X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/f0feca800d91ac1d23eb63ca17a45d8fd4d41920..47841829d81dc9475d34dd716220744c284e7f82:/app/controllers/trace_controller.rb?ds=sidebyside diff --git a/app/controllers/trace_controller.rb b/app/controllers/trace_controller.rb index db86684a4..9c4a9d8bd 100644 --- a/app/controllers/trace_controller.rb +++ b/app/controllers/trace_controller.rb @@ -122,8 +122,8 @@ class TraceController < ApplicationController logger.info("id is #{@trace.id}") flash[:notice] = t 'trace.create.trace_uploaded' - if @user.traces.count(:conditions => { :inserted => false }) > 4 - flash[:warning] = t 'trace.trace_header.traces_waiting', :count => @user.traces.count(:conditions => { :inserted => false }) + if @user.traces.where(:inserted => false).count > 4 + flash[:warning] = t 'trace.trace_header.traces_waiting', :count => @user.traces.where(:inserted => false).count end redirect_to :action => :list, :display_name => @user.display_name @@ -151,8 +151,10 @@ class TraceController < ApplicationController if trace.visible? and (trace.public? or (@user and @user == trace.user)) if Acl.no_trace_download(request.remote_ip) render :text => "", :status => :forbidden - elsif request.format == Mime::XML or request.format == Mime::GPX + elsif request.format == Mime::XML send_file(trace.xml_file, :filename => "#{trace.id}.xml", :type => request.format.to_s, :disposition => 'attachment') + elsif request.format == Mime::GPX + send_file(trace.xml_file, :filename => "#{trace.id}.gpx", :type => request.format.to_s, :disposition => 'attachment') else send_file(trace.trace_name, :filename => "#{trace.id}#{trace.extension_name}", :type => trace.mime_type, :disposition => 'attachment') end @@ -166,8 +168,13 @@ class TraceController < ApplicationController def edit @trace = Trace.find(params[:id]) - if @user and @trace.user == @user + if not @trace.visible? + render :text => "", :status => :not_found + elsif @user.nil? or @trace.user != @user + render :text => "", :status => :forbidden + else @title = t 'trace.edit.title', :name => @trace.name + if params[:trace] @trace.description = params[:trace][:description] @trace.tagstring = params[:trace][:tagstring] @@ -176,8 +183,6 @@ class TraceController < ApplicationController redirect_to :action => 'view', :display_name => @user.display_name end end - else - render :text => "", :status => :forbidden end rescue ActiveRecord::RecordNotFound render :text => "", :status => :not_found @@ -186,17 +191,15 @@ class TraceController < ApplicationController def delete trace = Trace.find(params[:id]) - if @user and trace.user == @user - if trace.visible? - trace.visible = false - trace.save - flash[:notice] = t 'trace.delete.scheduled_for_deletion' - redirect_to :action => :list, :display_name => @user.display_name - else - render :text => "", :status => :not_found - end - else + if not trace.visible? + render :text => "", :status => :not_found + elsif @user.nil? or trace.user != @user render :text => "", :status => :forbidden + else + trace.visible = false + trace.save + flash[:notice] = t 'trace.delete.scheduled_for_deletion' + redirect_to :action => :list, :display_name => @user.display_name end rescue ActiveRecord::RecordNotFound render :text => "", :status => :not_found