Redirect to the login page if auth failure has no origin

[rails.git] / app / controllers / changeset_controller.rb

diff --git a/app/controllers/changeset_controller.rb b/app/controllers/changeset_controller.rb
index 2a8fec95e775cf0ec024216c17256c0ff8210fb5..e0d75985d423ddedae3351246dc006dd3c04a911 100644 (file)
--- a/app/controllers/changeset_controller.rb
+++ b/app/controllers/changeset_controller.rb
@@ -241,20 +241,16 @@ class ChangesetController < ApplicationController
     changeset = Changeset.find(params[:id])
     new_changeset = Changeset.from_xml(request.raw_post)
 
-    if new_changeset.nil?
-      render :text => "", :status => :bad_request
-    else
-      check_changeset_consistency(changeset, @user)
-      changeset.update_from(new_changeset, @user)
-      render :text => changeset.to_xml, :mime_type => "text/xml"
-    end
+    check_changeset_consistency(changeset, @user)
+    changeset.update_from(new_changeset, @user)
+    render :text => changeset.to_xml, :mime_type => "text/xml"
   end
 
   ##
   # list edits (open changesets) in reverse chronological order
   def list
     if request.format == :atom && params[:max_id]
-      redirect_to params.merge(:max_id => nil), :status => :moved_permanently
+      redirect_to url_for(params.merge(:max_id => nil)), :status => :moved_permanently
       return
     end
 
@@ -266,7 +262,7 @@ class ChangesetController < ApplicationController
       end
     end
 
-    if (params[:friends] || params[:nearby]) && !@user && request.format == :html
+    if (params[:friends] || params[:nearby]) && !@user
       require_user
       return
     end
@@ -442,6 +438,8 @@ class ChangesetController < ApplicationController
     respond_to do |format|
       format.rss
     end
+  rescue OSM::APIBadUserInput
+    render :text => "", :status => :bad_request
   end
 
   private