Skip to content

Commit

Permalink
Make api old element show paths resourceful
Browse files Browse the repository at this point in the history
  • Loading branch information
@AntonKhorev
AntonKhorev committed Feb 9, 2025
1 parent 29323be commit f2ed3c1
Show file tree
Hide file tree
Showing 12 changed files with 151 additions and 117 deletions.
2 changes: 1 addition & 1 deletion app/controllers/api/old_nodes_controller.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ class OldNodesController < OldElementsController
private

def lookup_old_element
@old_element = OldNode.find([params[:id], params[:version]])
@old_element = OldNode.find([params[:node_id], params[:version]])
end

def lookup_old_element_versions
Expand Down
2 changes: 1 addition & 1 deletion app/controllers/api/old_relations_controller.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ class OldRelationsController < OldElementsController
private

def lookup_old_element
@old_element = OldRelation.find([params[:id], params[:version]])
@old_element = OldRelation.find([params[:relation_id], params[:version]])
end

def lookup_old_element_versions
Expand Down
2 changes: 1 addition & 1 deletion app/controllers/api/old_ways_controller.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ class OldWaysController < OldElementsController
private

def lookup_old_element
@old_element = OldWay.find([params[:id], params[:version]])
@old_element = OldWay.find([params[:way_id], params[:version]])
end

def lookup_old_element_versions
Expand Down
2 changes: 1 addition & 1 deletion app/views/old_elements/_actions.html.erb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
<%= link_to t("browse.view_details"), :controller => @type.pluralize, :action => :show %>
<% if !@feature.redacted? %>
&middot;
<%= link_to t("browse.download_xml"), :controller => "api/old_#{@type.pluralize}", :action => :show %>
<%= link_to t("browse.download_xml"), send(:"api_#{@type}_version_path", *@feature.id) %>
<% elsif current_user&.moderator? %>
&middot;
<% if !params[:show_redactions] %>
Expand Down
12 changes: 6 additions & 6 deletions config/routes.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,14 +30,11 @@
post "changeset/comment/:id/hide" => "changeset_comments#destroy", :as => :changeset_comment_hide, :id => /\d+/
post "changeset/comment/:id/unhide" => "changeset_comments#restore", :as => :changeset_comment_unhide, :id => /\d+/

post "node/:id/:version/redact" => "old_nodes#redact", :as => :node_version_redact, :version => /\d+/, :id => /\d+/
get "node/:id/:version" => "old_nodes#show", :as => :api_old_node, :id => /\d+/, :version => /\d+/
post "node/:node_id/:version/redact" => "old_nodes#redact", :as => :node_version_redact, :version => /\d+/, :node_id => /\d+/

post "way/:id/:version/redact" => "old_ways#redact", :as => :way_version_redact, :version => /\d+/, :id => /\d+/
get "way/:id/:version" => "old_ways#show", :as => :api_old_way, :id => /\d+/, :version => /\d+/
post "way/:way_id/:version/redact" => "old_ways#redact", :as => :way_version_redact, :version => /\d+/, :id => /\d+/

post "relation/:id/:version/redact" => "old_relations#redact", :as => :relation_version_redact, :version => /\d+/, :id => /\d+/
get "relation/:id/:version" => "old_relations#show", :as => :api_old_relation, :id => /\d+/, :version => /\d+/
post "relation/:relation_id/:version/redact" => "old_relations#redact", :as => :relation_version_redact, :version => /\d+/, :id => /\d+/
end

namespace :api, :path => "api/0.6" do
Expand All @@ -48,6 +45,7 @@
resources :relations, :only => :index
end
resources :versions, :path => "history", :controller => :old_nodes, :only => :index
resources :versions, :path => "", :version => /\d+/, :param => :version, :controller => :old_nodes, :only => :show
end
put "node/create" => "nodes#create", :as => nil

Expand All @@ -60,6 +58,7 @@
resources :relations, :only => :index
end
resources :versions, :path => "history", :controller => :old_ways, :only => :index
resources :versions, :path => "", :version => /\d+/, :param => :version, :controller => :old_ways, :only => :show
end
put "way/create" => "ways#create", :as => nil

Expand All @@ -72,6 +71,7 @@
resources :relations, :only => :index
end
resources :versions, :path => "history", :controller => :old_relations, :only => :index
resources :versions, :path => "", :version => /\d+/, :param => :version, :controller => :old_relations, :only => :show
end
put "relation/create" => "relations#create", :as => nil

