X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/4b4c5aac2f6e338fb043cd4d2a031c4bd6ee1b05..80427b3e5e5ebeecbc0a57a1549a2a33e0c92199:/app/controllers/api/users_controller.rb?ds=inline diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb index 70ad93f65..3180cabcc 100644 --- a/app/controllers/api/users_controller.rb +++ b/app/controllers/api/users_controller.rb @@ -1,32 +1,30 @@ module Api - class UsersController < ApplicationController + class UsersController < ApiController layout "site", :except => [:api_details] - skip_before_action :verify_authenticity_token - before_action :disable_terms_redirect, :only => [:api_details] - before_action :authorize, :only => [:api_details, :api_gpx_files] - before_action :api_deny_access_handler + before_action :disable_terms_redirect, :only => [:details] + before_action :authorize, :only => [:details, :gpx_files] authorize_resource before_action :check_api_readable around_action :api_call_handle_error - before_action :lookup_user_by_id, :only => [:api_read] + before_action :lookup_user_by_id, :only => [:show] - def api_read + def show if @user.visible? - render :action => :api_read, :content_type => "text/xml" + render :action => :show, :content_type => "text/xml" else head :gone end end - def api_details + def details @user = current_user - render :action => :api_read, :content_type => "text/xml" + render :action => :show, :content_type => "text/xml" end - def api_users + def index raise OSM::APIBadUserInput, "The parameter users is required, and must be of the form users=id[,id[,id...]]" unless params["users"] ids = params["users"].split(",").collect(&:to_i) @@ -35,10 +33,10 @@ module Api @users = User.visible.find(ids) - render :action => :api_users, :content_type => "text/xml" + render :action => :index, :content_type => "text/xml" end - def api_gpx_files + def gpx_files doc = OSM::API.new.get_xml_doc current_user.traces.reload.each do |trace| doc.root << trace.to_xml_node