include CanCan::Ability
def initialize(user)
- can [:trackpoints, :map, :changes, :capabilities, :permissions], :api
+ can [:trackpoints, :map, :changes, :permissions], :api
can [:relation, :relation_history, :way, :way_history, :node, :node_history,
:changeset, :note, :new_note, :query], :browse
+ can :show, :capability
can [:index, :feed, :show, :download, :query], Changeset
can :index, ChangesetComment
can :search, :direction
--- /dev/null
+module Api
+ class CapabilitiesController < ApplicationController
+ skip_before_action :verify_authenticity_token
+ before_action :api_deny_access_handler
+
+ authorize_resource :class => false
+
+ around_action :api_call_handle_error, :api_call_timeout
+
+ # External apps that use the api are able to query the api to find out some
+ # parameters of the API. It currently returns:
+ # * minimum and maximum API versions that can be used.
+ # * maximum area that can be requested in a bbox request in square degrees
+ # * number of tracepoints that are returned in each tracepoints page
+ def show
+ @database_status = database_status
+ @api_status = api_status
+ @gpx_status = gpx_status
+ end
+ end
+end
authorize_resource :class => false
- before_action :check_api_readable, :except => [:capabilities]
+ before_action :check_api_readable
before_action :setup_user_auth, :only => [:permissions]
around_action :api_call_handle_error, :api_call_timeout
end
end
- # External apps that use the api are able to query the api to find out some
- # parameters of the API. It currently returns:
- # * minimum and maximum API versions that can be used.
- # * maximum area that can be requested in a bbox request in square degrees
- # * number of tracepoints that are returned in each tracepoints page
- def capabilities
- @database_status = database_status
- @api_status = api_status
- @gpx_status = gpx_status
- end
-
# External apps that use the api are able to query which permissions
# they have. This currently returns a list of permissions granted to the current user:
# * if authenticated via OAuth, this list will contain all permissions granted by the user to the access_token.
OpenStreetMap::Application.routes.draw do
# API
- get "api/capabilities" => "api#capabilities"
+ namespace :api do
+ get "capabilities" => "capabilities#show"
+ end
scope "api/0.6" do
- get "capabilities" => "api#capabilities"
+ get "capabilities" => "api/capabilities#show"
get "permissions" => "api#permissions"
put "changeset/create" => "changesets#create"
--- /dev/null
+require "test_helper"
+
+module Api
+ class CapabilitiesControllerTest < ActionController::TestCase
+ ##
+ # test all routes which lead to this controller
+ def test_routes
+ assert_routing(
+ { :path => "/api/capabilities", :method => :get },
+ { :controller => "api/capabilities", :action => "show" }
+ )
+ assert_recognizes(
+ { :controller => "api/capabilities", :action => "show" },
+ { :path => "/api/0.6/capabilities", :method => :get }
+ )
+ end
+
+ def test_capabilities
+ get :show
+ assert_response :success
+ assert_select "osm[version='#{API_VERSION}'][generator='#{GENERATOR}']", :count => 1 do
+ assert_select "api", :count => 1 do
+ assert_select "version[minimum='#{API_VERSION}'][maximum='#{API_VERSION}']", :count => 1
+ assert_select "area[maximum='#{MAX_REQUEST_AREA}']", :count => 1
+ assert_select "note_area[maximum='#{MAX_NOTE_REQUEST_AREA}']", :count => 1
+ assert_select "tracepoints[per_page='#{TRACEPOINTS_PER_PAGE}']", :count => 1
+ assert_select "changesets[maximum_elements='#{Changeset::MAX_ELEMENTS}']", :count => 1
+ assert_select "status[database='online']", :count => 1
+ assert_select "status[api='online']", :count => 1
+ assert_select "status[gpx='online']", :count => 1
+ end
+ end
+ end
+ end
+end
##
# test all routes which lead to this controller
def test_routes
- assert_routing(
- { :path => "/api/capabilities", :method => :get },
- { :controller => "api", :action => "capabilities" }
- )
- assert_recognizes(
- { :controller => "api", :action => "capabilities" },
- { :path => "/api/0.6/capabilities", :method => :get }
- )
assert_routing(
{ :path => "/api/0.6/permissions", :method => :get },
{ :controller => "api", :action => "permissions" }
assert_response :success
end
- def test_capabilities
- get :capabilities
- assert_response :success
- assert_select "osm[version='#{API_VERSION}'][generator='#{GENERATOR}']", :count => 1 do
- assert_select "api", :count => 1 do
- assert_select "version[minimum='#{API_VERSION}'][maximum='#{API_VERSION}']", :count => 1
- assert_select "area[maximum='#{MAX_REQUEST_AREA}']", :count => 1
- assert_select "note_area[maximum='#{MAX_NOTE_REQUEST_AREA}']", :count => 1
- assert_select "tracepoints[per_page='#{TRACEPOINTS_PER_PAGE}']", :count => 1
- assert_select "changesets[maximum_elements='#{Changeset::MAX_ELEMENTS}']", :count => 1
- assert_select "status[database='online']", :count => 1
- assert_select "status[api='online']", :count => 1
- assert_select "status[gpx='online']", :count => 1
- end
- end
- end
-
def test_permissions_anonymous
get :permissions
assert_response :success
projects / rails.git / commitdiff