Expand Down
62 changes: 31 additions & 31 deletions test/controllers/api/old_nodes_controller_test.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,15 +15,15 @@ def test_routes
)
assert_routing(
{ :path => "/api/0.6/node/1/2", :method => :get },
{ :controller => "api/old_nodes", :action => "show", :id => "1", :version => "2" }
{ :controller => "api/old_nodes", :action => "show", :node_id => "1", :version => "2" }
)
assert_routing(
{ :path => "/api/0.6/node/1/2.json", :method => :get },
{ :controller => "api/old_nodes", :action => "show", :id => "1", :version => "2", :format => "json" }
{ :controller => "api/old_nodes", :action => "show", :node_id => "1", :version => "2", :format => "json" }
)
assert_routing(
{ :path => "/api/0.6/node/1/2/redact", :method => :post },
{ :controller => "api/old_nodes", :action => "redact", :id => "1", :version => "2" }
{ :controller => "api/old_nodes", :action => "redact", :node_id => "1", :version => "2" }
)
end

Expand Down Expand Up @@ -77,7 +77,7 @@ def test_index_redacted
#
##
# FIXME: Move this test to being an integration test since it spans multiple controllers
def test_version
def test_show
private_user = create(:user, :data_public => false)
private_node = create(:node, :with_history, :version => 4, :lat => 0, :lon => 0, :changeset => create(:changeset, :user => private_user))
user = create(:user)
Expand Down Expand Up @@ -181,7 +181,7 @@ def test_version

# check all the versions
versions.each_key do |key|
get api_old_node_path(nodeid, key.to_i)
get api_node_version_path(nodeid, key.to_i)

assert_response :success,
"couldn't get version #{key.to_i} of node #{nodeid}"
Expand All @@ -193,13 +193,30 @@ def test_version
end
end

def test_not_found_version
def test_show_not_found
check_not_found_id_version(70000, 312344)
check_not_found_id_version(-1, -13)
check_not_found_id_version(create(:node).id, 24354)
check_not_found_id_version(24356, create(:node).version)
end

##
# test that redacted nodes aren't visible, regardless of
# authorisation except as moderator...
def test_show_redacted
node = create(:node, :with_history, :version => 2)
node_v1 = node.old_nodes.find_by(:version => 1)
node_v1.redact!(create(:redaction))

get api_node_version_path(node_v1.node_id, node_v1.version)
assert_response :forbidden, "Redacted node shouldn't be visible via the version API."

# not even to a logged-in user
auth_header = bearer_authorization_header
get api_node_version_path(node_v1.node_id, node_v1.version), :headers => auth_header
assert_response :forbidden, "Redacted node shouldn't be visible via the version API, even when logged in."
end

##
# Test that getting the current version is identical to picking
# that version with the version URI call.
Expand Down Expand Up @@ -301,23 +318,6 @@ def test_redact_node_by_moderator_with_write_redactions_scope
assert_response :success, "should be OK to redact old version as moderator with write_redactions scope."
end

##
# test that redacted nodes aren't visible, regardless of
# authorisation except as moderator...
def test_version_redacted
node = create(:node, :with_history, :version => 2)
node_v1 = node.old_nodes.find_by(:version => 1)
node_v1.redact!(create(:redaction))

get api_old_node_path(node_v1.node_id, node_v1.version)
assert_response :forbidden, "Redacted node shouldn't be visible via the version API."

# not even to a logged-in user
auth_header = bearer_authorization_header
get api_old_node_path(node_v1.node_id, node_v1.version), :headers => auth_header
assert_response :forbidden, "Redacted node shouldn't be visible via the version API, even when logged in."
end

##
# test the redaction of an old version of a node, while being
# authorised as a moderator.
Expand All @@ -331,9 +331,9 @@ def test_redact_node_moderator

# check moderator can still see the redacted data, when passing
# the appropriate flag
get api_old_node_path(node_v3.node_id, node_v3.version), :headers => auth_header
get api_node_version_path(node_v3.node_id, node_v3.version), :headers => auth_header
assert_response :forbidden, "After redaction, node should be gone for moderator, when flag not passed."
get api_old_node_path(node_v3.node_id, node_v3.version, :show_redactions => "true"), :headers => auth_header
get api_node_version_path(node_v3.node_id, node_v3.version, :show_redactions => "true"), :headers => auth_header
assert_response :success, "After redaction, node should not be gone for moderator, when flag passed."

