# Update and read user preferences, which are arbitrayr key/val pairs
class UserPreferenceController < ApplicationController
+ skip_before_filter :verify_authenticity_token
before_filter :authorize
+ before_filter :require_allow_read_prefs, :only => [:read_one, :read]
+ before_filter :require_allow_write_prefs, :except => [:read_one, :read]
def read_one
pref = UserPreference.find(@user.id, params[:preference_key])
- if pref
- render :text => pref.v.to_s
- else
- render :text => 'OH NOES! PREF NOT FOUND!', :status => 404
- end
+ render :text => pref.v.to_s
+ rescue ActiveRecord::RecordNotFound => ex
+ render :text => 'OH NOES! PREF NOT FOUND!', :status => :not_found
end
def update_one
UserPreference.delete(@user.id, params[:preference_key])
render :nothing => true
+ rescue ActiveRecord::RecordNotFound => ex
+ render :text => "param: #{params[:preference_key]} not found", :status => :not_found
end
# print out all the preferences as a big xml block
# update the entire set of preferences
def update
begin
- p = XML::Parser.new
- p.string = request.raw_post
- doc = p.parse
-
- prefs = []
-
- keyhash = {}
-
- doc.find('//preferences/preference').each do |pt|
- pref = UserPreference.new
+ p = XML::Parser.string(request.raw_post)
+ rescue LibXML::XML::Error, ArgumentError => ex
+ raise OSM::APIBadXMLError.new("preferences", xml, ex.message)
+ end
+ doc = p.parse
- unless keyhash[pt['k']].nil? # already have that key
- render :text => 'OH NOES! CAN HAS UNIQUE KEYS?', :status => :not_acceptable
- return
- end
+ prefs = []
- keyhash[pt['k']] = 1
+ keyhash = {}
- pref.k = pt['k']
- pref.v = pt['v']
- pref.user_id = @user.id
- prefs << pref
- end
+ doc.find('//preferences/preference').each do |pt|
+ pref = UserPreference.new
- if prefs.size > 150
- render :text => 'Too many preferences', :status => :request_entity_too_large
- return
+ unless keyhash[pt['k']].nil? # already have that key
+ render :text => 'OH NOES! CAN HAS UNIQUE KEYS?', :status => :not_acceptable
end
- # kill the existing ones
- UserPreference.delete_all(['user_id = ?', @user.id])
+ keyhash[pt['k']] = 1
- # save the new ones
- prefs.each do |pref|
- pref.save!
- end
+ pref.k = pt['k']
+ pref.v = pt['v']
+ pref.user_id = @user.id
+ prefs << pref
+ end
- rescue Exception => ex
- render :text => 'OH NOES! FAIL!: ' + ex.to_s, :status => :internal_server_error
- return
+ if prefs.size > 150
+ render :text => 'Too many preferences', :status => :request_entity_too_large
end
+ # kill the existing ones
+ UserPreference.delete_all(['user_id = ?', @user.id])
+
+ # save the new ones
+ prefs.each do |pref|
+ pref.save!
+ end
render :nothing => true
+
+ rescue Exception => ex
+ render :text => 'OH NOES! FAIL!: ' + ex.to_s, :status => :internal_server_error
end
end