cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Use current_user to represent the currently logged in user.

Browse source 
This is already used by the oauth plugin, and is a general rails convention.
This commit is contained in:
Andy Allan 2017-07-12 16:10:50 +01:00
parent 107e9515b3
commit 6f89da05d1
17 changed files with 128 additions and 128 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/api_controller.rb
View file

@ -305,7 +305,7 @@ class ApiController < ApplicationController
def permissions
@permissions = if current_token.present?
ClientApplication.all_permissions.select { |p| current_token.read_attribute(p) }
elsif @user
elsif current_user
ClientApplication.all_permissions
else
[]

4
app/controllers/browse_controller.rb
View file

@ -58,7 +58,7 @@ class BrowseController < ApplicationController
def changeset
@type = "changeset"
@changeset = Changeset.find(params[:id])
@comments = if @user && @user.moderator?
@comments = if current_user && current_user.moderator?
@changeset.comments.unscope(:where => :visible).includes(:author)
else
@changeset.comments.includes(:author)
@ -77,7 +77,7 @@ class BrowseController < ApplicationController
def note
@type = "note"
if @user && @user.moderator?
if current_user && current_user.moderator?
@note = Note.find(params[:id])
@note_comments = @note.comments.unscope(:where => :visible)
else

42
app/controllers/changeset_controller.rb
View file

@ -28,11 +28,11 @@ class ChangesetController < ApplicationController
cs = Changeset.from_xml(request.raw_post, true)
# Assume that Changeset.from_xml has thrown an exception if there is an error parsing the xml
cs.user_id = @user.id
cs.user_id = current_user.id
cs.save_with_tags!
# Subscribe user to changeset comments
cs.subscribers << @user
cs.subscribers << current_user
render :plain => cs.id.to_s
end
@ -53,7 +53,7 @@ class ChangesetController < ApplicationController
assert_method :put
changeset = Changeset.find(params[:id])
check_changeset_consistency(changeset, @user)
check_changeset_consistency(changeset, current_user)
# to close the changeset, we'll just set its closed_at time to
# now. this might not be enough if there are concurrency issues,
@ -75,7 +75,7 @@ class ChangesetController < ApplicationController
assert_method :post
cs = Changeset.find(params[:id])
check_changeset_consistency(cs, @user)
check_changeset_consistency(cs, current_user)
# keep an array of lons and lats
lon = []
@ -127,7 +127,7 @@ class ChangesetController < ApplicationController
assert_method :post
changeset = Changeset.find(params[:id])
check_changeset_consistency(changeset, @user)
check_changeset_consistency(changeset, current_user)
diff_reader = DiffReader.new(request.raw_post, changeset)
Changeset.transaction do
@ -242,8 +242,8 @@ class ChangesetController < ApplicationController
changeset = Changeset.find(params[:id])
new_changeset = Changeset.from_xml(request.raw_post)
check_changeset_consistency(changeset, @user)
changeset.update_from(new_changeset, @user)
check_changeset_consistency(changeset, current_user)
changeset.update_from(new_changeset, current_user)
render :xml => changeset.to_xml.to_s
end
@ -265,7 +265,7 @@ class ChangesetController < ApplicationController
end
end
if (@params[:friends] || @params[:nearby]) && !@user
if (@params[:friends] || @params[:nearby]) && !current_user
require_user
return
end
@ -277,17 +277,17 @@ class ChangesetController < ApplicationController
changesets = conditions_nonempty(Changeset.all)
if @params[:display_name]
changesets = if user.data_public? || user == @user
changesets = if user.data_public? || user == current_user
changesets.where(:user_id => user.id)
else
changesets.where("false")
end
elsif @params[:bbox]
changesets = conditions_bbox(changesets, BoundingBox.from_bbox_params(params))
elsif @params[:friends] && @user
changesets = changesets.where(:user_id => @user.friend_users.identifiable)
elsif @params[:nearby] && @user
changesets = changesets.where(:user_id => @user.nearby)
elsif @params[:friends] && current_user
changesets = changesets.where(:user_id => current_user.friend_users.identifiable)
elsif @params[:nearby] && current_user
changesets = changesets.where(:user_id => current_user.nearby)
end
if @params[:max_id]
@ -324,17 +324,17 @@ class ChangesetController < ApplicationController
# Add a comment to the changeset
comment = changeset.comments.create(:changeset => changeset,
:body => body,
:author => @user)
:author => current_user)
# Notify current subscribers of the new comment
changeset.subscribers.visible.each do |user|
if @user != user
if current_user != user
Notifier.changeset_comment_notification(comment, user).deliver_now
end
end
# Add the commenter to the subscribers if necessary
changeset.subscribers << @user unless changeset.subscribers.exists?(@user.id)
changeset.subscribers << current_user unless changeset.subscribers.exists?(current_user.id)
# Return a copy of the updated changeset
render :xml => changeset.to_xml.to_s
@ -352,10 +352,10 @@ class ChangesetController < ApplicationController
# Find the changeset and check it is valid
changeset = Changeset.find(id)
raise OSM::APIChangesetNotYetClosedError.new(changeset) if changeset.is_open?
raise OSM::APIChangesetAlreadySubscribedError.new(changeset) if changeset.subscribers.exists?(@user.id)
raise OSM::APIChangesetAlreadySubscribedError.new(changeset) if changeset.subscribers.exists?(current_user.id)
# Add the subscriber
changeset.subscribers << @user
changeset.subscribers << current_user
# Return a copy of the updated changeset
render :xml => changeset.to_xml.to_s
@ -373,10 +373,10 @@ class ChangesetController < ApplicationController
# Find the changeset and check it is valid
changeset = Changeset.find(id)
raise OSM::APIChangesetNotYetClosedError.new(changeset) if changeset.is_open?
raise OSM::APIChangesetNotSubscribedError.new(changeset) unless changeset.subscribers.exists?(@user.id)
raise OSM::APIChangesetNotSubscribedError.new(changeset) unless changeset.subscribers.exists?(current_user.id)
# Remove the subscriber
changeset.subscribers.delete(@user)
changeset.subscribers.delete(current_user)
# Return a copy of the updated changeset
render :xml => changeset.to_xml.to_s
@ -496,7 +496,7 @@ class ChangesetController < ApplicationController
# changesets if they're non-public
setup_user_auth
raise OSM::APINotFoundError if @user.nil? || @user.id != u.id
raise OSM::APINotFoundError if current_user.nil? || current_user.id != u.id
end
changesets.where(:user_id => u.id)