# and when accessed via history
Expand Down Expand Up @@ -361,7 +361,7 @@ def test_redact_node_is_redacted
auth_header = bearer_authorization_header

# check can't see the redacted data
get api_old_node_path(node_v3.node_id, node_v3.version), :headers => auth_header
get api_node_version_path(node_v3.node_id, node_v3.version), :headers => auth_header
assert_response :forbidden, "Redacted node shouldn't be visible via the version API."

# and when accessed via history
Expand Down Expand Up @@ -414,7 +414,7 @@ def test_unredact_node_moderator

# check moderator can now see the redacted data, when not
# passing the aspecial flag
get api_old_node_path(node_v1.node_id, node_v1.version), :headers => auth_header
get api_node_version_path(node_v1.node_id, node_v1.version), :headers => auth_header
assert_response :success, "After unredaction, node should not be gone for moderator."

# and when accessed via history
Expand All @@ -426,7 +426,7 @@ def test_unredact_node_moderator
auth_header = bearer_authorization_header

# check normal user can now see the redacted data
get api_old_node_path(node_v1.node_id, node_v1.version), :headers => auth_header
get api_node_version_path(node_v1.node_id, node_v1.version), :headers => auth_header
assert_response :success, "After unredaction, node should be visible to normal users."

# and when accessed via history
Expand All @@ -445,7 +445,7 @@ def do_redact_redactable_node(headers = {})
end

def do_redact_node(node, redaction, headers = {})
get api_old_node_path(node.node_id, node.version), :headers => headers
get api_node_version_path(node.node_id, node.version), :headers => headers
assert_response :success, "should be able to get version #{node.version} of node #{node.node_id}."

# now redact it
Expand All @@ -462,7 +462,7 @@ def check_current_version(node_id)
assert_not_nil current_node, "getting node #{node_id} returned nil"

# get the "old" version of the node from the old_node interface
get api_old_node_path(node_id, current_node.version)
get api_node_version_path(node_id, current_node.version)
assert_response :success, "cant get old node #{node_id}, v#{current_node.version}"
old_node = Node.from_xml(@response.body)

Expand All @@ -471,7 +471,7 @@ def check_current_version(node_id)
end

def check_not_found_id_version(id, version)
get api_old_node_path(id, version)
get api_node_version_path(id, version)
assert_response :not_found
rescue ActionController::UrlGenerationError => e
assert_match(/No route matches/, e.to_s)
Expand Down
86 changes: 60 additions & 26 deletions test/controllers/api/old_relations_controller_test.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,15 +15,15 @@ def test_routes
)
assert_routing(
{ :path => "/api/0.6/relation/1/2", :method => :get },
{ :controller => "api/old_relations", :action => "show", :id => "1", :version => "2" }
{ :controller => "api/old_relations", :action => "show", :relation_id => "1", :version => "2" }
)
assert_routing(
{ :path => "/api/0.6/relation/1/2.json", :method => :get },
{ :controller => "api/old_relations", :action => "show", :id => "1", :version => "2", :format => "json" }
{ :controller => "api/old_relations", :action => "show", :relation_id => "1", :version => "2", :format => "json" }
)
assert_routing(
{ :path => "/api/0.6/relation/1/2/redact", :method => :post },
{ :controller => "api/old_relations", :action => "redact", :id => "1", :version => "2" }
{ :controller => "api/old_relations", :action => "redact", :relation_id => "1", :version => "2" }
)
end

Expand Down Expand Up @@ -73,6 +73,57 @@ def test_index_redacted
"redacted relation #{relation_v1.relation_id} version #{relation_v1.version} shouldn't be present in the history, even when logged in."
end

def test_show
relation = create(:relation, :with_history, :version => 2)
create(:old_relation_tag, :old_relation => relation.old_relations[0], :k => "k1", :v => "v1")
create(:old_relation_tag, :old_relation => relation.old_relations[1], :k => "k2", :v => "v2")

get api_relation_version_path(relation, 1)

assert_response :success
assert_dom "osm:root", 1 do
assert_dom "> relation", 1 do
assert_dom "> @id", relation.id.to_s
assert_dom "> @version", "1"
assert_dom "> tag", 1 do
assert_dom "> @k", "k1"
assert_dom "> @v", "v1"
end
end
end

get api_relation_version_path(relation, 2)

assert_response :success
assert_dom "osm:root", 1 do
assert_dom "> relation", 1 do
assert_dom "> @id", relation.id.to_s
assert_dom "> @version", "2"
assert_dom "> tag", 1 do
assert_dom "> @k", "k2"
assert_dom "> @v", "v2"
end
end
end
end

##
# test that redacted relations aren't visible, regardless of
# authorisation except as moderator...
def test_show_redacted
relation = create(:relation, :with_history, :version => 2)
relation_v1 = relation.old_relations.find_by(:version => 1)
relation_v1.redact!(create(:redaction))

get api_relation_version_path(relation_v1.relation_id, relation_v1.version)
assert_response :forbidden, "Redacted relation shouldn't be visible via the version API."

