83425edd8d
Fixes #4861 Since the around_action is defined before authorize_resource is called, the handler needs to pass on the CanCan::AccessDenied exception. I've added the timeouts where I think they were missing (e.g. UserPreferencesController) but I've kept the exception for changeset#upload and traces#create
20 lines
658 B
Ruby
20 lines
658 B
Ruby
module Api
|
|
class CapabilitiesController < ApiController
|
|
skip_before_action :check_api_readable
|
|
|
|
authorize_resource :class => false
|
|
|
|
before_action :set_request_formats
|
|
|
|
# External apps that use the api are able to query the api to find out some
|
|
# parameters of the API. It currently returns:
|
|
# * minimum and maximum API versions that can be used.
|
|
# * maximum area that can be requested in a bbox request in square degrees
|
|
# * number of tracepoints that are returned in each tracepoints page
|
|
def show
|
|
@database_status = database_status
|
|
@api_status = api_status
|
|
@gpx_status = gpx_status
|
|
end
|
|
end
|
|
end
|