before_filter :authorize_web, :only => [:list, :list_user, :list_bbox]
before_filter :set_locale, :only => [:list, :list_user, :list_bbox]
before_filter :authorize, :only => [:create, :update, :delete, :upload, :include, :close]
+ before_filter :require_allow_write_api, :only => [:create, :update, :delete, :upload, :include, :close]
before_filter :require_public_data, :only => [:create, :update, :delete, :upload, :include, :close]
before_filter :check_api_writable, :only => [:create, :update, :delete, :upload, :include]
before_filter :check_api_readable, :except => [:create, :update, :delete, :upload, :download, :query]
bbox_link = "<a href='#{url_for(:controller => "site", :action => "index", :minlon => bbox.min_lon, :minlat => bbox.min_lat, :maxlon => bbox.max_lon, :maxlat => bbox.max_lat, :box => "yes")}'>#{bbox.to_s}</a>"
end
- @title = t 'changeset.list.title'
+ if user
+ user_link = "<a href='#{url_for(:controller => "user", :action => "view", :display_name => user.display_name)}'>#{user.display_name}</a>"
+ end
if user and bbox
- @description = t 'changeset.list.description_user_bbox', :user => user.display_name, :bbox => bbox_link
+ @title = t 'changeset.list.title_user_bbox', :user => user.display_name, :bbox => bbox.to_s
+ @heading = t 'changeset.list.heading_user_bbox', :user => user.display_name, :bbox => bbox.to_s
+ @description = t 'changeset.list.description_user_bbox', :user => user_link, :bbox => bbox_link
elsif user
- @description = t 'changeset.list.description_user', :user => user.display_name
+ @title = t 'changeset.list.title_user', :user => user.display_name
+ @heading = t 'changeset.list.heading_user', :user => user.display_name
+ @description = t 'changeset.list.description_user', :user => user_link
elsif bbox
+ @title = t 'changeset.list.title_bbox', :bbox => bbox.to_s
+ @heading = t 'changeset.list.heading_bbox', :bbox => bbox.to_s
@description = t 'changeset.list.description_bbox', :bbox => bbox_link
else
+ @title = t 'changeset.list.title'
+ @heading = t 'changeset.list.heading'
@description = t 'changeset.list.description'
end
class User < ActiveRecord::Base
require 'xml/libxml'
- has_many :traces
+ has_many :traces, :conditions => { :visible => true }
has_many :diary_entries, :order => 'created_at DESC'
- has_many :messages, :foreign_key => :to_user_id, :order => 'sent_on DESC'
- has_many :new_messages, :class_name => "Message", :foreign_key => :to_user_id, :conditions => {:message_read => false}, :order => 'sent_on DESC'
- has_many :sent_messages, :class_name => "Message", :foreign_key => :from_user_id, :order => 'sent_on DESC'
+ has_many :messages, :foreign_key => :to_user_id, :conditions => { :to_user_visible => true }, :order => 'sent_on DESC'
+ has_many :new_messages, :class_name => "Message", :foreign_key => :to_user_id, :conditions => { :message_read => false }, :order => 'sent_on DESC'
+ has_many :sent_messages, :class_name => "Message", :foreign_key => :from_user_id, :conditions => { :from_user_visible => true }, :order => 'sent_on DESC'
has_many :friends, :include => :befriendee, :conditions => ["users.visible = ?", true]
has_many :tokens, :class_name => "UserToken"
has_many :preferences, :class_name => "UserPreference"
has_many :changesets
+ has_many :client_applications
+ has_many :oauth_tokens, :class_name => "OauthToken", :order => "authorized_at desc", :include => [:client_application]
+
validates_presence_of :email, :display_name
validates_confirmation_of :email#, :message => ' addresses must match'
validates_confirmation_of :pass_crypt#, :message => ' must match the confirmation password'
download: "{{changeset_xml_link}} oder {{osmchange_xml_link}} herunterladen"
changesetxml: "Changeset XML"
osmchangexml: "osmChange XML"
+ changeset_navigation:
+ user:
+ name_tooltip: "Änderungen von {{user}} anzeigen"
+ prev_tooltip: "Vorherige Änderung von {{user}}"
+ next_tooltip: "Nächste Änderung von {{user}}"
+ all:
+ prev_tooltip: "Vorheriges Changeset"
+ next_tooltip: "Nächstes Changeset"
changeset_details:
created_at: "Erstellt am:"
closed_at: "Geschlossen am:"
no_bounding_box: "Für dieses Changeset wurde kein Bereich gespeichert."