42
app/controllers/diary_entry_controller.rb
View file

@ -14,27 +14,27 @@ class DiaryEntryController < ApplicationController
if request.post?
@diary_entry = DiaryEntry.new(entry_params)
@diary_entry.user = @user
@diary_entry.user = current_user
if @diary_entry.save
default_lang = @user.preferences.where(:k => "diary.default_language").first
default_lang = current_user.preferences.where(:k => "diary.default_language").first
if default_lang
default_lang.v = @diary_entry.language_code
default_lang.save!
else
@user.preferences.create(:k => "diary.default_language", :v => @diary_entry.language_code)
current_user.preferences.create(:k => "diary.default_language", :v => @diary_entry.language_code)
end
# Subscribe user to diary comments
@diary_entry.subscriptions.create(:user => @user)
@diary_entry.subscriptions.create(:user => current_user)
redirect_to :action => "list", :display_name => @user.display_name
redirect_to :action => "list", :display_name => current_user.display_name
else
render :action => "edit"
end
else
default_lang = @user.preferences.where(:k => "diary.default_language").first
lang_code = default_lang ? default_lang.v : @user.preferred_language
default_lang = current_user.preferences.where(:k => "diary.default_language").first
lang_code = default_lang ? default_lang.v : current_user.preferred_language
@diary_entry = DiaryEntry.new(entry_params.merge(:language_code => lang_code))
set_map_location
render :action => "edit"
@ -45,7 +45,7 @@ class DiaryEntryController < ApplicationController
@title = t "diary_entry.edit.title"
@diary_entry = DiaryEntry.find(params[:id])
if @user != @diary_entry.user
if current_user != @diary_entry.user
redirect_to :action => "view", :id => params[:id]
elsif params[:diary_entry] && @diary_entry.update_attributes(entry_params)
redirect_to :action => "view", :id => params[:id]
@ -59,18 +59,18 @@ class DiaryEntryController < ApplicationController
def comment
@entry = DiaryEntry.find(params[:id])
@diary_comment = @entry.comments.build(comment_params)
@diary_comment.user = @user
@diary_comment.user = current_user
if @diary_comment.save
# Notify current subscribers of the new comment
@entry.subscribers.visible.each do |user|
if @user != user
if current_user != user
Notifier.diary_comment_notification(@diary_comment, user).deliver_now
end
end
# Add the commenter to the subscribers if necessary
@entry.subscriptions.create(:user => @user) unless @entry.subscribers.exists?(@user.id)
@entry.subscriptions.create(:user => current_user) unless @entry.subscribers.exists?(current_user.id)
redirect_to :action => "view", :display_name => @entry.user.display_name, :id => @entry.id
else
@ -83,7 +83,7 @@ class DiaryEntryController < ApplicationController
def subscribe
diary_entry = DiaryEntry.find(params[:id])
diary_entry.subscriptions.create(:user => @user) unless diary_entry.subscribers.exists?(@user.id)
diary_entry.subscriptions.create(:user => current_user) unless diary_entry.subscribers.exists?(current_user.id)
redirect_to :action => "view", :display_name => diary_entry.user.display_name, :id => diary_entry.id
rescue ActiveRecord::RecordNotFound
@ -93,7 +93,7 @@ class DiaryEntryController < ApplicationController
def unsubscribe
diary_entry = DiaryEntry.find(params[:id])
diary_entry.subscriptions.where(:user => @user).delete_all if diary_entry.subscribers.exists?(@user.id)
diary_entry.subscriptions.where(:user => current_user).delete_all if diary_entry.subscribers.exists?(current_user.id)
redirect_to :action => "view", :display_name => diary_entry.user.display_name, :id => diary_entry.id
rescue ActiveRecord::RecordNotFound
@ -112,17 +112,17 @@ class DiaryEntryController < ApplicationController
return
end
elsif params[:friends]
if @user
if current_user
@title = t "diary_entry.list.title_friends"
@entries = DiaryEntry.where(:user_id => @user.friend_users)
@entries = DiaryEntry.where(:user_id => current_user.friend_users)
else
require_user
return
end
elsif params[:nearby]
if @user
if current_user
@title = t "diary_entry.list.title_nearby"
@entries = DiaryEntry.where(:user_id => @user.nearby)
@entries = DiaryEntry.where(:user_id => current_user.nearby)
else
require_user
return
@ -234,7 +234,7 @@ class DiaryEntryController < ApplicationController
# require that the user is a administrator, or fill out a helpful error message
# and return them to the user page.
def require_administrator
unless @user.administrator?
unless current_user.administrator?
flash[:error] = t("user.filter.not_an_administrator")
redirect_to :action => "view"
end
@ -247,13 +247,13 @@ class DiaryEntryController < ApplicationController
@lon = @diary_entry.longitude
@lat = @diary_entry.latitude
@zoom = 12
elsif @user.home_lat.nil? || @user.home_lon.nil?
elsif current_user.home_lat.nil? || current_user.home_lon.nil?
@lon = params[:lon] || -0.1
@lat = params[:lat] || 51.5
@zoom = params[:zoom] || 4
else
@lon = @user.home_lon
@lat = @user.home_lat
@lon = current_user.home_lon
@lat = current_user.home_lat
@zoom = 12
end
end

