Adding blocking to user auth bits of amf_controller. Or, at least, the bits I could...

diff --git a/app/controllers/amf_controller.rb b/app/controllers/amf_controller.rb
index 86ca3f5fbe193250a301cbb810d68b6b9d5d7862..32ed9b6532bf0af7eb83982014ce577ac453e7ba 100644 (file)
--- a/app/controllers/amf_controller.rb
+++ b/app/controllers/amf_controller.rb
@@ -178,6 +178,7 @@ class AmfController < ApplicationController
     amf_handle_error("'startchangeset'",nil,nil) do
       user = getuser(usertoken)
       if !user then return -1,"You are not logged in, so Potlatch can't write any changes to the database." end
+      unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end
 
       # close previous changeset and add comment
       if closeid
@@ -472,7 +473,8 @@ class AmfController < ApplicationController
   def findgpx(searchterm, usertoken)
     amf_handle_error_with_timeout("'findgpx'" ,nil,nil) do
       user = getuser(usertoken)
-      if !uid then return -1,"You must be logged in to search for GPX traces.",[] end
+      if !user then return -1,"You must be logged in to search for GPX traces.",[] end
+      unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked'),[] end
 
       gpxs = []
       if searchterm.to_i>0 then
@@ -538,6 +540,7 @@ class AmfController < ApplicationController
     amf_handle_error("'putrelation' #{relid}" ,'relation',relid)  do
       user = getuser(usertoken)
       if !user then return -1,"You are not logged in, so the relation could not be saved." end
+      unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end
       if !tags_ok(tags) then return -1,"One of the tags is invalid. Please pester Adobe to fix Flash on Linux." end
       tags = strip_non_xml_chars tags
 
@@ -625,6 +628,7 @@ class AmfController < ApplicationController
        
       user = getuser(usertoken)
       if !user then return -1,"You are not logged in, so the way could not be saved." end
+      unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end
       if pointlist.length < 2 then return -2,"Server error - way is only #{points.length} points long." end
       if !tags_ok(attributes) then return -1,"One of the tags is invalid. Please pester Adobe to fix Flash on Linux." end
       attributes = strip_non_xml_chars attributes
@@ -729,6 +733,7 @@ class AmfController < ApplicationController
     amf_handle_error("'putpoi' #{id}", 'node',id) do
       user = getuser(usertoken)
       if !user then return -1,"You are not logged in, so the point could not be saved." end
+      unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end
       if !tags_ok(tags) then return -1,"One of the tags is invalid. Please pester Adobe to fix Flash on Linux." end
       tags = strip_non_xml_chars tags
 
@@ -811,6 +816,7 @@ class AmfController < ApplicationController
     amf_handle_error("'deleteway' #{way_id}" ,'way',id) do
       user = getuser(usertoken)
       unless user then return -1,"You are not logged in, so the way could not be deleted." end
+      unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end
       
       way_id = way_id.to_i
       nodeversions = {}