cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' into openid

Browse source 
Conflicts:
	app/controllers/user_controller.rb
	app/views/user/terms.html.erb
	config/locales/en.yml
This commit is contained in:
Tom Hughes 2010-09-06 12:49:10 +01:00
commit dd7ef37ec0
113 changed files with 2694 additions and 523 deletions
Download patch file Download diff file Expand all files Collapse all files

15
app/controllers/amf_controller.rb
View file

@ -172,7 +172,7 @@ class AmfController < ApplicationController
def amf_handle_error_with_timeout(call,rootobj,rootid)
amf_handle_error(call,rootobj,rootid) do
Timeout::timeout(APP_CONFIG['api_timeout'], OSM::APITimeoutError) do
Timeout::timeout(API_TIMEOUT, OSM::APITimeoutError) do
yield
end
end
@ -187,6 +187,11 @@ class AmfController < ApplicationController
if !user then return -1,"You are not logged in, so Potlatch can't write any changes to the database." end
unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end
if cstags
if !tags_ok(cstags) then return -1,"One of the tags is invalid. Linux users may need to upgrade to Flash Player 10.1." end
cstags = strip_non_xml_chars cstags
end
# close previous changeset and add comment
if closeid
cs = Changeset.find(closeid.to_i)
@ -197,6 +202,8 @@ class AmfController < ApplicationController
cs.save!
else
cs.tags['comment']=closecomment
# in case closecomment has chars not allowed in xml
cs.tags = strip_non_xml_chars cs.tags
cs.save_with_tags!
end
end
@ -206,7 +213,11 @@ class AmfController < ApplicationController
cs = Changeset.new
cs.tags = cstags
cs.user_id = user.id
if !closecomment.empty? then cs.tags['comment']=closecomment end
if !closecomment.empty?
cs.tags['comment']=closecomment
# in case closecomment has chars not allowed in xml
cs.tags = strip_non_xml_chars cs.tags
end
# smsm1 doesn't like the next two lines and thinks they need to be abstracted to the model more/better
cs.created_at = Time.now.getutc
cs.closed_at = cs.created_at + Changeset::IDLE_TIMEOUT

18
app/controllers/api_controller.rb
View file

@ -18,7 +18,7 @@ class ApiController < ApplicationController
return
end
offset = page * APP_CONFIG['tracepoints_per_page']
offset = page * TRACEPOINTS_PER_PAGE
# Figure out the bbox
bbox = params['bbox']
@ -39,7 +39,7 @@ class ApiController < ApplicationController
end
# get all the points
points = Tracepoint.find_by_area(min_lat, min_lon, max_lat, max_lon, :offset => offset, :limit => APP_CONFIG['tracepoints_per_page'], :order => "gpx_id DESC, trackid ASC, timestamp ASC" )
points = Tracepoint.find_by_area(min_lat, min_lon, max_lat, max_lon, :offset => offset, :limit => TRACEPOINTS_PER_PAGE, :order => "gpx_id DESC, trackid ASC, timestamp ASC" )
doc = XML::Document.new
doc.encoding = XML::Encoding::UTF_8
@ -145,14 +145,14 @@ class ApiController < ApplicationController
end
# FIXME um why is this area using a different order for the lat/lon from above???
@nodes = Node.find_by_area(min_lat, min_lon, max_lat, max_lon, :conditions => {:visible => true}, :include => :node_tags, :limit => APP_CONFIG['max_number_of_nodes']+1)
@nodes = Node.find_by_area(min_lat, min_lon, max_lat, max_lon, :conditions => {:visible => true}, :include => :node_tags, :limit => MAX_NUMBER_OF_NODES+1)
# get all the nodes, by tag not yet working, waiting for change from NickB
# need to be @nodes (instance var) so tests in /spec can be performed
#@nodes = Node.search(bbox, params[:tag])
node_ids = @nodes.collect(&:id)
if node_ids.length > APP_CONFIG['max_number_of_nodes']
report_error("You requested too many nodes (limit is #{APP_CONFIG['max_number_of_nodes']}). Either request a smaller area, or use planet.osm")
if node_ids.length > MAX_NUMBER_OF_NODES
report_error("You requested too many nodes (limit is #{MAX_NUMBER_OF_NODES}). Either request a smaller area, or use planet.osm")
return
end
if node_ids.length == 0
@ -295,19 +295,19 @@ class ApiController < ApplicationController
version['maximum'] = "#{API_VERSION}";
api << version
area = XML::Node.new 'area'
area['maximum'] = APP_CONFIG['max_request_area'].to_s;
area['maximum'] = MAX_REQUEST_AREA.to_s;
api << area
tracepoints = XML::Node.new 'tracepoints'
tracepoints['per_page'] = APP_CONFIG['tracepoints_per_page'].to_s
tracepoints['per_page'] = TRACEPOINTS_PER_PAGE.to_s
api << tracepoints
waynodes = XML::Node.new 'waynodes'
waynodes['maximum'] = APP_CONFIG['max_number_of_way_nodes'].to_s
waynodes['maximum'] = MAX_NUMBER_OF_WAY_NODES.to_s
api << waynodes
changesets = XML::Node.new 'changesets'
changesets['maximum_elements'] = Changeset::MAX_ELEMENTS.to_s
api << changesets
timeout = XML::Node.new 'timeout'
timeout['seconds'] = APP_CONFIG['api_timeout'].to_s
timeout['seconds'] = API_TIMEOUT.to_s
api << timeout
doc.root << api