36
app/controllers/message_controller.rb
View file

@ -14,18 +14,18 @@ class MessageController < ApplicationController
# The display_name param is the display name of the user that the message is being sent to.
def new
if request.post?
if @user.sent_messages.where("sent_on >= ?", Time.now.getutc - 1.hour).count >= MAX_MESSAGES_PER_HOUR
if current_user.sent_messages.where("sent_on >= ?", Time.now.getutc - 1.hour).count >= MAX_MESSAGES_PER_HOUR
flash[:error] = t "message.new.limit_exceeded"
else
@message = Message.new(message_params)
@message.to_user_id = @this_user.id
@message.from_user_id = @user.id
@message.from_user_id = current_user.id
@message.sent_on = Time.now.getutc
if @message.save
flash[:notice] = t "message.new.message_sent"
Notifier.message_notification(@message).deliver_now
redirect_to :action => "inbox", :display_name => @user.display_name
redirect_to :action => "inbox", :display_name => current_user.display_name
end
end
end
@ -38,7 +38,7 @@ class MessageController < ApplicationController
def reply
message = Message.find(params[:message_id])
if message.to_user_id == @user.id
if message.to_user_id == current_user.id
message.update(:message_read => true)
@message = Message.new(
@ -51,7 +51,7 @@ class MessageController < ApplicationController
render :action => "new"
else
flash[:notice] = t "message.reply.wrong_user", :user => @user.display_name
flash[:notice] = t "message.reply.wrong_user", :user => current_user.display_name
redirect_to :controller => "user", :action => "login", :referer => request.fullpath
end
rescue ActiveRecord::RecordNotFound
@ -64,11 +64,11 @@ class MessageController < ApplicationController
@title = t "message.read.title"
@message = Message.find(params[:message_id])
if @message.to_user_id == @user.id || @message.from_user_id == @user.id
@message.message_read = true if @message.to_user_id == @user.id
if @message.to_user_id == current_user.id || @message.from_user_id == current_user.id
@message.message_read = true if @message.to_user_id == current_user.id
@message.save
else
flash[:notice] = t "message.read.wrong_user", :user => @user.display_name
flash[:notice] = t "message.read.wrong_user", :user => current_user.display_name
redirect_to :controller => "user", :action => "login", :referer => request.fullpath
end
rescue ActiveRecord::RecordNotFound
@ -79,24 +79,24 @@ class MessageController < ApplicationController
# Display the list of messages that have been sent to the user.
def inbox
@title = t "message.inbox.title"
if @user && params[:display_name] == @user.display_name
if current_user && params[:display_name] == current_user.display_name
else
redirect_to :action => "inbox", :display_name => @user.display_name
redirect_to :action => "inbox", :display_name => current_user.display_name
end
end
# Display the list of messages that the user has sent to other users.
def outbox
@title = t "message.outbox.title"
if @user && params[:display_name] == @user.display_name
if current_user && params[:display_name] == current_user.display_name
else
redirect_to :action => "outbox", :display_name => @user.display_name
redirect_to :action => "outbox", :display_name => current_user.display_name
end
end
# Set the message as being read or unread.
def mark
@message = Message.where("to_user_id = ? OR from_user_id = ?", @user.id, @user.id).find(params[:message_id])
@message = Message.where("to_user_id = ? OR from_user_id = ?", current_user.id, current_user.id).find(params[:message_id])
if params[:mark] == "unread"
message_read = false
notice = t "message.mark.as_unread"
@ -107,7 +107,7 @@ class MessageController < ApplicationController
@message.message_read = message_read
if @message.save && !request.xhr?
flash[:notice] = notice
redirect_to :action => "inbox", :display_name => @user.display_name
redirect_to :action => "inbox", :display_name => current_user.display_name
end
rescue ActiveRecord::RecordNotFound
@title = t "message.no_such_message.title"
@ -116,16 +116,16 @@ class MessageController < ApplicationController
# Delete the message.
def delete
@message = Message.where("to_user_id = ? OR from_user_id = ?", @user.id, @user.id).find(params[:message_id])
@message.from_user_visible = false if @message.sender == @user
@message.to_user_visible = false if @message.recipient == @user
@message = Message.where("to_user_id = ? OR from_user_id = ?", current_user.id, current_user.id).find(params[:message_id])
@message.from_user_visible = false if @message.sender == current_user
@message.to_user_visible = false if @message.recipient == current_user
if @message.save && !request.xhr?
flash[:notice] = t "message.delete.deleted"
if params[:referer]
redirect_to params[:referer]
else
redirect_to :action => "inbox", :display_name => @user.display_name
redirect_to :action => "inbox", :display_name => current_user.display_name
end
end
rescue ActiveRecord::RecordNotFound

6
app/controllers/node_controller.rb
View file

@ -18,7 +18,7 @@ class NodeController < ApplicationController
node = Node.from_xml(request.raw_post, true)
# Assume that Node.from_xml has thrown an exception if there is an error parsing the xml
node.create_with_history @user
node.create_with_history current_user
render :plain => node.id.to_s
end
@ -44,7 +44,7 @@ class NodeController < ApplicationController
raise OSM::APIBadUserInput.new("The id in the url (#{node.id}) is not the same as provided in the xml (#{new_node.id})")
end
node.update_from(new_node, @user)
node.update_from(new_node, current_user)
render :plain => node.version.to_s
end
@ -58,7 +58,7 @@ class NodeController < ApplicationController
unless new_node && new_node.id == node.id
raise OSM::APIBadUserInput.new("The id in the url (#{node.id}) is not the same as provided in the xml (#{new_node.id})")
end
node.delete_with_history!(new_node, @user)
node.delete_with_history!(new_node, current_user)
render :plain => node.version.to_s
end

