X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/e17b89e89fa932673f7dc2cf5a2fd3437ec0eda6..24fc94944bc62de99ddf5ad81ed2598cc0d72680:/app/controllers/changeset_controller.rb diff --git a/app/controllers/changeset_controller.rb b/app/controllers/changeset_controller.rb index 09bad34bc..1c658ccbd 100644 --- a/app/controllers/changeset_controller.rb +++ b/app/controllers/changeset_controller.rb @@ -28,13 +28,13 @@ class ChangesetController < ApplicationController cs = Changeset.from_xml(request.raw_post, true) # Assume that Changeset.from_xml has thrown an exception if there is an error parsing the xml - cs.user_id = @user.id + cs.user_id = current_user.id cs.save_with_tags! # Subscribe user to changeset comments - cs.subscribers << @user + cs.subscribers << current_user - render :text => cs.id.to_s, :content_type => "text/plain" + render :plain => cs.id.to_s end ## @@ -43,7 +43,7 @@ class ChangesetController < ApplicationController def read changeset = Changeset.find(params[:id]) - render :text => changeset.to_xml(params[:include_discussion].presence).to_s, :content_type => "text/xml" + render :xml => changeset.to_xml(params[:include_discussion].presence).to_s end ## @@ -53,7 +53,7 @@ class ChangesetController < ApplicationController assert_method :put changeset = Changeset.find(params[:id]) - check_changeset_consistency(changeset, @user) + check_changeset_consistency(changeset, current_user) # to close the changeset, we'll just set its closed_at time to # now. this might not be enough if there are concurrency issues, @@ -61,7 +61,7 @@ class ChangesetController < ApplicationController changeset.set_closed_time_now changeset.save! - render :text => "" + head :ok end ## @@ -75,7 +75,7 @@ class ChangesetController < ApplicationController assert_method :post cs = Changeset.find(params[:id]) - check_changeset_consistency(cs, @user) + check_changeset_consistency(cs, current_user) # keep an array of lons and lats lon = [] @@ -83,7 +83,7 @@ class ChangesetController < ApplicationController # the request is in pseudo-osm format... this is kind-of an # abuse, maybe should change to some other format? - doc = XML::Parser.string(request.raw_post).parse + doc = XML::Parser.string(request.raw_post, :options => XML::Parser::Options::NOERROR).parse doc.find("//osm/node").each do |n| lon << n["lon"].to_f * GeoRecord::SCALE lat << n["lat"].to_f * GeoRecord::SCALE @@ -104,7 +104,7 @@ class ChangesetController < ApplicationController # save the larger bounding box and return the changeset, which # will include the bigger bounding box. cs.save! - render :text => cs.to_xml.to_s, :content_type => "text/xml" + render :xml => cs.to_xml.to_s end ## @@ -127,12 +127,12 @@ class ChangesetController < ApplicationController assert_method :post changeset = Changeset.find(params[:id]) - check_changeset_consistency(changeset, @user) + check_changeset_consistency(changeset, current_user) diff_reader = DiffReader.new(request.raw_post, changeset) Changeset.transaction do result = diff_reader.commit - render :text => result.to_s, :content_type => "text/xml" + render :xml => result.to_s end end @@ -197,7 +197,7 @@ class ChangesetController < ApplicationController end end - render :text => result.to_s, :content_type => "text/xml" + render :xml => result.to_s end ## @@ -224,7 +224,7 @@ class ChangesetController < ApplicationController results.root << cs.to_xml_node end - render :text => results.to_s, :content_type => "text/xml" + render :xml => results.to_s end ## @@ -242,54 +242,56 @@ class ChangesetController < ApplicationController changeset = Changeset.find(params[:id]) new_changeset = Changeset.from_xml(request.raw_post) - check_changeset_consistency(changeset, @user) - changeset.update_from(new_changeset, @user) - render :text => changeset.to_xml, :mime_type => "text/xml" + check_changeset_consistency(changeset, current_user) + changeset.update_from(new_changeset, current_user) + render :xml => changeset.to_xml.to_s end ## - # list edits (open changesets) in reverse chronological order + # list non-empty changesets in reverse chronological order def list - if request.format == :atom && params[:max_id] - redirect_to url_for(params.merge(:max_id => nil)), :status => :moved_permanently + @params = params.permit(:display_name, :bbox, :friends, :nearby, :max_id, :list) + + if request.format == :atom && @params[:max_id] + redirect_to url_for(@params.merge(:max_id => nil)), :status => :moved_permanently return end - if params[:display_name] - user = User.find_by(:display_name => params[:display_name]) + if @params[:display_name] + user = User.find_by(:display_name => @params[:display_name]) if !user || !user.active? - render_unknown_user params[:display_name] + render_unknown_user @params[:display_name] return end end - if (params[:friends] || params[:nearby]) && !