show_area_box: "Bereichsgrenze anzeigen"
box: "Bereichsgrenze"
- has_nodes: "Enthält folgende {{count}} Knoten:"
- has_ways: "Enthält folgende {{count}} Wege:"
- has_relations: "Enthält folgende {{count}} Relationen:"
+ has_nodes:
+ one: "Enthält folgenden Knoten:"
+ other: "Enhält folgende {{count}} Knoten:"
+ has_ways:
+ one: "Enthält folgenden Weg:"
+ other: "Enthält folgende {{count}} Wege:"
+ has_relations:
+ one: "Enthält folgende Relation:"
+ other: "Enthält folgende {{count}} Relationen:"
common_details:
edited_at: "Bearbeitet am:"
edited_by: "Bearbeitet von:"
relation_history:
relation_history: "Relations-Chronik"
relation_history_title: "Relations-Chronik: {{relation_name}}"
+ download: "{{download_xml_link}} oder {{view_details_link}}"
+ download_xml: "XML herungerladen"
+ view_details: "Details anzeigen"
relation_member:
entry: "{{type}} {{name}}"
entry_role: "{{type}} {{name}} als {{role}}"
show_area_box: "Bereich anzeigen"
big_area: "(groß)"
view_changeset_details: "Details des Changesets"
- more: "mehr"
changesets:
id: "ID"
saved_at: "Gespeichert am"
user: "Benutzer"
comment: "Kommentar"
area: "Bereich"
- list_bbox:
- history: "Chronik"
- changesets_within_the_area: "Changesets in dem Bereich:"
- show_area_box: "Bereich anzeigen"
- no_changesets: "Keine Changesets"
- all_changes_everywhere: "Für letzte Änderungen weltweit siehe {{recent_changes_link}}"
- recent_changes: "Letzte Änderungen"
- no_area_specified: "Kein Bereich angegeben"
- first_use_view: "{{view_tab_link}} verwenden, um einen interessanten Bereich zu finden und dann auf das 'Chronik-Tab' klicken."
- view_the_map: "Karte"
- view_tab: "Kartenansicht"
- alternatively_view: "Alternativ: {{recent_changes_link}} anzeigen"
list:
- recent_changes: "Letzte Änderungen"
- recently_edited_changesets: "Zuletzt erstellte Changesets:"
- for_more_changesets: "Mehr Changesets des Benutzers kannst du auf dessen Benutzerseite unter Beiträge einsehen, für Changesets eines Bereiches gehe auf den 'Chronik'-Reiter beim betrachten des gewünschten Kartenausschnitts."
- list_user:
- edits_by_username: "Beiträge von {{username_link}}"
- no_visible_edits_by: "Keine sichtbaren Beiträge von {{name}}."