10
app/controllers/notes_controller.rb
View file

@ -160,7 +160,7 @@ class NotesController < ApplicationController
# Find the note and check it is valid
@note = Note.find_by(:id => id)
raise OSM::APINotFoundError unless @note
raise OSM::APIAlreadyDeletedError.new("note", @note.id) unless @note.visible? || @user.moderator?
raise OSM::APIAlreadyDeletedError.new("note", @note.id) unless @note.visible? || current_user.moderator?
raise OSM::APINoteAlreadyOpenError.new(@note) unless @note.closed? || !@note.visible?
# Reopen the note and add a comment
@ -286,7 +286,7 @@ class NotesController < ApplicationController
@page = (params[:page] || 1).to_i
@page_size = 10
@notes = @this_user.notes
@notes = @notes.visible unless @user && @user.moderator?
@notes = @notes.visible unless current_user && current_user.moderator?
@notes = @notes.order("updated_at DESC, id").distinct.offset((@page - 1) * @page_size).limit(@page_size).preload(:comments => :author).to_a
else
@title = t "user.no_such_user.title"
@ -341,8 +341,8 @@ class NotesController < ApplicationController
def add_comment(note, text, event, notify = true)
attributes = { :visible => true, :event => event, :body => text }
if @user
attributes[:author_id] = @user.id
if current_user
attributes[:author_id] = current_user.id
else
attributes[:author_ip] = request.remote_ip
end
@ -350,7 +350,7 @@ class NotesController < ApplicationController
comment = note.comments.create!(attributes)
note.comments.map(&:author).uniq.each do |user|
if notify && user && user != @user && user.visible?
if notify && user && user != current_user && user.visible?
Notifier.note_comment_notification(comment, user).deliver_now
end
end

14
app/controllers/oauth_clients_controller.rb
View file

@ -6,8 +6,8 @@ class OauthClientsController < ApplicationController
before_action :require_user
def index
@client_applications = @user.client_applications
@tokens = @user.oauth_tokens.authorized
@client_applications = current_user.client_applications
@tokens = current_user.oauth_tokens.authorized
end
def new
@ -15,7 +15,7 @@ class OauthClientsController < ApplicationController
end
def create
@client_application = @user.client_applications.build(application_params)
@client_application = current_user.client_applications.build(application_params)
if @client_application.save
flash[:notice] = t "oauth_clients.create.flash"
redirect_to :action => "show", :id => @client_application.id
@ -25,21 +25,21 @@ class OauthClientsController < ApplicationController
end
def show
@client_application = @user.client_applications.find(params[:id])
@client_application = current_user.client_applications.find(params[:id])
rescue ActiveRecord::RecordNotFound
@type = "client application"
render :action => "not_found", :status => :not_found
end
def edit
@client_application = @user.client_applications.find(params[:id])
@client_application = current_user.client_applications.find(params[:id])
rescue ActiveRecord::RecordNotFound
@type = "client application"
render :action => "not_found", :status => :not_found
end
def update
@client_application = @user.client_applications.find(params[:id])
@client_application = current_user.client_applications.find(params[:id])
if @client_application.update_attributes(application_params)
flash[:notice] = t "oauth_clients.update.flash"
redirect_to :action => "show", :id => @client_application.id
@ -52,7 +52,7 @@ class OauthClientsController < ApplicationController
end
def destroy
@client_application = @user.client_applications.find(params[:id])
@client_application = current_user.client_applications.find(params[:id])
@client_application.destroy
flash[:notice] = t "oauth_clients.destroy.flash"
redirect_to :action => "index"

2
app/controllers/old_controller.rb
View file

@ -70,6 +70,6 @@ class OldController < ApplicationController
private
def show_redactions?
@user && @user.moderator? && params[:show_redactions] == "true"
current_user && current_user.moderator? && params[:show_redactions] == "true"
end
end

2
app/controllers/redactions_controller.rb
View file

@ -19,7 +19,7 @@ class RedactionsController < ApplicationController
def create
@redaction = Redaction.new
@redaction.user = @user
@redaction.user = current_user
@redaction.title = params[:redaction][:title]
@redaction.description = params[:redaction][:description]
# note that the description format will default to 'markdown'

