From f2aaec4735d70868edf7aaa60ec2b1c64194cac3 Mon Sep 17 00:00:00 2001 From: Andy Allan Date: Wed, 29 May 2024 14:33:20 +0100 Subject: [PATCH] Standardise on avoiding except lists for check_api_readable Although this is technically duplicative, it's much easier to read and therefore to maintain, particularly if you put the _readable one first. --- app/controllers/api/changeset_comments_controller.rb | 2 +- app/controllers/api/changesets_controller.rb | 2 +- app/controllers/api/nodes_controller.rb | 2 +- app/controllers/api/relations_controller.rb | 2 +- app/controllers/api/traces_controller.rb | 2 +- app/controllers/api/ways_controller.rb | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/app/controllers/api/changeset_comments_controller.rb b/app/controllers/api/changeset_comments_controller.rb index e8d3f4c3a..c1980e80b 100644 --- a/app/controllers/api/changeset_comments_controller.rb +++ b/app/controllers/api/changeset_comments_controller.rb @@ -1,7 +1,7 @@ module Api class ChangesetCommentsController < ApiController + before_action :check_api_readable before_action :check_api_writable - before_action :check_api_readable, :except => [:create] before_action :authorize authorize_resource diff --git a/app/controllers/api/changesets_controller.rb b/app/controllers/api/changesets_controller.rb index 2e21f0c75..71ffc6d13 100644 --- a/app/controllers/api/changesets_controller.rb +++ b/app/controllers/api/changesets_controller.rb @@ -2,8 +2,8 @@ module Api class ChangesetsController < ApiController + before_action :check_api_readable before_action :check_api_writable, :only => [:create, :update, :upload, :subscribe, :unsubscribe] - before_action :check_api_readable, :except => [:index, :create, :update, :upload, :download, :subscribe, :unsubscribe] before_action :setup_user_auth, :only => [:show] before_action :authorize, :only => [:create, :update, :upload, :close, :subscribe, :unsubscribe] diff --git a/app/controllers/api/nodes_controller.rb b/app/controllers/api/nodes_controller.rb index dc7d04dc5..1ccc2152d 100644 --- a/app/controllers/api/nodes_controller.rb +++ b/app/controllers/api/nodes_controller.rb @@ -2,8 +2,8 @@ module Api class NodesController < ApiController + before_action :check_api_readable before_action :check_api_writable, :only => [:create, :update, :delete] - before_action :check_api_readable, :except => [:create, :update, :delete] before_action :authorize, :only => [:create, :update, :delete] authorize_resource diff --git a/app/controllers/api/relations_controller.rb b/app/controllers/api/relations_controller.rb index e82ac6368..6cd3f4137 100644 --- a/app/controllers/api/relations_controller.rb +++ b/app/controllers/api/relations_controller.rb @@ -1,7 +1,7 @@ module Api class RelationsController < ApiController + before_action :check_api_readable before_action :check_api_writable, :only => [:create, :update, :delete] - before_action :check_api_readable, :except => [:create, :update, :delete] before_action :authorize, :only => [:create, :update, :delete] authorize_resource diff --git a/app/controllers/api/traces_controller.rb b/app/controllers/api/traces_controller.rb index d9b5bce25..a510655ca 100644 --- a/app/controllers/api/traces_controller.rb +++ b/app/controllers/api/traces_controller.rb @@ -1,6 +1,6 @@ module Api class TracesController < ApiController - before_action :check_api_readable, :only => [:show, :data] + before_action :check_api_readable before_action :check_api_writable, :only => [:create, :update, :destroy] before_action :set_locale before_action :authorize diff --git a/app/controllers/api/ways_controller.rb b/app/controllers/api/ways_controller.rb index f8254d802..7878c8701 100644 --- a/app/controllers/api/ways_controller.rb +++ b/app/controllers/api/ways_controller.rb @@ -1,7 +1,7 @@ module Api class WaysController < ApiController + before_action :check_api_readable before_action :check_api_writable, :only => [:create, :update, :delete] - before_action :check_api_readable, :except => [:create, :update, :delete] before_action :authorize, :only => [:create, :update, :delete] authorize_resource -- 2.39.5