+# The NodeController is the RESTful interface to Node objects
+
class NodeController < ApplicationController
require 'xml/libxml'
-
- before_filter :authorize
-
- def create
- if request.post?
- userid = dao.useridfromcreds(r.user, r.get_basic_auth_pw)
- doc = Document.new $stdin.read
- doc.elements.each('osm/node') do |pt|
- lat = pt.attributes['lat'].to_f
- lon = pt.attributes['lon'].to_f
- xmlnodeid = pt.attributes['id'].to_i
+ skip_before_filter :verify_authenticity_token
+ before_filter :authorize, :only => [:create, :update, :delete]
+ before_filter :require_allow_write_api, :only => [:create, :update, :delete]
+ before_filter :require_public_data, :only => [:create, :update, :delete]
+ before_filter :check_api_writable, :only => [:create, :update, :delete]
+ before_filter :check_api_readable, :except => [:create, :update, :delete]
+ after_filter :compress_output
+ around_filter :api_call_handle_error, :api_call_timeout
- tags = []
- pt.elements.each('tag') do |tag|
- tags << [tag.attributes['k'],tag.attributes['v']]
- end
-
- tags = tags.collect { |k,v| "#{k}=#{v}" }.join(';')
-
- tags = '' unless tags
- if xmlnodeid == nodeid && userid != 0
- if nodeid == 0
- new_node_id = dao.create_node(lat, lon, userid, tags)
- if new_node_id
- puts new_node_id
- exit
- else
- exit HTTP_INTERNAL_SERVER_ERROR
- end
- else
- node = dao.getnode(nodeid)
- if node
- #FIXME: need to check the node hasn't moved too much
- if dao.update_node?(nodeid, userid, lat, lon, tags)
- exit
- else
- exit HTTP_INTERNAL_SERVER_ERROR
- end
- else
- exit HTTP_NOT_FOUND
- end
- end
+ # Create a node from XML.
+ def create
+ assert_method :put
- else
- exit BAD_REQUEST
- end
- end
- exit HTTP_INTERNAL_SERVER_ERROR
+ node = Node.from_xml(request.raw_post, true)
+ # Assume that Node.from_xml has thrown an exception if there is an error parsing the xml
+ node.create_with_history @user
+ render :text => node.id.to_s, :content_type => "text/plain"
+ end
+ # Dump the details on a node given in params[:id]
+ def read
+ node = Node.find(params[:id])
+ if node.visible?
+ response.last_modified = node.timestamp
+ render :text => node.to_xml.to_s, :content_type => "text/xml"
+ else
+ render :text => "", :status => :gone
end
end
-
-
- def rest
-
- #
- # POST ???
- #
-
- if request.post?
- nodeid = r.args.match(/nodeid=([0-9]+)/).captures.first.to_i
- userid = dao.useridfromcreds(r.user, r.get_basic_auth_pw)
- doc = Document.new $stdin.read
-
- doc.elements.each('osm/node') do |pt|
- lat = pt.attributes['lat'].to_f
- lon = pt.attributes['lon'].to_f
- xmlnodeid = pt.attributes['id'].to_i
-
- tags = []
- pt.elements.each('tag') do |tag|
- tags << [tag.attributes['k'],tag.attributes['v']]
- end
-
- tags = tags.collect { |k,v| "#{k}=#{v}" }.join(';')
-
- tags = '' unless tags
- if xmlnodeid == nodeid && userid != 0
- if nodeid == 0
- new_node_id = dao.create_node(lat, lon, userid, tags)
- if new_node_id
- puts new_node_id
- exit
- else
- exit HTTP_INTERNAL_SERVER_ERROR
- end
- else
- node = dao.getnode(nodeid)
- if node
- #FIXME: need to check the node hasn't moved too much
- if dao.update_node?(nodeid, userid, lat, lon, tags)
- exit
- else
- exit HTTP_INTERNAL_SERVER_ERROR
- end
- else
- exit HTTP_NOT_FOUND
- end
- end
-
- else
- exit BAD_REQUEST
- end
- end
- exit HTTP_INTERNAL_SERVER_ERROR
-
+
+ # Update a node from given XML
+ def update
+ node = Node.find(params[:id])
+ new_node = Node.from_xml(request.raw_post)
+
+ unless new_node and new_node.id == node.id
+ raise OSM::APIBadUserInput.new("The id in the url (#{node.id}) is not the same as provided in the xml (#{new_node.id})")
end
+ node.update_from(new_node, @user)
+ render :text => node.version.to_s, :content_type => "text/plain"
+ end
- #
- # GET ???
- #
-
- if request.get?
- node = node.find(params[:id])
- doc = Document.new
- doc.encoding = "UTF-8"
- root = Node.new 'osm'
- root['version'] = '0.4'
- root['generator'] = 'OpenStreetMap server'
- doc.root = root
- el1 = Node.new 'node'
- el1['id'] = node.id.to_s
- el1['lat'] = node.latitude.to_s
- el1['lon'] = node.longitude.to_s
- split_tags(el1, node.tags)
- el1['visible'] = node.visible.to_s
- el1['timestamp'] = node.timestamp
- root << el1
-
- render :text => doc.to_s, :template => false
+ # Delete a node. Doesn't actually delete it, but retains its history
+ # in a wiki-like way. We therefore treat it like an update, so the delete
+ # method returns the new version number.
+ def delete
+ node = Node.find(params[:id])
+ new_node = Node.from_xml(request.raw_post)
+
+ unless new_node and new_node.id == node.id
+ raise OSM::APIBadUserInput.new("The id in the url (#{node.id}) is not the same as provided in the xml (#{new_node.id})")
end
+ node.delete_with_history!(new_node, @user)
+ render :text => node.version.to_s, :content_type => "text/plain"
+ end
- #
- # DELETE????
- #
-
- if request.delete?
- userid = dao.useridfromcreds(r.user, r.get_basic_auth_pw)
- #cgi doesnt work with DELETE so extract manually:
- nodeid = r.args.match(/nodeid=([0-9]+)/).captures.first.to_i
-
- if userid > 0 && nodeid != 0
- node = dao.getnode(nodeid)
- if node
- if node.visible
- if dao.delete_node?(nodeid, userid)
- exit
- else
- exit HTTP_INTERNAL_SERVER_ERROR
- end
- else
- exit HTTP_GONE
- end
- else
- exit HTTP_NOT_FOUND
- end
- else
- exit BAD_REQUEST
-
- end
-
+ # Dump the details on many nodes whose ids are given in the "nodes" parameter.
+ def nodes
+ ids = params['nodes'].split(',').collect { |n| n.to_i }
+ if ids.length == 0
+ raise OSM::APIBadUserInput.new("No nodes were given to search for")
end
+ doc = OSM::API.new.get_xml_doc
-
- end
-
- private
- def split_tags(el, tags)
- tags.split(';').each do |tag|
- parts = tag.split('=')
- key = ''
- val = ''
- key = parts[0].strip unless parts[0].nil?
- val = parts[1].strip unless parts[1].nil?
- if key != '' && val != ''
- el2 = Node.new('tag')
- el2['k'] = key.to_s
- el2['v'] = val.to_s
- el << el2
- end
+ Node.find(ids).each do |node|
+ doc.root << node.to_xml_node
end
- end
+ render :text => doc.to_s, :content_type => "text/xml"
+ end
end