cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add an ACL check to allow trace downloads to be blocked

Browse source
This commit is contained in:
Tom Hughes 2012-01-17 17:43:32 +00:00
parent 0465fda75a
commit 8ba74c581d
1 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
app/controllers/trace_controller.rb
View file

@ -163,7 +163,9 @@ class TraceController < ApplicationController
trace = Trace.find(params[:id]) trace = Trace.find(params[:id])
if trace.visible? and (trace.public? or (@user and @user == trace.user)) if trace.visible? and (trace.public? or (@user and @user == trace.user))
if request.format == Mime::XML if Acl.address(request.remote_ip).where(:k => "no_trace_download").exists?
render :nothing => true, :status => :forbidden
elsif request.format == Mime::XML
send_file(trace.xml_file, :filename => "#{trace.id}.xml", :type => Mime::XML.to_s, :disposition => 'attachment') send_file(trace.xml_file, :filename => "#{trace.id}.xml", :type => Mime::XML.to_s, :disposition => 'attachment')
else else
send_file(trace.trace_name, :filename => "#{trace.id}#{trace.extension_name}", :type => trace.mime_type, :disposition => 'attachment') send_file(trace.trace_name, :filename => "#{trace.id}#{trace.extension_name}", :type => trace.mime_type, :disposition => 'attachment')