X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/fa3c97d6a69ae9937a49eb38fce434e122a6678c..e338d1140884bb2bf3ed1b8fc85c890d0937ef8c:/app/controllers/user_preference_controller.rb?ds=inline diff --git a/app/controllers/user_preference_controller.rb b/app/controllers/user_preference_controller.rb index 3a48ee65e..377e78313 100644 --- a/app/controllers/user_preference_controller.rb +++ b/app/controllers/user_preference_controller.rb @@ -1,15 +1,16 @@ # Update and read user preferences, which are arbitrayr key/val pairs class UserPreferenceController < ApplicationController + skip_before_filter :verify_authenticity_token before_filter :authorize + before_filter :require_allow_read_prefs, :only => [:read_one, :read] + before_filter :require_allow_write_prefs, :except => [:read_one, :read] def read_one pref = UserPreference.find(@user.id, params[:preference_key]) - if pref - render :text => pref.v.to_s - else - render :text => 'OH NOES! PREF NOT FOUND!', :status => 404 - end + render :text => pref.v.to_s + rescue ActiveRecord::RecordNotFound => ex + render :text => 'OH NOES! PREF NOT FOUND!', :status => :not_found end def update_one @@ -32,6 +33,8 @@ class UserPreferenceController < ApplicationController UserPreference.delete(@user.id, params[:preference_key]) render :nothing => true + rescue ActiveRecord::RecordNotFound => ex + render :text => "param: #{params[:preference_key]} not found", :status => :not_found end # print out all the preferences as a big xml block @@ -54,46 +57,44 @@ class UserPreferenceController < ApplicationController def update begin p = XML::Parser.string(request.raw_post) - doc = p.parse - - prefs = [] - - keyhash = {} - - doc.find('//preferences/preference').each do |pt| - pref = UserPreference.new + rescue LibXML::XML::Error, ArgumentError => ex + raise OSM::APIBadXMLError.new("preferences", xml, ex.message) + end + doc = p.parse - unless keyhash[pt['k']].nil? # already have that key - render :text => 'OH NOES! CAN HAS UNIQUE KEYS?', :status => :not_acceptable - return - end + prefs = [] - keyhash[pt['k']] = 1 + keyhash = {} - pref.k = pt['k'] - pref.v = pt['v'] - pref.user_id = @user.id - prefs << pref - end + doc.find('//preferences/preference').each do |pt| + pref = UserPreference.new - if prefs.size > 150 - render :text => 'Too many preferences', :status => :request_entity_too_large - return + unless keyhash[pt['k']].nil? # already have that key + render :text => 'OH NOES! CAN HAS UNIQUE KEYS?', :status => :not_acceptable end - # kill the existing ones - UserPreference.delete_all(['user_id = ?', @user.id]) + keyhash[pt['k']] = 1 - # save the new ones - prefs.each do |pref| - pref.save! - end + pref.k = pt['k'] + pref.v = pt['v'] + pref.user_id = @user.id + prefs << pref + end - rescue Exception => ex - render :text => 'OH NOES! FAIL!: ' + ex.to_s, :status => :internal_server_error - return + if prefs.size > 150 + render :text => 'Too many preferences', :status => :request_entity_too_large end + # kill the existing ones + UserPreference.delete_all(['user_id = ?', @user.id]) + + # save the new ones + prefs.each do |pref| + pref.save! + end render :nothing => true + + rescue Exception => ex + render :text => 'OH NOES! FAIL!: ' + ex.to_s, :status => :internal_server_error end end