- for_all_changes: "Änderungen von allen Nutzern {{recent_changes_link}}"
- recent_changes: "Letzte Änderungen"
+ title: "Changesets"
+ description: "Letzte Änderungen"
+ description_user: "Letzte Änderungen von {{user}}"
+ description_bbox: "Letzte Änderungen in {{bbox}}"
+ description_user_bbox: "Letzte Änderungen von {{user}} in {{bbox}}"
diary_entry:
new:
title: Selbst Bloggen
ca_postcode: 'Suchergebnisse von <a href="http://geocoder.ca/">Geocoder.CA</a>'
osm_namefinder: 'Suchergebnisse von <a href="http://gazetteer.openstreetmap.org/namefinder/">OpenStreetMap Namefinder</a>'
geonames: 'Suchergebnisse von <a href="http://www.geonames.org/">GeoNames</a>'
+ search_osm_namefinder:
+ prefix: "{{type}} "
+ suffix_place: ", {{distance}} {{direction}} von {{placename}}"
+ suffix_parent: "{{suffix}} ({{parentdistance}} {{parentdirection}} von {{parentname}})"
+ suffix_suburb: "{{suffix}}, {{parentname}}"
+ description:
+ title:
+ osm_namefinder: '{{types}} vom <a href="http://gazetteer.openstreetmap.org/namefinder/">OpenStreetMap Namefinder</a>'
+ geonames: 'Ort von <a href="http://www.geonames.org/">GeoNames</a>'
+ types:
+ cities: Großstädte
+ towns: Städte
+ places: Orte
+ description_osm_namefinder:
+ prefix: "{{distance}} {{direction}} von {{type}} "
results:
no_results: "Keine Ergebnisse"
+ distance:
+ zero: "weniger als 1km"
+ one: "ca. 1km"
+ other: "ca. {{count}}km"
+ direction:
+ south_west: "südwestlich"
+ south: "südlich"
+ south_east: "südöstlich"
+ east: "östlich"
+ north_east: "nordöstlich"
+ north: "nördlich"
+ north_west: "nordwestlich"
+ west: "westlich"
layouts:
project_name:
# in <title>
unread_button: "Als ungelesen markieren"
read_button: "Als gelesen markieren"
reply_button: "Antworten"
+ delete_button: "Löschen"
new:
title: "Nachricht senden"
send_message_to: "Eine Nachricht an {{name}} senden"
reading_your_sent_messages: "Deine versendeten Nachrichten lesen"
to: "An"
back_to_outbox: "Zurück zu Gesendete Nachrichten"
+ sent_message_summary:
+ delete_button: "Löschen"
mark:
as_read: "Nachricht als gelesen markiert"
as_unread: "Nachricht als ungelesen markiert"
+ delete:
+ deleted: "Nachricht gelöscht"
site:
index:
js_1: "Dein Browser unterstützt kein Javascript oder du hast es deaktiviert."
anon_edits_link: "http://wiki.openstreetmap.org/wiki/Disabling_anonymous_edits"
anon_edits_link_text: "Hier findest du mehr Infos dazu."
flash_player_required: 'Du benötigst den Flash Player um Potlatch, den OpenStreetMap-Flash-Editor zu benutzen. <a href="http://www.adobe.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash">Lade den Flash Player von Adobe.com herunter</a>. <a href="http://wiki.openstreetmap.org/wiki/DE:Editing">Einige andere Möglichkeiten</a>, um OpenStreetMap zu editieren, sind hier beschrieben.'
- potlatch_unsaved_changes: "Du hast deine Arbeit noch nicht gespeichert. (Um sie in Potlach zu speichern, klicke auf eine leere Fläche bzw. deselektiere den Weg oder Punkt, wenn du im Live Modus editierst oder klicke auf Speichern, wenn ein Speicherbutton vorhanden ist.)"
+ potlatch_unsaved_changes: "Du hast deine Arbeit noch nicht gespeichert. (Um sie in Potlach zu speichern, klicke auf eine leere Fläche bzw. deselektiere den Weg oder Punkt, wenn du im Live-Modus editierst oder klicke auf Speichern, wenn ein Speicherbutton vorhanden ist.)"
sidebar:
search_results: Suchergebnisse
close: Schließen
owner: "Besitzer:"
description: "Beschreibung:"
tags: "Tags:"
+ tags_help: "Trennung durch Komma"
save_button: "Speichere Änderungen"
no_such_user:
title: "Benutzer nicht gefunden"
upload_gpx: "GPX-Datei"
description: "Beschreibung"
tags: "Tags"
+ tags_help: "Trennung durch Komma"
public: "Öffentlich?"
public_help: "Was heißt das?"