18
app/controllers/application_controller.rb
View file

@ -2,7 +2,7 @@
# Likewise, all the methods added will be available for all controllers.
class ApplicationController < ActionController::Base
if OSM_STATUS == :database_readonly or OSM_STATUS == :database_offline
if STATUS == :database_readonly or STATUS == :database_offline
session :off
end
@ -120,20 +120,20 @@ class ApplicationController < ActionController::Base
end
def check_database_readable(need_api = false)
if OSM_STATUS == :database_offline or (need_api and OSM_STATUS == :api_offline)
if STATUS == :database_offline or (need_api and STATUS == :api_offline)
redirect_to :controller => 'site', :action => 'offline'
end
end
def check_database_writable(need_api = false)
if OSM_STATUS == :database_offline or OSM_STATUS == :database_readonly or
(need_api and (OSM_STATUS == :api_offline or OSM_STATUS == :api_readonly))
if STATUS == :database_offline or STATUS == :database_readonly or
(need_api and (STATUS == :api_offline or STATUS == :api_readonly))
redirect_to :controller => 'site', :action => 'offline'
end
end
def check_api_readable
if OSM_STATUS == :database_offline or OSM_STATUS == :api_offline
if STATUS == :database_offline or STATUS == :api_offline
response.headers['Error'] = "Database offline for maintenance"
render :nothing => true, :status => :service_unavailable
return false
@ -141,8 +141,8 @@ class ApplicationController < ActionController::Base
end
def check_api_writable
if OSM_STATUS == :database_offline or OSM_STATUS == :database_readonly or
OSM_STATUS == :api_offline or OSM_STATUS == :api_readonly
if STATUS == :database_offline or STATUS == :database_readonly or
STATUS == :api_offline or STATUS == :api_readonly
response.headers['Error'] = "Database offline for maintenance"
render :nothing => true, :status => :service_unavailable
return false
@ -219,7 +219,7 @@ class ApplicationController < ActionController::Base
##
# wrap an api call in a timeout
def api_call_timeout
SystemTimer.timeout_after(APP_CONFIG['api_timeout']) do
SystemTimer.timeout_after(API_TIMEOUT) do
yield
end
rescue Timeout::Error
@ -229,7 +229,7 @@ class ApplicationController < ActionController::Base
##
# wrap a web page in a timeout
def web_timeout
SystemTimer.timeout_after(APP_CONFIG['web_timeout']) do
SystemTimer.timeout_after(WEB_TIMEOUT) do
yield
end
rescue ActionView::TemplateError => ex