6
app/controllers/relation_controller.rb
View file

@ -15,7 +15,7 @@ class RelationController < ApplicationController
relation = Relation.from_xml(request.raw_post, true)
# Assume that Relation.from_xml has thrown an exception if there is an error parsing the xml
relation.create_with_history @user
relation.create_with_history current_user
render :plain => relation.id.to_s
end
@ -39,7 +39,7 @@ class RelationController < ApplicationController
raise OSM::APIBadUserInput.new("The id in the url (#{relation.id}) is not the same as provided in the xml (#{new_relation.id})")
end
relation.update_from new_relation, @user
relation.update_from new_relation, current_user
render :plain => relation.version.to_s
end
@ -47,7 +47,7 @@ class RelationController < ApplicationController
relation = Relation.find(params[:id])
new_relation = Relation.from_xml(request.raw_post)
if new_relation && new_relation.id == relation.id
relation.delete_with_history!(new_relation, @user)
relation.delete_with_history!(new_relation, current_user)
render :plain => relation.version.to_s
else
head :bad_request

4
app/controllers/site_controller.rb
View file

@ -92,8 +92,8 @@ class SiteController < ApplicationController
@lat = note.lat
@lon = note.lon
@zoom = 17
elsif params[:gpx] && @user
trace = Trace.visible_to(@user).find(params[:gpx])
elsif params[:gpx] && current_user
trace = Trace.visible_to(current_user).find(params[:gpx])
@lat = trace.latitude
@lon = trace.longitude
@zoom = 16

