Merge branch 'master' into notes

[rails.git] / app / controllers / application_controller.rb

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 70a635404038efbc04beb0eb8231c85b90db644d..067fc6a511f5856404ef601084d536f21f0be843 100644 (file)
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -3,6 +3,8 @@ class ApplicationController < ActionController::Base
 
   protect_from_forgery
 
+  before_filter :fetch_body
+
   if STATUS == :database_readonly or STATUS == :database_offline
     def self.cache_sweeper(*sweepers)
     end
@@ -53,6 +55,10 @@ class ApplicationController < ActionController::Base
     end
   end
 
+  def require_oauth
+    @oauth = @user.access_token(OAUTH_KEY) if @user and defined? OAUTH_KEY
+  end
+
   ##
   # requires the user to be logged in by the token or HTTP methods, or have an 
   # OAuth token with the right capability. this method is a bit of a pain to call 
@@ -110,6 +116,9 @@ class ApplicationController < ActionController::Base
   def require_allow_write_gpx
     require_capability(:allow_write_gpx)
   end
+  def require_allow_write_notes
+    require_capability(:allow_write_notes)
+  end
 
   ##
   # require that the user is a moderator, or fill out a helpful error message
@@ -204,20 +213,49 @@ class ApplicationController < ActionController::Base
   end
 
   def check_api_readable
-    if STATUS == :database_offline or STATUS == :api_offline
+    if api_status == :offline
       report_error "Database offline for maintenance", :service_unavailable
       return false
     end
   end
 
   def check_api_writable
-    if STATUS == :database_offline or STATUS == :database_readonly or
-       STATUS == :api_offline or STATUS == :api_readonly
+    unless api_status == :online
       report_error "Database offline for maintenance", :service_unavailable
       return false
     end
   end
 
+  def database_status
+    if STATUS == :database_offline
+      :offline
+    elsif STATUS == :database_readonly
+      :readonly
+    else 
+      :online
+    end
+  end
+
+  def api_status
+    status = database_status
+    if status == :online
+      if STATUS == :api_offline
+        status = :offline
+      elsif STATUS == :api_readonly
+        status = :readonly
+      end
+    end
+    return status
+  end
+
+  def gpx_status
+    status = database_status
+    if status == :online
+      status = :offline if STATUS == :gpx_offline
+    end
+    return status
+  end
+
   def require_public_data
     unless @user.data_public?
       report_error "You must make your edits public to upload new data", :forbidden
@@ -404,7 +442,20 @@ class ApplicationController < ActionController::Base
       format.all { render :nothing => true, :status => :not_found }
     end
   end
-  
+
+  ##
+  # Unfortunately if a PUT or POST request that has a body fails to
+  # read it then Apache will sometimes fail to return the response it
+  # is given to the client properly, instead erroring:
+  #
+  #   https://issues.apache.org/bugzilla/show_bug.cgi?id=44782
+  #
+  # To work round this we call rewind on the body here, which is added
+  # as a filter, to force it to be fetched from Apache into a file.
+  def fetch_body
+    request.body.rewind
+  end
+
 private 
 
   # extract authorisation credentials from headers, returns user = nil if none