122
app/controllers/changeset_controller.rb
View file

@ -254,67 +254,71 @@ class ChangesetController < ApplicationController
##
# list edits (open changesets) in reverse chronological order
def list
conditions = conditions_nonempty
if params[:display_name]
user = User.find_by_display_name(params[:display_name], :conditions => { :status => ["active", "confirmed"] })
if user
if user.data_public? or user == @user
conditions = cond_merge conditions, ['user_id = ?', user.id]
else
conditions = cond_merge conditions, ['false']
end
elsif request.format == :html
@title = t 'user.no_such_user.title'
@not_found_user = params[:display_name]
render :template => 'user/no_such_user', :status => :not_found
end
end
if params[:bbox]
bbox = params[:bbox]
elsif params[:minlon] and params[:minlat] and params[:maxlon] and params[:maxlat]
bbox = params[:minlon] + ',' + params[:minlat] + ',' + params[:maxlon] + ',' + params[:maxlat]
end
if bbox
conditions = cond_merge conditions, conditions_bbox(bbox)
bbox = BoundingBox.from_s(bbox)
bbox_link = render_to_string :partial => "bbox", :object => bbox
end
if user
user_link = render_to_string :partial => "user", :object => user
end
if user and bbox
@title = t 'changeset.list.title_user_bbox', :user => user.display_name, :bbox => bbox.to_s
@heading = t 'changeset.list.heading_user_bbox', :user => user.display_name, :bbox => bbox.to_s
@description = t 'changeset.list.description_user_bbox', :user => user_link, :bbox => bbox_link
elsif user
@title = t 'changeset.list.title_user', :user => user.display_name
@heading = t 'changeset.list.heading_user', :user => user.display_name
@description = t 'changeset.list.description_user', :user => user_link
elsif bbox
@title = t 'changeset.list.title_bbox', :bbox => bbox.to_s
@heading = t 'changeset.list.heading_bbox', :bbox => bbox.to_s
@description = t 'changeset.list.description_bbox', :bbox => bbox_link
if request.format == :atom and params[:page]
redirect_to params.merge({ :page => nil }), :status => :moved_permanently
else
@title = t 'changeset.list.title'
@heading = t 'changeset.list.heading'
@description = t 'changeset.list.description'
conditions = conditions_nonempty
if params[:display_name]
user = User.find_by_display_name(params[:display_name], :conditions => { :status => ["active", "confirmed"] })
if user
if user.data_public? or user == @user
conditions = cond_merge conditions, ['user_id = ?', user.id]
else
conditions = cond_merge conditions, ['false']
end
elsif request.format == :html
@title = t 'user.no_such_user.title'
@not_found_user = params[:display_name]
render :template => 'user/no_such_user', :status => :not_found
end
end
if params[:bbox]
bbox = params[:bbox]
elsif params[:minlon] and params[:minlat] and params[:maxlon] and params[:maxlat]
bbox = params[:minlon] + ',' + params[:minlat] + ',' + params[:maxlon] + ',' + params[:maxlat]
end
if bbox
conditions = cond_merge conditions, conditions_bbox(bbox)
bbox = BoundingBox.from_s(bbox)
bbox_link = render_to_string :partial => "bbox", :object => bbox
end
if user
user_link = render_to_string :partial => "user", :object => user
end
if user and bbox
@title = t 'changeset.list.title_user_bbox', :user => user.display_name, :bbox => bbox.to_s
@heading = t 'changeset.list.heading_user_bbox', :user => user.display_name, :bbox => bbox.to_s
@description = t 'changeset.list.description_user_bbox', :user => user_link, :bbox => bbox_link
elsif user
@title = t 'changeset.list.title_user', :user => user.display_name
@heading = t 'changeset.list.heading_user', :user => user.display_name
@description = t 'changeset.list.description_user', :user => user_link
elsif bbox
@title = t 'changeset.list.title_bbox', :bbox => bbox.to_s
@heading = t 'changeset.list.heading_bbox', :bbox => bbox.to_s
@description = t 'changeset.list.description_bbox', :bbox => bbox_link
else
@title = t 'changeset.list.title'
@heading = t 'changeset.list.heading'
@description = t 'changeset.list.description'
end
@page = (params[:page] || 1).to_i
@page_size = 20
@edits = Changeset.find(:all,
:include => [:user, :changeset_tags],
:conditions => conditions,
:order => "changesets.created_at DESC",
:offset => (@page - 1) * @page_size,
:limit => @page_size)
end
@page = (params[:page] || 1).to_i
@page_size = 20
@edits = Changeset.find(:all,
:include => [:user, :changeset_tags],
:conditions => conditions,
:order => "changesets.created_at DESC",
:offset => (@page - 1) * @page_size,
:limit => @page_size)
end
private

