From 880032ed853727c8e86133e8b3283d61ffc167c0 Mon Sep 17 00:00:00 2001
From: Anton Khorev <tony29@yandex.ru>
Date: Sat, 21 Dec 2024 05:11:13 +0300
Subject: [PATCH 1/1] Create user traces resource in api namespace

---
 app/abilities/api_ability.rb                  |  2 -
 .../api/users/traces_controller.rb            | 14 ++++++
 app/controllers/api/users_controller.rb       |  9 +---
 .../index.builder}                            |  0
 config/routes.rb                              |  3 +-
 .../api/users/traces_controller_test.rb       | 43 +++++++++++++++++++
 test/controllers/api/users_controller_test.rb | 31 -------------
 7 files changed, 60 insertions(+), 42 deletions(-)
 create mode 100644 app/controllers/api/users/traces_controller.rb
 rename app/views/api/users/{gpx_files.builder => traces/index.builder} (100%)
 create mode 100644 test/controllers/api/users/traces_controller_test.rb

diff --git a/app/abilities/api_ability.rb b/app/abilities/api_ability.rb
index 3fe180eeb..13a453eb5 100644
--- a/app/abilities/api_ability.rb
+++ b/app/abilities/api_ability.rb
@@ -29,8 +29,6 @@ class ApiAbility
         can [:create, :update, :destroy], Trace if scope?(token, :write_gpx)
 
         can :details, User if scope?(token, :read_prefs)
-        can :gpx_files, User if scope?(token, :read_gpx)
-
         can :read, UserPreference if scope?(token, :read_prefs)
         can [:update, :update_all, :destroy], UserPreference if scope?(token, :write_prefs)
 
diff --git a/app/controllers/api/users/traces_controller.rb b/app/controllers/api/users/traces_controller.rb
new file mode 100644
index 000000000..379515d49
--- /dev/null
+++ b/app/controllers/api/users/traces_controller.rb
@@ -0,0 +1,14 @@
+module Api
+  module Users
+    class TracesController < ApiController
+      before_action :authorize
+
+      authorize_resource :trace
+
+      def index
+        @traces = current_user.traces.reload
+        render :content_type => "application/xml"
+      end
+    end
+  end
+end
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb
index e9f42e12b..462b4ba3c 100644
--- a/app/controllers/api/users_controller.rb
+++ b/app/controllers/api/users_controller.rb
@@ -2,13 +2,13 @@ module Api
   class UsersController < ApiController
     before_action :disable_terms_redirect, :only => [:details]
     before_action :setup_user_auth, :only => [:show, :index]
-    before_action :authorize, :only => [:details, :gpx_files]
+    before_action :authorize, :only => [:details]
 
     authorize_resource
 
     load_resource :only => :show
 
-    before_action :set_request_formats, :except => [:gpx_files]
+    before_action :set_request_formats
 
     def index
       raise OSM::APIBadUserInput, "The parameter users is required, and must be of the form users=id[,id[,id...]]" unless params["users"]
@@ -47,11 +47,6 @@ module Api
       end
     end
 
-    def gpx_files
-      @traces = current_user.traces.reload
-      render :content_type => "application/xml"
-    end
-
     private
 
     def disable_terms_redirect
diff --git a/app/views/api/users/gpx_files.builder b/app/views/api/users/traces/index.builder
similarity index 100%
rename from app/views/api/users/gpx_files.builder
rename to app/views/api/users/traces/index.builder
diff --git a/config/routes.rb b/config/routes.rb
index 182a18060..c7488e5b0 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -66,13 +66,12 @@ OpenStreetMap::Application.routes.draw do
     get "map" => "map#index"
 
     get "trackpoints" => "tracepoints#index"
-
-    get "user/gpx_files" => "users#gpx_files"
   end
 
   namespace :api, :path => "api/0.6" do
     resources :users, :only => :index
     resources :users, :path => "user", :id => /\d+/, :only => :show
+    resources :user_traces, :path => "user/gpx_files", :module => :users, :controller => :traces, :only => :index
     get "user/details" => "users#details"
 
     resources :user_preferences, :except => [:new, :create, :edit], :param => :preference_key, :path => "user/preferences" do
diff --git a/test/controllers/api/users/traces_controller_test.rb b/test/controllers/api/users/traces_controller_test.rb
new file mode 100644
index 000000000..9fdd49271
--- /dev/null
+++ b/test/controllers/api/users/traces_controller_test.rb
@@ -0,0 +1,43 @@
+require "test_helper"
+
+module Api
+  module Users
+    class TracesControllerTest < ActionDispatch::IntegrationTest
+      ##
+      # test all routes which lead to this controller
+      def test_routes
+        assert_routing(
+          { :path => "/api/0.6/user/gpx_files", :method => :get },
+          { :controller => "api/users/traces", :action => "index" }
+        )
+      end
+
+      def test_index
+        user = create(:user)
+        trace1 = create(:trace, :user => user) do |trace|
+          create(:tracetag, :trace => trace, :tag => "London")
+        end
+        trace2 = create(:trace, :user => user) do |trace|
+          create(:tracetag, :trace => trace, :tag => "Birmingham")
+        end
+        # check that nothing is returned when not logged in
+        get api_user_traces_path
+        assert_response :unauthorized
+
+        # check that we get a response when logged in
+        auth_header = bearer_authorization_header user
+        get api_user_traces_path, :headers => auth_header
+        assert_response :success
+        assert_equal "application/xml", response.media_type
+
+        # check the data that is returned
+        assert_select "gpx_file[id='#{trace1.id}']", 1 do
+          assert_select "tag", "London"
+        end
+        assert_select "gpx_file[id='#{trace2.id}']", 1 do
+          assert_select "tag", "Birmingham"
+        end
+      end
+    end
+  end
+end
diff --git a/test/controllers/api/users_controller_test.rb b/test/controllers/api/users_controller_test.rb
index 008116bc6..90ef1999d 100644
--- a/test/controllers/api/users_controller_test.rb
+++ b/test/controllers/api/users_controller_test.rb
@@ -21,10 +21,6 @@ module Api
         { :path => "/api/0.6/user/details.json", :method => :get },
         { :controller => "api/users", :action => "details", :format => "json" }
       )
-      assert_routing(
-        { :path => "/api/0.6/user/gpx_files", :method => :get },
-        { :controller => "api/users", :action => "gpx_files" }
-      )
       assert_routing(
         { :path => "/api/0.6/users", :method => :get },
         { :controller => "api/users", :action => "index" }
@@ -405,33 +401,6 @@ module Api
       assert_select "user", :count => 0
     end
 
-    def test_gpx_files
-      user = create(:user)
-      trace1 = create(:trace, :user => user) do |trace|
-        create(:tracetag, :trace => trace, :tag => "London")
-      end
-      trace2 = create(:trace, :user => user) do |trace|
-        create(:tracetag, :trace => trace, :tag => "Birmingham")
-      end
-      # check that nothing is returned when not logged in
-      get user_gpx_files_path
-      assert_response :unauthorized
-
-      # check that we get a response when logged in
-      auth_header = bearer_authorization_header user
-      get user_gpx_files_path, :headers => auth_header
-      assert_response :success
-      assert_equal "application/xml", response.media_type
-
-      # check the data that is returned
-      assert_select "gpx_file[id='#{trace1.id}']", 1 do
-        assert_select "tag", "London"
-      end
-      assert_select "gpx_file[id='#{trace2.id}']", 1 do
-        assert_select "tag", "Birmingham"
-      end
-    end
-
     private
 
     def check_xml_details(user, include_private, include_email)
-- 
2.39.5