Split the rest action into sparate read, update and delete actions thus

allowing authorization to be done on a per-action basis without worring about the method. This should make the user API work. Also do a lot of cleanup of the controllers.
2007-06-27 17:27:10 +00:00 · 2007-06-27 17:27:10 +00:00 · dcad29dad0
commit dcad29dad0
parent 9d6ae5baae
17 changed files with 417 additions and 361 deletions
--- a/app/controllers/segment_controller.rb
+++ b/app/controllers/segment_controller.rb
@ -1,135 +1,148 @@
 class SegmentController < ApplicationController
  require 'xml/libxml'

-  before_filter :authorize
+  before_filter :authorize, :only => [:create, :update, :destroy]
  after_filter :compress_output

  def create
-    response.headers["Content-Type"] = 'text/xml'
    if request.put?
      segment = Segment.from_xml(request.raw_post, true)

      if segment
-        segment.user_id = @user.id
-
-        segment.from_node = Node.find(segment.node_a.to_i)
-        segment.to_node = Node.find(segment.node_b.to_i)
-          
-        if segment.from_node == segment.to_node
-          render :nothing => true, :status => HTTP_EXPECTATION_FAILED
-          return
-        end
-        
-        unless segment.preconditions_ok? # are the nodes visible?
-          render :nothing => true, :status => HTTP_PRECONDITION_FAILED
-          return
-        end
-
-        if segment.save_with_history
-          render :text => segment.id.to_s
+        if segment.node_a == segment.node_b
+          render :nothing => true, :status => :expectation_failed
+        elsif !segment.preconditions_ok?
+          render :nothing => true, :status => :precondition_failed
        else
-          render :nothing => true, :status => 500
-        end
-        return
-      else
-        render :nothing => true, :status => 400 # if we got here the doc didnt parse
-        return
-      end
-    end
+          segment.user_id = @user.id
+          segment.from_node = Node.find(segment.node_a.to_i)
+          segment.to_node = Node.find(segment.node_b.to_i)

-    render :nothing => true, :status => 500 # something went very wrong
+          if segment.save_with_history
+            render :text => segment.id.to_s, :content_type => "text/plain"
+          else
+            render :nothing => true, :status => :internal_server_error
+          end
+        end
+      else
+        render :nothing => true, :status => :bad_request
+      end
+    else
+      render :nothing => true, :status => :method_not_allowed
+    end
  end

-  def rest
-    response.headers["Content-Type"] = 'text/xml'
-    unless Segment.exists?(params[:id])
-      render :nothing => true, :status => 404
-      return
+  def read
+    begin
+      segment = Segment.find(params[:id])
+
+      if segment.visible
+        render :text => segment.to_xml.to_s, :content_type => "text/xml"
+      else
+        render :nothing => true, :status => :gone
+      end
+    rescue ActiveRecord::RecordNotFound
+      render :nothing => true, :status => :not_found
+    rescue
+      render :nothing => true, :status => :internal_server_error
    end
+  end

-    segment = Segment.find(params[:id])
+  def update
+    begin
+      segment = Segment.find(params[:id])

-    case request.method
+      if segment.visible
+        new_segment = Segment.from_xml(request.raw_post)

-    when :get
-      render :text => segment.to_xml.to_s
-      return
+        if new_segment and new_segment.id == segment.id
+          if new_segment.node_a == new_segment.node_b
+            render :nothing => true, :status => :expectation_failed
+          elsif !new_segment.preconditions_ok?
+            render :nothing => true, :status => :precondition_failed
+          else
+            segment.timestamp = Time.now
+            segment.user_id = @user.id
+            segment.node_a = new_segment.node_a
+            segment.node_b = new_segment.node_b
+            segment.tags = new_segment.tags
+            segment.visible = new_segment.visible
+
+            if segment.save_with_history
+              render :nothing => true
+            else
+              render :nothing => true, :status => :internal_server_error
+            end
+          end
+        else
+          render :nothing => true, :status => :bad_request
+        end
+      else
+        render :nothing => true, :status => :gone
+      end
+    rescue ActiveRecord::RecordNotFound
+      render :nothing => true, :status => :not_found
+    rescue
+      render :nothing => true, :status => :internal_server_error
+    end
+  end
+
+  def delete
+    begin
+      segment = Segment.find(params[:id])

-    when :delete
      if segment.visible
        if WaySegment.find(:first, :joins => "INNER JOIN current_ways ON current_ways.id = current_way_segments.id", :conditions => [ "current_ways.visible = 1 AND current_way_segments.segment_id = ?", segment.id ])
-          render :nothing => true, :status => HTTP_PRECONDITION_FAILED
+          render :nothing => true, :status => :precondition_failed
        else
          segment.user_id = @user.id
          segment.visible = 0
-          segment.save_with_history
-          render :nothing => true
+
+          if segment.save_with_history
+            render :nothing => true
+          else
+            render :nothing => true, :status => :internal_server_error
+          end
        end
      else
-        render :nothing => true, :status => 410
-      end
-
-    when :put
-      new_segment = Segment.from_xml(request.raw_post)
-
-      if new_segment
-        if new_segment.node_a == new_segment.node_b
-          render :nothing => true, :status => HTTP_EXPECTATION_FAILED
-          return
-        end
-        
-        unless new_segment.preconditions_ok? # are the nodes visible?
-          render :nothing => true, :status => HTTP_PRECONDITION_FAILED
-          return
-        end
-
-        segment.timestamp = Time.now
-        segment.user_id = @user.id
-        segment.node_a = new_segment.node_a
-        segment.node_b = new_segment.node_b
-        segment.tags = new_segment.tags
-        segment.visible = new_segment.visible
-
-        if segment.id == new_segment.id and segment.save_with_history
-          render :nothing => true
-        else
-          render :nothing => true, :status => 500
-        end
-      else
-        render :nothing => true, :status => 400 # if we got here the doc didnt parse
+        render :nothing => true, :status => :gone
      end
+    rescue ActiveRecord::RecordNotFound
+      render :nothing => true, :status => :not_found
+    rescue
+      render :nothing => true, :status => :internal_server_error
    end
-
  end

  def segments
-    response.headers["Content-Type"] = 'text/xml'
-    ids = params['segments'].split(',').collect {|s| s.to_i }
+    ids = params['segments'].split(',').collect { |s| s.to_i }
+
    if ids.length > 0
-      segmentlist = Segment.find(ids)
      doc = OSM::API.new.get_xml_doc
-      segmentlist.each do |segment|
+
+      Segment.find(ids).each do |segment|
        doc.root << segment.to_xml_node
      end 
-      render :text => doc.to_s
+
+      render :text => doc.to_s, :content_type => "text/xml"
    else
-      render :nothing => true, :status => 400
+      render :nothing => true, :status => :bad_request
    end
  end

  def segments_for_node
-    response.headers["Content-Type"] = 'text/xml'
    segmentids = Segment.find(:all, :conditions => ['node_a = ? OR node_b = ?', params[:id], params[:id]]).collect { |s| s.id }.uniq
+
    if segmentids.length > 0
-      segmentlist = Segment.find(segmentids)
      doc = OSM::API.new.get_xml_doc
-      segmentlist.each do |segment|
+
+      Segment.find(segmentids).each do |segment|
        doc.root << segment.to_xml_node
-      end 
-      render :text => doc.to_s
+      end
+
+      render :text => doc.to_s, :content_type => "text/xml"
    else
-      render :nothing => true, :status => 400
+      render :nothing => true, :status => :bad_request
    end
  end
-
 end