X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/c8ee1351049ef1bb4d7b50d071b2a96154266d1d..5449cf4adcc1fad4b9f43426e6d3e4a8f65e6fbb:/app/controllers/trace_controller.rb

diff --git a/app/controllers/trace_controller.rb b/app/controllers/trace_controller.rb
index 6528dffde..0603567c4 100644
--- a/app/controllers/trace_controller.rb
+++ b/app/controllers/trace_controller.rb
@@ -4,8 +4,10 @@ class TraceController < ApplicationController
   before_filter :authorize_web
   before_filter :require_user, :only => [:mine, :create, :edit, :delete, :make_public]
   before_filter :authorize, :only => [:api_details, :api_data, :api_create]
-  before_filter :check_database_availability, :except => [:api_details, :api_data, :api_create]
-  before_filter :check_read_availability, :only => [:api_details, :api_data, :api_create]
+  before_filter :check_database_readable, :except => [:api_details, :api_data, :api_create]
+  before_filter :check_database_writable, :only => [:create, :edit, :delete, :make_public]
+  before_filter :check_api_readable, :only => [:api_details, :api_data]
+  before_filter :check_api_writable, :only => [:api_create]
  
   # Counts and selects pages of GPX traces for various criteria (by user, tags, public etc.).
   #  target_user - if set, specifies the user to fetch traces for.  if not set will fetch all traces
@@ -117,7 +119,7 @@ class TraceController < ApplicationController
                             :description => params[:trace][:description],
                             :public => params[:trace][:public],
                             :inserted => false, :user => @user,
-                            :timestamp => Time.now})
+                            :timestamp => Time.now.getutc})
         @trace.valid?
         @trace.errors.add(:gpx_file, "can't be blank")
       end
@@ -304,20 +306,37 @@ class TraceController < ApplicationController
 private
 
   def do_create(file, tags, description, public)
+    # Sanitise the user's filename
     name = file.original_filename.gsub(/[^a-zA-Z0-9.]/, '_')
+
+    # Get a temporary filename...
     filename = "/tmp/#{rand}"
 
+    # ...and save the uploaded file to that location
     File.open(filename, "w") { |f| f.write(file.read) }
 
-    @trace = Trace.new({:name => name, :tagstring => tags,
-                        :description => description, :public => public})
-    @trace.inserted = false
-    @trace.user = @user
-    @trace.timestamp = Time.now
-
+    # Create the trace object, falsely marked as already
+    # inserted to stop the import daemon trying to load it
+    @trace = Trace.new({
+      :name => name,
+      :tagstring => tags,
+      :description => description,
+      :public => public,
+      :inserted => true,
+      :user => @user,
+      :timestamp => Time.now.getutc
+    })
+
+    # Save the trace object
     if @trace.save
+      # Rename the temporary file to the final name
       FileUtils.mv(filename, @trace.trace_name)
+
+      # Clear the inserted flag to make the import daemon load the trace
+      @trace.inserted = false
+      @trace.save!
     else
+      # Remove the file as we have failed to update the database
       FileUtils.rm_f(filename)
     end