X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/72e59b49fa0512e5c7d16217edce62225094ffe3..990f3eba4069f98a11d98f18b18d0e35bcf295f4:/app/controllers/old_way_controller.rb?ds=sidebyside diff --git a/app/controllers/old_way_controller.rb b/app/controllers/old_way_controller.rb index fc7366bb6..e2ee5f0c5 100644 --- a/app/controllers/old_way_controller.rb +++ b/app/controllers/old_way_controller.rb @@ -2,57 +2,74 @@ class OldWayController < ApplicationController require 'xml/libxml' skip_before_filter :verify_authenticity_token + before_filter :setup_user_auth, :only => [ :history, :version ] before_filter :authorize, :only => [ :redact ] + before_filter :authorize_moderator, :only => [ :redact ] before_filter :require_allow_write_api, :only => [ :redact ] before_filter :check_api_readable + before_filter :check_api_writable, :only => [ :redact ] + before_filter :lookup_old_way, :except => [ :history ] after_filter :compress_output around_filter :api_call_handle_error, :api_call_timeout def history - way = Way.find(params[:id]) - - # TODO - maybe a bit heavyweight to do this on every - # call, perhaps try lazy auth. - setup_user_auth + way = Way.find(params[:id].to_i) doc = OSM::API.new.get_xml_doc - way.old_ways.each do |old_way| - unless old_way.redacted? and (@user.nil? or not @user.moderator?) and not params[:show_redactions] == "true" - doc.root << old_way.to_xml_node - end + visible_ways = if @user and @user.moderator? and params[:show_redactions] == "true" + way.old_ways + else + way.old_ways.unredacted + end + + visible_ways.each do |old_way| + doc.root << old_way.to_xml_node end render :text => doc.to_s, :content_type => "text/xml" end def version - if old_way = OldWay.where(:way_id => params[:id], :version => params[:version]).first - # TODO - maybe a bit heavyweight to do this on every - # call, perhaps try lazy auth. - setup_user_auth + if @old_way.redacted? and not (@user and @user.moderator? and params[:show_redactions] == "true") + render :nothing => true, :status => :forbidden + else - if old_way.redacted? and (@user.nil? or not @user.moderator?) and not params[:show_redactions] == "true" - render :nothing => true, :status => :forbidden - else - response.last_modified = old_way.timestamp + response.last_modified = @old_way.timestamp + + doc = OSM::API.new.get_xml_doc + doc.root << @old_way.to_xml_node - doc = OSM::API.new.get_xml_doc - doc.root << old_way.to_xml_node - - render :text => doc.to_s, :content_type => "text/xml" - end - else - render :nothing => true, :status => :not_found + render :text => doc.to_s, :content_type => "text/xml" end end def redact - if @user && @user.moderator? - render :nothing => true - + redaction_id = params['redaction'] + unless redaction_id.nil? + # if a redaction ID was specified, then set this way to + # be redacted in that redaction. (TODO: check that the + # user doing the redaction owns the redaction object too) + redaction = Redaction.find(redaction_id.to_i) + @old_way.redact!(redaction) + else - render :nothing => true, :status => :forbidden + # if no redaction ID was provided, then this is an unredact + # operation. + @old_way.redact!(nil) + end + + # just return an empty 200 OK for success + render :nothing => true + end + + private + + def lookup_old_way + @old_way = OldWay.where(:way_id => params[:id], :version => params[:version]).first + if @old_way.nil? + render :nothing => true, :status => :not_found + return false end end end