54
app/controllers/trace_controller.rb
View file

@ -32,7 +32,7 @@ class TraceController < ApplicationController
# set title
@title = if target_user.nil?
t "trace.list.public_traces"
elsif @user && @user == target_user
elsif current_user && current_user == target_user
t "trace.list.your_traces"
else
t "trace.list.public_traces_from", :user => target_user.display_name
@ -46,13 +46,13 @@ class TraceController < ApplicationController
# 3 - user's traces, logged in as same user = all user's traces
# 4 - user's traces, not logged in as that user = all user's public traces
@traces = if target_user.nil? # all traces
if @user
Trace.visible_to(@user) # 1
if current_user
Trace.visible_to(current_user) # 1
else
Trace.visible_to_all # 2
end
elsif @user && @user == target_user
@user.traces # 3 (check vs user id, so no join + can't pick up non-public traces by changing name)
elsif current_user && current_user == target_user
current_user.traces # 3 (check vs user id, so no join + can't pick up non-public traces by changing name)
else
target_user.traces.visible_to_all # 4
end
@ -86,14 +86,14 @@ class TraceController < ApplicationController
end
def mine
redirect_to :action => :list, :display_name => @user.display_name
redirect_to :action => :list, :display_name => current_user.display_name
end
def view
@trace = Trace.find(params[:id])
if @trace && @trace.visible? &&
(@trace.public? || @trace.user == @user)
(@trace.public? || @trace.user == current_user)
@title = t "trace.view.title", :name => @trace.name
else
flash[:error] = t "trace.view.trace_not_found"
@ -119,18 +119,18 @@ class TraceController < ApplicationController
if @trace.id
flash[:notice] = t "trace.create.trace_uploaded"
if @user.traces.where(:inserted => false).count > 4
flash[:warning] = t "trace.trace_header.traces_waiting", :count => @user.traces.where(:inserted => false).count
if current_user.traces.where(:inserted => false).count > 4
flash[:warning] = t "trace.trace_header.traces_waiting", :count => current_user.traces.where(:inserted => false).count
end
redirect_to :action => :list, :display_name => @user.display_name
redirect_to :action => :list, :display_name => current_user.display_name
end
else
@trace = Trace.new(:name => "Dummy",
:tagstring => params[:trace][:tagstring],
:description => params[:trace][:description],
:visibility => params[:trace][:visibility],
:inserted => false, :user => @user,
:inserted => false, :user => current_user,
:timestamp => Time.now.getutc)
@trace.valid?
@trace.errors.add(:gpx_file, "can't be blank")
@ -145,7 +145,7 @@ class TraceController < ApplicationController
def data
trace = Trace.find(params[:id])
if trace.visible? && (trace.public? || (@user && @user == trace.user))
if trace.visible? && (trace.public? || (current_user && current_user == trace.user))
if Acl.no_trace_download(request.remote_ip)
head :forbidden
elsif request.format == Mime[:xml]
@ -167,7 +167,7 @@ class TraceController < ApplicationController
if !@trace.visible?
head :not_found
elsif @user.nil? || @trace.user != @user
elsif current_user.nil? || @trace.user != current_user
head :forbidden
else
@title = t "trace.edit.title", :name => @trace.name
@ -177,7 +177,7 @@ class TraceController < ApplicationController
@trace.tagstring = params[:trace][:tagstring]
@trace.visibility = params[:trace][:visibility]
if @trace.save
redirect_to :action => "view", :display_name => @user.display_name
redirect_to :action => "view", :display_name => current_user.display_name
end
end
end
@ -190,13 +190,13 @@ class TraceController < ApplicationController
if !trace.visible?