2
app/controllers/diary_entry_controller.rb
View file

@ -10,7 +10,7 @@ class DiaryEntryController < ApplicationController
caches_action :list, :view, :layout => false
caches_action :rss, :layout => true
cache_sweeper :diary_sweeper, :only => [:new, :edit, :comment, :hide, :hidecomment], :unless => OSM_STATUS == :database_offline
cache_sweeper :diary_sweeper, :only => [:new, :edit, :comment, :hide, :hidecomment], :unless => STATUS == :database_offline
def new
@title = t 'diary_entry.new.title'

10
app/controllers/geocoder_controller.rb
View file

@ -57,7 +57,7 @@ class GeocoderController < ApplicationController
render :action => "error"
else
@results.push({:lat => lat, :lon => lon,
:zoom => APP_CONFIG['postcode_zoom'],
:zoom => POSTCODE_ZOOM,
:name => "#{lat}, #{lon}"})
render :action => "results"
@ -78,7 +78,7 @@ class GeocoderController < ApplicationController
unless response.match(/couldn't find this zip/)
data = response.split(/\s*,\s+/) # lat,long,town,state,zip
@results.push({:lat => data[0], :lon => data[1],
:zoom => APP_CONFIG['postcode_zoom'],
:zoom => POSTCODE_ZOOM,
:prefix => "#{data[2]}, #{data[3]},",
:name => data[4]})
end
@ -104,7 +104,7 @@ class GeocoderController < ApplicationController
dataline = response.split(/\n/)[1]
data = dataline.split(/,/) # easting,northing,postcode,lat,long
postcode = data[2].gsub(/'/, "")
zoom = APP_CONFIG['postcode_zoom'] - postcode.count("#")
zoom = POSTCODE_ZOOM - postcode.count("#")
@results.push({:lat => data[3], :lon => data[4], :zoom => zoom,
:name => postcode})
end
@ -127,7 +127,7 @@ class GeocoderController < ApplicationController
if response.get_elements("geodata/error").empty?
@results.push({:lat => response.get_text("geodata/latt").to_s,
:lon => response.get_text("geodata/longt").to_s,
:zoom => APP_CONFIG['postcode_zoom'],
:zoom => POSTCODE_ZOOM,
:name => query.upcase})
end
@ -286,7 +286,7 @@ class GeocoderController < ApplicationController
name = geoname.get_text("name").to_s
country = geoname.get_text("countryName").to_s
@results.push({:lat => lat, :lon => lon,
:zoom => APP_CONFIG['geonames_zoom'],
:zoom => GEONAMES_ZOOM,
:name => name,
:suffix => ", #{country}"})
end