public_help_url: "http://wiki.openstreetmap.org/wiki/Visibility_of_GPS_traces"
scheduled_for_deletion: "Für Löschung vorgesehener Track"
make_public:
made_public: "veröffentlichter Track"
+ oauth:
+ client_application:
+ request_access: "Die Anwendung {{app_name}} möchte auf Deinen OpenStreetMap-Account zugreifen. Bitte entscheide, ob Du der Anwendung die folgenden Rechte gewähren möchtest. Du kannst alle oder einige der folgenden Rechte gewähren:"
+ allow_to: "Erlaube der Anwendung:"
+ allow_read_prefs: "Deine Benutzereinstellungen zu lesen"
+ allow_write_prefs: "Deine Benutzereinstellungen zu verändern"
+ allow_write_diary: "Blog-Einträge und Kommentare zu schreiben und Freunde einzutragen"
+ allow_write_api: "Die OSM-Datenbank zu ändern"
+ allow_read_gpx: "Deine privaten GPS-Tracks auszulesen"
+ allow_write_gpx: "GPS-Tracks hochzuladen"
+ token:
+ none: "Du hast bislang keinen Anwendungen Zugriff auf Deinen Account gewährt. Du musst jetzt nichts unternehmen, denn die Anwendungen werden Dich dazu auffordern, wenn es nötig ist. Zu einem späteren Zeitpunkt kannst Du in diesem Menü sehen, welche Anwendungen Zugriff erhalten haben, und kannst diese Erlaubnis hier auch widerrufen."
+ application: "Anwendung"
+ issued: "Zugriff gewährt"
+ revoke: "widerrufen"
user:
login:
title: "Anmelden"
your friends: Eigene Freunde
no friends: Du hast bis jetzt keine Freunde hinzugefügt.
km away: "{{count}}km entfernt"
+ m away: "{{count}}m entfernt"
nearby users: "Benutzer in der Nähe: "
no nearby users: "Es gibt bisher keine Benutzer, die einen Standort in deiner Nähe angegeben haben."
change your settings: Ändere deine Einstellungen
showing_page: "Showing page"
of: "of"
changeset:
+ id: "#{{id}}"
still_editing: "(still editing)"
anonymous: "Anonymous"
no_comment: "(none)"
show_area_box: "show area box"
big_area: "(big)"
view_changeset_details: "View changeset details"
- more: "more"
changesets:
id: "ID"
saved_at: "Saved at"
area: "Area"
list:
title: "Changesets"
- description: "Recent edits"
- description_user: "Recent edits by {{user}}"
- description_bbox: "Recent edits within {{bbox}}"
- description_user_bbox: "Recent edits by {{user}} within {{bbox}}"
+ title_user: "Changesets by {{user}}"
+ title_bbox: "Changesets within {{bbox}}"
+ title_user_bbox: "Changesets by {{user}} within {{bbox}}"
+
+ heading: "Changesets"
+ heading_user: "Changesets by {{user}}"
+ heading_bbox: "Changesets within {{bbox}}"
+ heading_user_bbox: "Changesets by {{user}} within {{bbox}}"
+
+ description: "Recent changes"
+ description_user: "Changesets by {{user}}"
+ description_bbox: "Changesets within {{bbox}}"
+ description_user_bbox: "Changesets by {{user}} within {{bbox}}"
diary_entry:
new:
title: New Diary Entry
unread_button: "Mark as unread"
read_button: "Mark as read"
reply_button: "Reply"
+ delete_button: "Delete"
new:
title: "Send message"
send_message_to: "Send a new message to {{name}}"
reading_your_sent_messages: "Reading your sent messages"
to: "To"
back_to_outbox: "Back to outbox"
+ sent_message_summary:
+ delete_button: "Delete"
mark:
as_read: "Message marked as read"
as_unread: "Message marked as unread"
+ delete:
+ deleted: "Message deleted"
site:
index:
js_1: "You are either using a browser that doesn't support javascript, or you have disabled javascript."
scheduled_for_deletion: "Track scheduled for deletion"
make_public:
made_public: "Track made public"
+ oauth:
+ client_application:
+ request_access: "The application {{app_name}} is requesting access to your account. Please check whether you would like the application to have the following capabilities. You may choose as many or as few as you like."
+ allow_to: "Allow the client application to:"
+ allow_read_prefs: "read your user preferences."
+ allow_write_prefs: "modify your user preferences."
+ allow_write_diary: "create diary entries, comments and make friends."
+ allow_write_api: "modify the map."
+ allow_read_gpx: "read your private GPS traces."
+ allow_write_gpx: "upload GPS traces."
+ token:
+ none: "You have not authorised any clients to act on your behalf. You do not have to do anything now to authorise them, as they will ask for authorisation when they need it. After that time you can return here to revoke those permissions if you do not want the clients to have your authorisation any more."