head :not_found
elsif @user.nil? || trace.user != @user
elsif current_user.nil? || trace.user != current_user
head :forbidden
else
trace.visible = false
trace.save
flash[:notice] = t "trace.delete.scheduled_for_deletion"
redirect_to :action => :list, :display_name => @user.display_name
redirect_to :action => :list, :display_name => current_user.display_name
end
rescue ActiveRecord::RecordNotFound
head :not_found
@ -219,7 +219,7 @@ class TraceController < ApplicationController
trace = Trace.find(params[:id])
if trace.visible? && trace.inserted?
if trace.public? || (@user && @user == trace.user)
if trace.public? || (current_user && current_user == trace.user)
expires_in 7.days, :private => !trace.public?, :public => trace.public?
send_file(trace.large_picture_name, :filename => "#{trace.id}.gif", :type => "image/gif", :disposition => "inline")
else
@ -236,7 +236,7 @@ class TraceController < ApplicationController
trace = Trace.find(params[:id])
if trace.visible? && trace.inserted?
if trace.public? || (@user && @user == trace.user)
if trace.public? || (current_user && current_user == trace.user)
expires_in 7.days, :private => !trace.public?, :public => trace.public?
send_file(trace.icon_picture_name, :filename => "#{trace.id}_icon.gif", :type => "image/gif", :disposition => "inline")
else
@ -252,7 +252,7 @@ class TraceController < ApplicationController
def api_read
trace = Trace.visible.find(params[:id])
if trace.public? || trace.user == @user
if trace.public? || trace.user == current_user
render :xml => trace.to_xml.to_s
else
head :forbidden
@ -262,7 +262,7 @@ class TraceController < ApplicationController
def api_update
trace = Trace.visible.find(params[:id])
if trace.user == @user
if trace.user == current_user
new_trace = Trace.from_xml(request.raw_post)
unless new_trace && new_trace.id == trace.id
@ -283,7 +283,7 @@ class TraceController < ApplicationController
def api_delete
trace = Trace.visible.find(params[:id])
if trace.user == @user
if trace.user == current_user
trace.visible = false
trace.save!
@ -296,7 +296,7 @@ class TraceController < ApplicationController
def api_data
trace = Trace.visible.find(params[:id])
if trace.public? || trace.user == @user
if trace.public? || trace.user == current_user
if request.format == Mime[:xml]
send_file(trace.xml_file, :filename => "#{trace.id}.xml", :type => request.format.to_s, :disposition => "attachment")
elsif request.format == Mime[:gpx]
@ -357,7 +357,7 @@ class TraceController < ApplicationController
:description => description,
:visibility => visibility,
:inserted => true,
:user => @user,
:user => current_user,
:timestamp => Time.now.getutc
)
@ -390,11 +390,11 @@ class TraceController < ApplicationController
end
# Finally save the user's preferred privacy level
if pref = @user.preferences.where(:k => "gps.trace.visibility").first
if pref = current_user.preferences.where(:k => "gps.trace.visibility").first
pref.v = visibility
pref.save
else
@user.preferences.create(:k => "gps.trace.visibility", :v => visibility)
current_user.preferences.create(:k => "gps.trace.visibility", :v => visibility)
end
end
@ -407,11 +407,11 @@ class TraceController < ApplicationController
end
def default_visibility
visibility = @user.preferences.where(:k => "gps.trace.visibility").first
visibility = current_user.preferences.where(:k => "gps.trace.visibility").first
if visibility
visibility.v
elsif @user.preferences.where(:k => "gps.trace.public", :v => "default").first.nil?
elsif current_user.preferences.where(:k => "gps.trace.public", :v => "default").first.nil?
"private"
else
"public"