2
app/controllers/message_controller.rb
View file

@ -15,7 +15,7 @@ class MessageController < ApplicationController
@to_user = User.find_by_display_name(params[:display_name])
if @to_user
if params[:message]
if @user.sent_messages.count(:conditions => ["sent_on >= ?", Time.now.getutc - 1.hour]) >= APP_CONFIG['max_messages_per_hour']
if @user.sent_messages.count(:conditions => ["sent_on >= ?", Time.now.getutc - 1.hour]) >= MAX_MESSAGES_PER_HOUR
flash[:error] = t 'message.new.limit_exceeded'
else
@message = Message.new(params[:message])

26
app/controllers/trace_controller.rb
View file

@ -15,10 +15,11 @@ class TraceController < ApplicationController
before_filter :offline_redirect, :only => [:create, :edit, :delete, :data, :api_data, :api_create]
around_filter :api_call_handle_error, :only => [:api_details, :api_data, :api_create]
caches_action :list, :view, :layout => false
caches_action :list, :unless => :logged_in?, :layout => false
caches_action :view, :layout => false
caches_action :georss, :layout => true
cache_sweeper :trace_sweeper, :only => [:create, :edit, :delete, :api_create], :unless => OSM_STATUS == :database_offline
cache_sweeper :tracetag_sweeper, :only => [:create, :edit, :delete, :api_create], :unless => OSM_STATUS == :database_offline
cache_sweeper :trace_sweeper, :only => [:create, :edit, :delete, :api_create], :unless => STATUS == :database_offline
cache_sweeper :tracetag_sweeper, :only => [:create, :edit, :delete, :api_create], :unless => STATUS == :database_offline
# Counts and selects pages of GPX traces for various criteria (by user, tags, public etc.).
# target_user - if set, specifies the user to fetch traces for. if not set will fetch all traces
@ -105,7 +106,6 @@ class TraceController < ApplicationController
@target_user = target_user
@display_name = target_user.display_name if target_user
@all_tags = tagset.values
@trace = Trace.new(:visibility => default_visibility) if @user
end
def mine
@ -130,6 +130,7 @@ class TraceController < ApplicationController
def create
if params[:trace]
logger.info(params[:trace][:gpx_file].class.name)
if params[:trace][:gpx_file].respond_to?(:read)
begin
do_create(params[:trace][:gpx_file], params[:trace][:tagstring],
@ -146,7 +147,7 @@ class TraceController < ApplicationController
flash[:warning] = t 'trace.trace_header.traces_waiting', :count => @user.traces.count(:conditions => { :inserted => false })
end
redirect_to :action => 'mine'
redirect_to :action => :list, :display_name => @user.display_name
end
else
@trace = Trace.new({:name => "Dummy",
@ -158,7 +159,10 @@ class TraceController < ApplicationController
@trace.valid?
@trace.errors.add(:gpx_file, "can't be blank")
end
else
@trace = Trace.new(:visibility => default_visibility)
end
@title = t 'trace.create.upload_trace'
end
@ -206,7 +210,7 @@ class TraceController < ApplicationController
trace.visible = false
trace.save
flash[:notice] = t 'trace.delete.scheduled_for_deletion'
redirect_to :controller => 'traces', :action => 'mine'
redirect_to :action => :list, :display_name => @user.display_name
else
render :nothing => true, :status => :bad_request
end
@ -292,7 +296,11 @@ class TraceController < ApplicationController
trace = Trace.find(params[:id])
if trace.public? or trace.user == @user
send_file(trace.trace_name, :filename => "#{trace.id}#{trace.extension_name}", :type => trace.mime_type, :disposition => 'attachment')
if request.format == Mime::XML
send_file(trace.xml_file, :filename => "#{trace.id}.xml", :type => Mime::XML.to_s, :disposition => 'attachment')
else
send_file(trace.trace_name, :filename => "#{trace.id}#{trace.extension_name}", :type => trace.mime_type, :disposition => 'attachment')
end
else
render :nothing => true, :status => :forbidden
end
@ -395,11 +403,11 @@ private
end
def offline_warning
flash.now[:warning] = t 'trace.offline_warning.message' if OSM_STATUS == :gpx_offline
flash.now[:warning] = t 'trace.offline_warning.message' if STATUS == :gpx_offline
end
def offline_redirect
redirect_to :action => :offline if OSM_STATUS == :gpx_offline
redirect_to :action => :offline if STATUS == :gpx_offline
end
def default_visibility

