if user.terms_agreed?
can [:create, :update, :upload, :close, :subscribe, :unsubscribe], Changeset if scope?(token, :write_api)
can :create, ChangesetComment if scope?(token, :write_api)
- can [:create, :update, :delete], [Node, Way, Relation] if scope?(token, :write_api)
+ can [:create, :update, :destroy], [Node] if scope?(token, :write_api)
+ can [:create, :update, :delete], [Way, Relation] if scope?(token, :write_api)
end
if user.moderator?
module Api
class NodesController < ApiController
- before_action :check_api_writable, :only => [:create, :update, :delete]
- before_action :authorize, :only => [:create, :update, :delete]
+ before_action :check_api_writable, :only => [:create, :update, :destroy]
+ before_action :authorize, :only => [:create, :update, :destroy]
authorize_resource
- before_action :require_public_data, :only => [:create, :update, :delete]
- before_action :set_request_formats, :except => [:create, :update, :delete]
- before_action :check_rate_limit, :only => [:create, :update, :delete]
+ before_action :require_public_data, :only => [:create, :update, :destroy]
+ before_action :set_request_formats, :except => [:create, :update, :destroy]
+ before_action :check_rate_limit, :only => [:create, :update, :destroy]
# Dump the details on many nodes whose ids are given in the "nodes" parameter.
def index
# Delete a node. Doesn't actually delete it, but retains its history
# in a wiki-like way. We therefore treat it like an update, so the delete
# method returns the new version number.
- def delete
+ def destroy
node = Node.find(params[:id])
new_node = Node.from_xml(request.raw_post)
get "node/:id/history" => "old_nodes#history", :as => :api_node_history, :id => /\d+/
post "node/:id/:version/redact" => "old_nodes#redact", :as => :node_version_redact, :version => /\d+/, :id => /\d+/
get "node/:id/:version" => "old_nodes#show", :as => :api_old_node, :id => /\d+/, :version => /\d+/
- get "node/:id" => "nodes#show", :as => :api_node, :id => /\d+/
- put "node/:id" => "nodes#update", :id => /\d+/
- delete "node/:id" => "nodes#delete", :id => /\d+/
get "way/:id/history" => "old_ways#history", :as => :api_way_history, :id => /\d+/
get "way/:id/full" => "ways#full", :as => :way_full, :id => /\d+/
namespace :api, :path => "api/0.6" do
resources :nodes, :only => [:index, :create]
+ resources :nodes, :path => "node", :id => /\d+/, :only => [:show, :update, :destroy]
put "node/create" => "nodes#create", :as => nil
resources :ways, :only => [:index, :create]
)
assert_routing(
{ :path => "/api/0.6/node/1", :method => :delete },
- { :controller => "api/nodes", :action => "delete", :id => "1" }
+ { :controller => "api/nodes", :action => "destroy", :id => "1" }
)
assert_recognizes(
# this tests deletion restrictions - basic deletion is tested in the unit
# tests for node!
- def test_delete
+ def test_destroy
private_user = create(:user, :data_public => false)
private_user_changeset = create(:changeset, :user => private_user)
private_user_closed_changeset = create(:changeset, :closed, :user => private_user)
projects / rails.git / commitdiff