8
app/controllers/user_blocks_controller.rb
View file

@ -20,7 +20,7 @@ class UserBlocksController < ApplicationController
end
def show
if @user && @user.id == @user_block.user_id
if current_user && current_user.id == @user_block.user_id
@user_block.needs_view = false
@user_block.save!
end
@ -38,7 +38,7 @@ class UserBlocksController < ApplicationController
if @valid_params
@user_block = UserBlock.new(
:user_id => @this_user.id,
:creator_id => @user.id,
:creator_id => current_user.id,
:reason => params[:user_block][:reason],
:ends_at => Time.now.getutc + @block_period.hours,
:needs_view => params[:user_block][:needs_view]
@ -57,7 +57,7 @@ class UserBlocksController < ApplicationController
def update
if @valid_params
if @user_block.creator_id != @user.id
if @user_block.creator_id != current_user.id
flash[:error] = t("user_block.update.only_creator_can_edit")
redirect_to :action => "edit"
elsif @user_block.update_attributes(
@ -79,7 +79,7 @@ class UserBlocksController < ApplicationController
# revokes the block, setting the end_time to now
def revoke
if params[:confirm]
if @user_block.revoke! @user
if @user_block.revoke! current_user
flash[:notice] = t "user_block.revoke.flash"
redirect_to(@user_block)
end

14
app/controllers/user_preference_controller.rb
View file

@ -11,7 +11,7 @@ class UserPreferenceController < ApplicationController
def read
doc = OSM::API.new.get_xml_doc
prefs = @user.preferences
prefs = current_user.preferences
el1 = XML::Node.new "preferences"
@ -26,14 +26,14 @@ class UserPreferenceController < ApplicationController
##
# return the value for a single preference
def read_one
pref = UserPreference.find([@user.id, params[:preference_key]])
pref = UserPreference.find([current_user.id, params[:preference_key]])
render :plain => pref.v.to_s
end
# update the entire set of preferences
def update
old_preferences = @user.preferences.each_with_object({}) do |preference, preferences|
old_preferences = current_user.preferences.each_with_object({}) do |preference, preferences|
preferences[preference.k] = preference
end
@ -47,7 +47,7 @@ class UserPreferenceController < ApplicationController
elsif new_preferences.include?(pt["k"])
raise OSM::APIDuplicatePreferenceError.new(pt["k"])
else
preference = @user.preferences.build(:k => pt["k"], :v => pt["v"])
preference = current_user.preferences.build(:k => pt["k"], :v => pt["v"])
end
new_preferences[preference.k] = preference
@ -64,10 +64,10 @@ class UserPreferenceController < ApplicationController
# update the value of a single preference
def update_one
begin
pref = UserPreference.find([@user.id, params[:preference_key]])
pref = UserPreference.find([current_user.id, params[:preference_key]])
rescue ActiveRecord::RecordNotFound
pref = UserPreference.new
pref.user = @user
pref.user = current_user
pref.k = params[:preference_key]
end
@ -80,7 +80,7 @@ class UserPreferenceController < ApplicationController
##
# delete a single preference
def delete_one
UserPreference.find([@user.id, params[:preference_key]]).delete
UserPreference.find([current_user.id, params[:preference_key]]).delete
render :plain => ""
end

4
app/controllers/user_roles_controller.rb
View file

@ -10,7 +10,7 @@ class UserRolesController < ApplicationController
before_action :in_role, :only => [:revoke]
def grant
@this_user.roles.create(:role => @role, :granter_id => @user.id)
@this_user.roles.create(:role => @role, :granter_id => current_user.id)
redirect_to :controller => "user", :action => "view", :display_name => @this_user.display_name
end
@ -25,7 +25,7 @@ class UserRolesController < ApplicationController
# require that the user is an administrator, or fill out a helpful error message
# and return them to theuser page.
def require_administrator
unless @user.administrator?
unless current_user.administrator?
flash[:error] = t "user_role.filter.not_an_administrator"
redirect_to :controller => "user", :action => "view", :display_name => @this_user.display_name
end

6
app/controllers/way_controller.rb
View file

@ -15,7 +15,7 @@ class WayController < ApplicationController
way = Way.from_xml(request.raw_post, true)
# Assume that Way.from_xml has thrown an exception if there is an error parsing the xml
way.create_with_history @user
way.create_with_history current_user
render :plain => way.id.to_s
end
@ -39,7 +39,7 @@ class WayController < ApplicationController
raise OSM::APIBadUserInput.new("The id in the url (#{way.id}) is not the same as provided in the xml (#{new_way.id})")
end
way.update_from(new_way, @user)
way.update_from(new_way, current_user)
render :plain => way.version.to_s
end
@ -49,7 +49,7 @@ class WayController < ApplicationController
new_way = Way.from_xml(request.raw_post)
if new_way && new_way.id == way.id
way.delete_with_history!(new_way, @user)
way.delete_with_history!(new_way, current_user)
render :plain => way.version.to_s
else
head :bad_request