From 1733e8990a242d7d4b3834b7cec2118597d685bd Mon Sep 17 00:00:00 2001 From: Nick Burch Date: Sun, 8 Apr 2007 16:29:06 +0000 Subject: [PATCH] When we hit an error in /api/0.x/map, include a more helpful explanation of what's wrong in an error header (ruby's CGI stuff won't let you set it as the HTTP status message) --- app/controllers/api_controller.rb | 32 +++++++++++++++++++++++++++++-- app/controllers/application.rb | 11 +++++++++++ 2 files changed, 41 insertions(+), 2 deletions(-) diff --git a/app/controllers/api_controller.rb b/app/controllers/api_controller.rb index bfe26f542..976c8bd03 100644 --- a/app/controllers/api_controller.rb +++ b/app/controllers/api_controller.rb @@ -3,12 +3,15 @@ class ApiController < ApplicationController before_filter :authorize after_filter :compress_output + # The maximum area you're allowed to request, in square degrees + MAX_REQUEST_AREA = 0.25 + def map response.headers["Content-Type"] = 'application/xml' # Figure out the bbox bbox = params['bbox'] unless bbox and bbox.count(',') == 3 - render :nothing => true, :status => 400 + report_error("The parameter bbox is required, and must be of the form min_lon,min_lat,max_lon,max_lat") return end @@ -19,17 +22,42 @@ class ApiController < ApplicationController max_lon = bbox[2].to_f max_lat = bbox[3].to_f + # check the bbox is sane + unless min_lon <= max_lon + report_error("The minimum longitude must be less than the maximum longitude, but it wasn't") + return + end + unless min_lat <= max_lat + report_error("The minimum latitude must be less than the maximum latitude, but it wasn't") + return + end + unless min_lon >= -180 && min_lat >= -90 && max_lon <= 180 && max_lat <= 90 + report_error("The latitudes must be between -90 and 90, and longitudes between -180 and 180") + return + end + + # check the bbox isn't too large + requested_area = (max_lat-min_lat)*(max_lon-min_lon) + if requested_area > MAX_REQUEST_AREA + report_error("The maximum bbox size is " + MAX_REQUEST_AREA.to_s + ", and your request was too large. Either request a smaller area, or use planet.osm") + return + end + # get all the nodes nodes = Node.find(:all, :conditions => ['latitude > ? AND longitude > ? AND latitude < ? AND longitude < ? AND visible = 1', min_lat, min_lon, max_lat, max_lon]) node_ids = nodes.collect {|node| node.id } + + # (in the future, we may wish to abort here if we found too many nodes) + + # grab the segments segments = Array.new if node_ids.length > 0 node_ids_sql = "(#{node_ids.join(',')})" # get the referenced segments segments = Segment.find_by_sql "select * from current_segments where visible = 1 and (node_a in #{node_ids_sql} or node_b in #{node_ids_sql})" end - # see if we have nay missing nodes + # see if we have any missing nodes segments_nodes = segments.collect {|segment| segment.node_a } segments_nodes += segments.collect {|segment| segment.node_b } diff --git a/app/controllers/application.rb b/app/controllers/application.rb index 9d4749a0d..d15604c75 100644 --- a/app/controllers/application.rb +++ b/app/controllers/application.rb @@ -38,6 +38,17 @@ class ApplicationController < ActionController::Base end end + # Report and error to the user + # (If anyone ever fixes Rails so it can set a http status "reason phrase", + # rather than only a status code and having the web engine make up a + # phrase from that, we can also put the error message into the status + # message. For now, rails won't let us) + def report_error(message) + render :nothing => true, :status => 400 + # Todo: some sort of escaping of problem characters in the message + response.headers['Error'] = message + end + # extract authorisation credentials from headers, returns user = nil if none private def get_auth_data -- 2.39.5