@trace = Trace.find(params[:id])
unless @trace.public
if @user
- render :nothing, :status => 401 if @trace.user.id != @user.id
+ render :nothing, :status => :forbidden if @trace.user.id != @user.id
end
end
end
def create
- filename = "/tmp/#{rand}"
-
- File.open(filename, "w") { |f| f.write(params[:trace][:gpx_file].read) }
- params[:trace][:name] = params[:trace][:gpx_file].original_filename.gsub(/[^a-zA-Z0-9.]/, '_') # This makes sure filenames are sane
- params[:trace].delete('gpx_file') # remove the field from the hash, because there's no such field in the DB
- @trace = Trace.new(params[:trace])
- @trace.inserted = false
- @trace.user = @user
- @trace.timestamp = Time.now
+ name = params[:trace][:gpx_file].original_filename.gsub(/[^a-zA-Z0-9.]/, '_') # This makes sure filenames are sane
- if @trace.save
- saved_filename = "/home/osm/gpx/#{@trace.id}.gpx"
- File.rename(filename, saved_filename)
+ do_create(name, params[:trace][:tagstring], params[:trace][:description], params[:trace][:public]) do |f|
+ f.write(params[:trace][:gpx_file].read)
+ end
+ if @trace.id
logger.info("id is #{@trace.id}")
flash[:notice] = "Your GPX file has been uploaded and is awaiting insertion in to the database. This will usually happen within half an hour, and an email will be sent to you on completion."
+
redirect_to :action => 'mine'
end
end
def data
trace = Trace.find(params[:id])
if trace and (trace.public? or (@user and @user == trace.user))
- send_file(trace.trace_name, :filename => "#{trace.id}.gpx", :type => trace.mime_type, :disposition => 'attachment')
+ send_file(trace.trace_name, :filename => "#{trace.id}#{trace.extension_name}", :type => trace.mime_type, :disposition => 'attachment')
else
- render :nothing, :status => 404
+ render :nothing, :status => :not_found
end
end
rss.add(trace.latitude, trace.longitude, trace.name, url_for({:controller => 'trace', :action => 'view', :id => trace.id, :display_name => trace.user.display_name}), "<img src='#{url_for({:controller => 'trace', :action => 'icon', :id => trace.id, :user_login => trace.user.display_name})}'> GPX file with #{trace.size} points from #{trace.user.display_name}", trace.timestamp)
end
- response.headers["Content-Type"] = 'application/rss+xml'
-
- render :text => rss.to_s
+ render :text => rss.to_s, :content_type => "application/rss+xml"
end
def picture
- trace = Trace.find(params[:id])
- if trace and (trace.public? or (@user and @user == trace.user))
- send_file(trace.large_picture_name, :filename => "#{trace.id}.gif", :type => 'image/gif', :disposition => 'inline')
- else
- render :nothing, :status => 404
+ begin
+ trace = Trace.find(params[:id])
+
+ if trace.public? or (@user and @user == trace.user)
+ send_file(trace.large_picture_name, :filename => "#{trace.id}.gif", :type => 'image/gif', :disposition => 'inline')
+ else
+ render :nothing, :status => :forbidden
+ end
+ rescue ActiveRecord::RecordNotFound
+ render :nothing => true, :status => :not_found
+ rescue
+ render :nothing => true, :status => :internal_server_error
end
end
def icon
- trace = Trace.find(params[:id])
- if trace and (trace.public? or (@user and @user == trace.user))
- send_file(trace.icon_picture_name, :filename => "#{trace.id}_icon.gif", :type => 'image/gif', :disposition => 'inline')
- else
- render :nothing, :status => 404
+ begin
+ trace = Trace.find(params[:id])
+
+ if trace.public? or (@user and @user == trace.user)
+ send_file(trace.icon_picture_name, :filename => "#{trace.id}_icon.gif", :type => 'image/gif', :disposition => 'inline')
+ else
+ render :nothing, :status => :forbidden
+ end
+ rescue ActiveRecord::RecordNotFound
+ render :nothing => true, :status => :not_found
+ rescue
+ render :nothing => true, :status => :internal_server_error
end
end
def api_details
- trace = Trace.find(params[:id])
- doc = OSM::API.new.get_xml_doc
- doc.root << trace.to_xml_node() if trace.public? or trace.user == @user
- render :text => doc.to_s
+ begin
+ trace = Trace.find(params[:id])
+
+ if trace.public? or trace.user == @user
+ render :text => trace.to_xml.to_s, :content_type => "text/xml"
+ else
+ render :nothing => true, :status => :forbidden
+ end
+ rescue ActiveRecord::RecordNotFound
+ render :nothing => true, :status => :not_found
+ rescue
+ render :nothing => true, :status => :internal_server_error
+ end
end
def api_data
end
def api_create
- #FIXME merge this code with create as they're pretty similar?
-
+ do_create(params[:filename], params[:tags], params[:description], true) do |f|
+ f.write(request.raw_post)
+ end
+
+ if @trace.id
+ render :nothing => true
+ else
+ render :nothing => true, :status => :internal_server_error
+ end
+ end
+
+private
+
+ def do_create(name, tags, description, public)
filename = "/tmp/#{rand}"
- File.open(filename, "w") { |f| f.write(request.raw_post) }
- params[:trace] = {}
- params[:trace][:name] = params[:filename]
- params[:trace][:tagstring] = params[:tags]
- params[:trace][:description] = params[:description]
- @trace = Trace.new(params[:trace])
+
+ File.open(filename, "w") { |f| yield f }
+
+ @trace = Trace.new({:name => name, :tagstring => tags,
+ :description => description, :public => public})
@trace.inserted = false
@trace.user = @user
@trace.timestamp = Time.now
if @trace.save
- saved_filename = "/home/osm/gpx/#{@trace.id}.gpx"
- File.rename(filename, saved_filename)
- logger.info("id is #{@trace.id}")
- flash[:notice] = "Your GPX file has been uploaded and is awaiting insertion in to the database. This will usually happen within half an hour, and an email will be sent to you on completion."
- render :nothing => true
+ File.rename(filename, @trace.trace_name)
else
- render :nothing => true, :status => 400 # er FIXME what fricking code to return?
+ FileUtils.rm_f(filename)
end
-
end
+
end
projects / rails.git / blobdiff