@user + if (@params[:friends] || @params[:nearby]) && !current_user require_user return end - if request.format == :html && !params[:list] + if request.format == :html && !@params[:list] require_oauth render :action => :history, :layout => map_layout else changesets = conditions_nonempty(Changeset.all) - if params[:display_name] - changesets = if user.data_public? || user == @user + if @params[:display_name] + changesets = if user.data_public? || user == current_user changesets.where(:user_id => user.id) else changesets.where("false") end - elsif params[:bbox] + elsif @params[:bbox] changesets = conditions_bbox(changesets, BoundingBox.from_bbox_params(params)) - elsif params[:friends] && @user - changesets = changesets.where(:user_id => @user.friend_users.identifiable) - elsif params[:nearby] && @user - changesets = changesets.where(:user_id => @user.nearby) + elsif @params[:friends] && current_user + changesets = changesets.where(:user_id => current_user.friend_users.identifiable) + elsif @params[:nearby] && current_user + changesets = changesets.where(:user_id => current_user.nearby) end - if params[:max_id] - changesets = changesets.where("changesets.id <= ?", params[:max_id]) + if @params[:max_id] + changesets = changesets.where("changesets.id <= ?", @params[:max_id]) end @edits = changesets.order("changesets.id DESC").limit(20).preload(:user, :changeset_tags, :comments) @@ -322,20 +324,20 @@ class ChangesetController < ApplicationController # Add a comment to the changeset comment = changeset.comments.create(:changeset => changeset, :body => body, - :author => @user) + :author => current_user) # Notify current subscribers of the new comment changeset.subscribers.visible.each do |user| - if @user != user + if current_user != user Notifier.changeset_comment_notification(comment, user).deliver_now end end # Add the commenter to the subscribers if necessary - changeset.subscribers << @user unless changeset.subscribers.exists?(@user.id) + changeset.subscribers << current_user unless changeset.subscribers.exists?(current_user.id) # Return a copy of the updated changeset - render :text => changeset.to_xml.to_s, :content_type => "text/xml" + render :xml => changeset.to_xml.to_s end ## @@ -350,13 +352,13 @@ class ChangesetController < ApplicationController # Find the changeset and check it is valid changeset = Changeset.find(id) raise OSM::APIChangesetNotYetClosedError.new(changeset) if changeset.is_open? - raise OSM::APIChangesetAlreadySubscribedError.new(changeset) if changeset.subscribers.exists?(@user.id) + raise OSM::APIChangesetAlreadySubscribedError.new(changeset) if changeset.subscribers.exists?(current_user.id) # Add the subscriber - changeset.subscribers << @user + changeset.subscribers << current_user # Return a copy of the updated changeset - render :text => changeset.to_xml.to_s, :content_type => "text/xml" + render :xml => changeset.to_xml.to_s end ## @@ -371,13 +373,13 @@ class ChangesetController < ApplicationController # Find the changeset and check it is valid changeset = Changeset.find(id) raise OSM::APIChangesetNotYetClosedError.new(changeset) if changeset.is_open? - raise OSM::APIChangesetNotSubscribedError.new(changeset) unless changeset.subscribers.exists?(@user.id) + raise OSM::APIChangesetNotSubscribedError.new(changeset) unless changeset.subscribers.exists?(current_user.id) # Remove the subscriber - changeset.subscribers.delete(@user) + changeset.subscribers.delete(current_user) # Return a copy of the updated changeset - render :text => changeset.to_xml.to_s, :content_type => "text/xml" + render :xml => changeset.to_xml.to_s end ## @@ -396,7 +398,7 @@ class ChangesetController < ApplicationController comment.update(:visible => false) # Return a copy of the updated changeset - render :text => comment.changeset.to_xml.to_s, :content_type => "text/xml" + render :xml => comment.changeset.to_xml.to_s end ## @@ -415,7 +417,7 @@ class ChangesetController < ApplicationController comment.update(:visible => true) # Return a copy of the updated changeset - render :text => comment.changeset.to_xml.to_s, :content_type => "text/xml" + render :xml => comment.changeset.to_xml.to_s end ## @@ -440,7 +442,7 @@ class ChangesetController < ApplicationController format.rss end rescue OSM::APIBadUserInput - render :text => "", :status => :bad_request + head :bad_request end private @@ -494,7 +496,7 @@ class ChangesetController < ApplicationController # changesets if they're non-public setup_user_auth - raise OSM::APINotFoundError if @user.nil? || @user.id != u.id + raise OSM::APINotFoundError if current_user.nil? || current_user.id != u.id end changesets.where(:user_id => u.id)