From 677f391ec1e49b58136717bbd45fdee00008855a Mon Sep 17 00:00:00 2001
From: Thomas Wood <grand.edgemaster@gmail.com>
Date: Mon, 23 Mar 2009 18:23:37 +0000
Subject: [PATCH] Fix various auth bugs with the changeset listing stuff, catch
 exception (but not yet handled well) for when edits not public.

---
 app/controllers/changeset_controller.rb | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/app/controllers/changeset_controller.rb b/app/controllers/changeset_controller.rb
index ebad59aa0..bb628d48e 100644
--- a/app/controllers/changeset_controller.rb
+++ b/app/controllers/changeset_controller.rb
@@ -4,8 +4,8 @@ class ChangesetController < ApplicationController
   layout 'site'
   require 'xml/libxml'
 
-  session :off, :except => [:list]
-  before_filter :authorize_web, :only => [:list]
+  session :off, :except => [:list, :list_user, :list_bbox]
+  before_filter :authorize_web, :only => [:list, :list_user, :list_bbox]
   before_filter :authorize, :only => [:create, :update, :delete, :upload, :include, :close]
   before_filter :check_write_availability, :only => [:create, :update, :delete, :upload, :include]
   before_filter :check_read_availability, :except => [:create, :update, :delete, :upload, :download, :query]
@@ -323,7 +323,12 @@ class ChangesetController < ApplicationController
     #find user by display name	  
     user = User.find(:first, :conditions => [ "visible = ? and display_name = ?", true, params[:display_name]])
     
-    conditions = conditions_user(user.id);
+    conditions = nil
+    begin
+      conditions = conditions_user(user.id);
+    rescue OSM::APINotFoundError
+      
+    end
     conditions = cond_merge conditions, conditions_nonempty
     @edit_pages, @edits = paginate(:changesets,
                                    :include => [:user, :changeset_tags],
-- 
2.43.2