+ application: "Application"
+ issued: "Issued"
+ revoke: "Revoke!"
user:
login:
title: "Login"
return to profile: Return to profile
flash update success confirm needed: "User information updated successfully. Check your email for a note to confirm your new email address."
flash update success: "User information updated successfully."
+ my apps: "My client applications"
+ developers: "Application Developers"
+ dev_intro: "Have you written an application which you would like to register to make {{link}} requests to the OpenStreetMap server?"
+ register_app: "Register your application"
+ apps_registered: "You have the following client applications registered:"
+ register_another_app: "Register another application"
confirm:
heading: Confirm a user account
press confirm button: "Press the confirm button below to activate your account."
map.connect '/export/finish', :controller => 'export', :action => 'finish'
# messages
-
map.connect '/user/:display_name/inbox', :controller => 'message', :action => 'inbox'
map.connect '/user/:display_name/outbox', :controller => 'message', :action => 'outbox'
map.connect '/message/new/:display_name', :controller => 'message', :action => 'new'
map.connect '/message/read/:message_id', :controller => 'message', :action => 'read'
map.connect '/message/mark/:message_id', :controller => 'message', :action => 'mark'
map.connect '/message/reply/:message_id', :controller => 'message', :action => 'reply'
+ map.connect '/message/delete/:message_id', :controller => 'message', :action => 'delete'
+ # oauth admin pages (i.e: for setting up new clients, etc...)
+ map.resources :oauth_clients
+ map.connect '/oauth/revoke', :controller => 'oauth', :action => 'revoke'
+ map.authorize '/oauth/authorize', :controller => 'oauth', :action => 'oauthorize'
+ map.request_token '/oauth/request_token', :controller => 'oauth', :action => 'request_token'
+ map.access_token '/oauth/access_token', :controller => 'oauth', :action => 'access_token'
+ map.test_request '/oauth/test_request', :controller => 'oauth', :action => 'test_request'
+
# fall through
map.connect ':controller/:id/:action'
map.connect ':controller/:action'
--- /dev/null
+class CreateOauthTables < ActiveRecord::Migration
+ def self.up
+ create_table :client_applications do |t|
+ t.string :name
+ t.string :url
+ t.string :support_url
+ t.string :callback_url
+ t.string :key, :limit => 50
+ t.string :secret, :limit => 50
+ t.integer :user_id
+
+ t.timestamps
+ end
+ add_index :client_applications, :key, :unique => true
+
+ create_table :oauth_tokens do |t|
+ t.integer :user_id
+ t.string :type, :limit => 20
+ t.integer :client_application_id
+ t.string :token, :limit => 50
+ t.string :secret, :limit => 50
+ t.timestamp :authorized_at, :invalidated_at
+ t.timestamps
+ end
+
+ add_index :oauth_tokens, :token, :unique => true
+
+ create_table :oauth_nonces do |t|
+ t.string :nonce
+ t.integer :timestamp
+
+ t.timestamps
+ end
+ add_index :oauth_nonces, [:nonce, :timestamp], :unique => true
+
+ end
+
+ def self.down
+ drop_table :client_applications
+ drop_table :oauth_tokens
+ drop_table :oauth_nonces
+ end
+
+end
--- /dev/null
+class AddFineOAuthPermissions < ActiveRecord::Migration
+ PERMISSIONS = [:allow_read_prefs, :allow_write_prefs, :allow_write_diary,
+ :allow_write_api, :allow_read_gpx, :allow_write_gpx ]
+
+ def self.up
+ PERMISSIONS.each do |perm|
+ # add fine-grained permissions columns for OAuth tokens, allowing people to
+ # give permissions to parts of the site only.
+ add_column :oauth_tokens, perm, :boolean, :null => false, :default => false
+
+ # add fine-grained permissions columns for client applications, allowing the
+ # client applications to request particular privileges.
+ add_column :client_applications, perm, :boolean, :null => false, :default => false
+ end
+ end
+
+ def self.down
+ PERMISSIONS.each do |perm|
+ remove_column :oauth_tokens, perm
+ remove_column :client_applications, perm
+ end
+ end
+end