74
app/controllers/user_controller.rb
View file

@ -16,42 +16,15 @@ class UserController < ApplicationController
filter_parameter_logging :password, :pass_crypt, :pass_crypt_confirmation
cache_sweeper :user_sweeper, :only => [:account, :set_status, :delete], :unless => OSM_STATUS == :database_offline
cache_sweeper :user_sweeper, :only => [:account, :set_status, :delete], :unless => STATUS == :database_offline
def terms
@title = t 'user.new.title'
@legale = params[:legale] || OSM.IPToCountry(request.remote_ip) || APP_CONFIG['default_legale']
@legale = params[:legale] || OSM.IPToCountry(request.remote_ip) || DEFAULT_LEGALE
@text = OSM.legal_text_for_country(@legale)
if request.xhr?
render :update do |page|
page.replace_html "contributorTerms", :partial => "terms"
end
elsif params[:user]
session[:referer] = params[:referer]
@user = User.new(params[:user])
if params[:user][:openid_url] and @user.pass_crypt.empty?
# We are creating an account with OpenID and no password
# was specified so create a random one
@user.pass_crypt = ActiveSupport::SecureRandom.base64(16)
@user.pass_crypt_confirmation = @user.pass_crypt
end
if @user.valid?
if params[:user][:openid_url].nil? or
params[:user][:openid_url].empty?
# No OpenID so just move on to the terms
render :action => 'terms'
else
# Verify OpenID before moving on
session[:new_user] = @user
openid_verify(params[:user][:openid_url], @user)
end
else
# Something is wrong, so rerender the form
render :action => 'new'
page.replace_html "contributorTerms", :partial => "terms", :locals => { :has_decline => params[:has_decline] }
end
elsif using_open_id?
# The redirect from the OpenID provider reenters here
@ -67,6 +40,35 @@ class UserController < ApplicationController
else
render :action => 'terms'
end
else
session[:referer] = params[:referer]
@title = t 'user.terms.title'
@user = User.new(params[:user]) if params[:user]
if params[:user][:openid_url] and @user.pass_crypt.empty?
# We are creating an account with OpenID and no password
# was specified so create a random one
@user.pass_crypt = ActiveSupport::SecureRandom.base64(16)
@user.pass_crypt_confirmation = @user.pass_crypt
end
if @user
if @user.invalid?
# Something is wrong, so rerender the form
render :action => :new
elsif @user.terms_agreed?
# Already agreed to terms, so just show settings
redirect_to :action => :account, :display_name => @user.display_name
elsif params[:user][:openid_url]
# Verify OpenID before moving on
session[:new_user] = @user
openid_verify(params[:user][:openid_url], @user)
end
else
# Not logged in, so redirect to the login page
redirect_to :action => :login, :referer => request.request_uri
end
end
end
@ -77,6 +79,16 @@ class UserController < ApplicationController
render :action => 'new'
elsif params[:decline]
redirect_to t('user.terms.declined')
elsif @user
if !@user.terms_agreed?
@user.consider_pd = params[:user][:consider_pd]
@user.terms_agreed = Time.now.getutc
if @user.save
flash[:notice] = t 'user.new.terms accepted'
end
end
redirect_to :action => :account, :display_name => @user.display_name
else
@user = User.new(params[:user])
@ -220,7 +232,7 @@ class UserController < ApplicationController
password_authentication(params[:username], params[:password])
end
else
@title = t 'user.login.title'
flash.now[:notice] = t 'user.login.notice'
end
end