Use before_validation with :on rather than before_validation_on_xxx

[rails.git] / app / controllers / application_controller.rb

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 1d3297d16eb4ceabe4994a04293850dfbb849f9a..2918354ffa423c009cedd10040e21a4a7509140e 100644 (file)
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,9 +1,12 @@
-# Filters added to this controller will be run for all controllers in the application.
-# Likewise, all the methods added will be available for all controllers.
 class ApplicationController < ActionController::Base
 
+  protect_from_forgery
+
   if STATUS == :database_readonly or STATUS == :database_offline
     session :off
+
+    def self.cache_sweeper(*sweepers)
+    end
   end
 
   def authorize_web
@@ -50,7 +53,7 @@ class ApplicationController < ActionController::Base
     # method, otherwise an OAuth token was used, which has to be checked.
     unless current_token.nil?
       unless current_token.read_attribute(cap)
-        render :text => "OAuth token doesn't have that capability.", :status => :forbidden
+        report_error "OAuth token doesn't have that capability.", :forbidden
         return false
       end
     end
@@ -84,6 +87,11 @@ class ApplicationController < ActionController::Base
   end
   def require_allow_write_api
     require_capability(:allow_write_api)
+
+    if REQUIRE_TERMS_AGREED and @user.terms_agreed.nil?
+      report_error "You must accept the contributor terms before you can edit.", :forbidden
+      return false
+    end
   end
   def require_allow_read_gpx
     require_capability(:allow_read_gpx)