApplicationController # from display name, pick up user id if one user's traces only display_name = params[:display_name] if target_user.nil? and !display_name.blank? - target_user = User.find(:first, :conditions => [ "visible = 1 and display_name = ?", display_name]) + target_user = User.find(:first, :conditions => [ "visible = ? and display_name = ?", true, display_name]) end # set title @@ -33,25 +34,27 @@ class TraceController < ApplicationController # 4 - user's traces, not logged in as that user = all user's public traces if target_user.nil? # all traces if @user - conditions = ["(gpx_files.public = 1 OR gpx_files.user_id = ?)", @user.id] #1 + conditions = ["(gpx_files.public = ? OR gpx_files.user_id = ?)", true, @user.id] #1 else - conditions = ["gpx_files.public = 1"] #2 + conditions = ["gpx_files.public = ?", true] #2 end else if @user and @user == target_user conditions = ["gpx_files.user_id = ?", @user.id] #3 (check vs user id, so no join + can't pick up non-public traces by changing name) else - conditions = ["gpx_files.public = 1 AND gpx_files.user_id = ?", target_user.id] #4 + conditions = ["gpx_files.public = ? AND gpx_files.user_id = ?", true, target_user.id] #4 end end if params[:tag] @tag = params[:tag] - conditions[0] += " AND EXISTS (SELECT * FROM gpx_file_tags AS gft WHERE gft.gpx_id = gpx_files.id AND gft.tag = ?)" - conditions << @tag + + files = Tracetag.find_all_by_tag(params[:tag]).collect { |tt| tt.gpx_id } + conditions[0] += " AND gpx_files.id IN (#{files.join(',')})" end - conditions[0] += " AND gpx_files.visible = 1" + conditions[0] += " AND gpx_files.visible = ?" + conditions << true @trace_pages, @traces = paginate(:traces, :include => [:user, :tags], @@ -77,11 +80,7 @@ class TraceController < ApplicationController end def mine - if @user - list(@user, "mine") unless @user.nil? - else - redirect_to :controller => 'user', :action => 'login', :referer => request.request_uri - end + list(@user, "mine") end def view @@ -133,7 +132,7 @@ class TraceController < ApplicationController send_file(trace.trace_name, :filename => "#{trace.id}#{trace.extension_name}", :type => trace.mime_type, :disposition => 'attachment') end else - render :nothing, :status => :not_found + render :nothing => true, :status => :not_found end rescue ActiveRecord::RecordNotFound render :nothing => true, :status => :not_found @@ -151,7 +150,7 @@ class TraceController < ApplicationController end end else - render :nothing, :status => :forbidden + render :nothing => true, :status => :forbidden end rescue ActiveRecord::RecordNotFound render :nothing => true, :status => :not_found @@ -167,10 +166,10 @@ class TraceController < ApplicationController flash[:notice] = 'Track scheduled for deletion' redirect_to :controller => 'traces', :action => 'mine' else - render :nothing, :status => :bad_request + render :nothing => true, :status => :bad_request end else - render :nothing, :status => :forbidden + render :nothing => true, :status => :forbidden end rescue ActiveRecord::RecordNotFound render :nothing => true, :status => :not_found @@ -186,17 +185,17 @@ class TraceController < ApplicationController flash[:notice] = 'Track made public' redirect_to :controller => 'trace', :action => 'view', :id => params[:id] else - render :nothing, :status => :bad_request + render :nothing => true, :status => :bad_request end else - render :nothing, :status => :forbidden + render :nothing => true, :status => :forbidden end rescue ActiveRecord::RecordNotFound render :nothing => true, :status => :not_found end def georss - conditions = ["gpx_files.public = 1"] + conditions = ["gpx_files.public = ?", true] if params[:display_name] conditions[0] += " AND users.display_name = ?" @@ -227,7 +226,7 @@ class TraceController < ApplicationController if trace.public? or (@user and @user == trace.user) send_file(trace.large_picture_name, :filename => "#{trace.id}.gif", :type => 'image/gif', :disposition => 'inline') else - render :nothing, :status => :forbidden + render :nothing => true, :status => :forbidden end else render :nothing => true, :status => :not_found @@ -243,7 +242,7 @@ class TraceController < ApplicationController if trace.public? or (@user and @user == trace.user) send_file(trace.icon_picture_name, :filename => "#{trace.id}_icon.gif", :type => 'image/gif', :disposition => 'inline') else - render :nothing, :status => :forbidden + render :nothing => true, :status => :forbidden end else render :nothing => true, :status => :not_found @@ -311,6 +310,17 @@ private else FileUtils.rm_f(filename) end + + # Finally save whether the user marked the trace as being public + if @trace.public? + if @user.trace_public_default.nil? + @user.preferences.create(:k => "gps.trace.public", :v => "default") + end + else + pref = @user.trace_public_default + pref.destroy unless pref.nil? + end + end end