# not even to a logged-in user
auth_header = bearer_authorization_header
get api_relation_version_path(relation_v1.relation_id, relation_v1.version), :headers => auth_header
assert_response :forbidden, "Redacted relation shouldn't be visible via the version API, even when logged in."
end

##
# test the redaction of an old version of a relation, while not being
# authorised.
Expand Down Expand Up @@ -134,23 +185,6 @@ def test_redact_relation_by_moderator_with_write_redactions_scope
assert_response :success, "should be OK to redact old version as moderator with write_redactions scope."
end

##
# test that redacted relations aren't visible, regardless of
# authorisation except as moderator...
def test_version_redacted
relation = create(:relation, :with_history, :version => 2)
relation_v1 = relation.old_relations.find_by(:version => 1)
relation_v1.redact!(create(:redaction))

get api_old_relation_path(relation_v1.relation_id, relation_v1.version)
assert_response :forbidden, "Redacted relation shouldn't be visible via the version API."

# not even to a logged-in user
auth_header = bearer_authorization_header
get api_old_relation_path(relation_v1.relation_id, relation_v1.version), :headers => auth_header
assert_response :forbidden, "Redacted relation shouldn't be visible via the version API, even when logged in."
end

##
# test the redaction of an old version of a relation, while being
# authorised as a moderator.
Expand All @@ -165,9 +199,9 @@ def test_redact_relation_moderator

# check moderator can still see the redacted data, when passing
# the appropriate flag
get api_old_relation_path(relation_v3.relation_id, relation_v3.version), :headers => auth_header
get api_relation_version_path(relation_v3.relation_id, relation_v3.version), :headers => auth_header
assert_response :forbidden, "After redaction, relation should be gone for moderator, when flag not passed."
get api_old_relation_path(relation_v3.relation_id, relation_v3.version, :show_redactions => "true"), :headers => auth_header
get api_relation_version_path(relation_v3.relation_id, relation_v3.version, :show_redactions => "true"), :headers => auth_header
assert_response :success, "After redaction, relation should not be gone for moderator, when flag passed."

# and when accessed via history
Expand Down Expand Up @@ -196,7 +230,7 @@ def test_redact_relation_is_redacted
auth_header = bearer_authorization_header

# check can't see the redacted data
get api_old_relation_path(relation_v3.relation_id, relation_v3.version), :headers => auth_header
get api_relation_version_path(relation_v3.relation_id, relation_v3.version), :headers => auth_header
assert_response :forbidden, "Redacted relation shouldn't be visible via the version API."

# and when accessed via history
Expand Down Expand Up @@ -247,7 +281,7 @@ def test_unredact_relation_moderator

# check moderator can still see the redacted data, without passing
# the appropriate flag
get api_old_relation_path(relation_v1.relation_id, relation_v1.version), :headers => auth_header
get api_relation_version_path(relation_v1.relation_id, relation_v1.version), :headers => auth_header
assert_response :success, "After unredaction, relation should not be gone for moderator."

# and when accessed via history
Expand All @@ -259,7 +293,7 @@ def test_unredact_relation_moderator
auth_header = bearer_authorization_header

# check normal user can now see the redacted data
get api_old_relation_path(relation_v1.relation_id, relation_v1.version), :headers => auth_header
get api_relation_version_path(relation_v1.relation_id, relation_v1.version), :headers => auth_header
assert_response :success, "After redaction, node should not be gone for normal user."

# and when accessed via history
Expand Down Expand Up @@ -321,7 +355,7 @@ def do_redact_redactable_relation(headers = {})
end

def do_redact_relation(relation, redaction, headers = {})
get api_old_relation_path(relation.relation_id, relation.version)
get api_relation_version_path(relation.relation_id, relation.version)
assert_response :success, "should be able to get version #{relation.version} of relation #{relation.relation_id}."

# now redact it
Expand Down
Loading

0 comments on commit f2ed3c1

Please sign in to comment.