From: Matt Amos Date: Fri, 2 Oct 2009 10:49:03 +0000 (+0000) Subject: Adding blocking to user auth bits of amf_controller. Or, at least, the bits I could... X-Git-Tag: live~7213^2~3 X-Git-Url: https://git.openstreetmap.org./rails.git/commitdiff_plain/3429f016c2245bd538aaf277136bbf65e448b3a5?hp=-c Adding blocking to user auth bits of amf_controller. Or, at least, the bits I could find. --- 3429f016c2245bd538aaf277136bbf65e448b3a5 diff --git a/app/controllers/amf_controller.rb b/app/controllers/amf_controller.rb index 86ca3f5fb..32ed9b653 100644 --- a/app/controllers/amf_controller.rb +++ b/app/controllers/amf_controller.rb @@ -178,6 +178,7 @@ class AmfController < ApplicationController amf_handle_error("'startchangeset'",nil,nil) do user = getuser(usertoken) if !user then return -1,"You are not logged in, so Potlatch can't write any changes to the database." end + unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end # close previous changeset and add comment if closeid @@ -472,7 +473,8 @@ class AmfController < ApplicationController def findgpx(searchterm, usertoken) amf_handle_error_with_timeout("'findgpx'" ,nil,nil) do user = getuser(usertoken) - if !uid then return -1,"You must be logged in to search for GPX traces.",[] end + if !user then return -1,"You must be logged in to search for GPX traces.",[] end + unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked'),[] end gpxs = [] if searchterm.to_i>0 then @@ -538,6 +540,7 @@ class AmfController < ApplicationController amf_handle_error("'putrelation' #{relid}" ,'relation',relid) do user = getuser(usertoken) if !user then return -1,"You are not logged in, so the relation could not be saved." end + unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end if !tags_ok(tags) then return -1,"One of the tags is invalid. Please pester Adobe to fix Flash on Linux." end tags = strip_non_xml_chars tags @@ -625,6 +628,7 @@ class AmfController < ApplicationController user = getuser(usertoken) if !user then return -1,"You are not logged in, so the way could not be saved." end + unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end if pointlist.length < 2 then return -2,"Server error - way is only #{points.length} points long." end if !tags_ok(attributes) then return -1,"One of the tags is invalid. Please pester Adobe to fix Flash on Linux." end attributes = strip_non_xml_chars attributes @@ -729,6 +733,7 @@ class AmfController < ApplicationController amf_handle_error("'putpoi' #{id}", 'node',id) do user = getuser(usertoken) if !user then return -1,"You are not logged in, so the point could not be saved." end + unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end if !tags_ok(tags) then return -1,"One of the tags is invalid. Please pester Adobe to fix Flash on Linux." end tags = strip_non_xml_chars tags @@ -811,6 +816,7 @@ class AmfController < ApplicationController amf_handle_error("'deleteway' #{way_id}" ,'way',id) do user = getuser(usertoken) unless user then return -1,"You are not logged in, so the way could not be deleted." end + unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end way_id = way_id.to_i nodeversions = {}