Andreas/tracks
1
0
Fork 0
mirror of https://github.com/TracksApp/tracks.git synced 2025-12-29 13:28:49 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #2208 from ZeiP/feature/2203_api_token

Browse source 
#2203: Allow using REST API with token
This commit is contained in:
Matt Rogers 2019-05-04 14:49:24 -05:00 committed by GitHub
commit 2c627be0cc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 9 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

4
app/controllers/contexts_controller.rb
View file

@ -4,8 +4,8 @@ class ContextsController < ApplicationController
before_action :init, :except => [:index, :create, :destroy, :order]
before_action :set_context_from_params, :only => [:update, :destroy]
skip_before_action :login_required, :only => [:index]
prepend_before_action :login_or_feed_token_required, :only => [:index]
skip_before_action :login_required, :only => [:index, :show]
prepend_before_action :login_or_feed_token_required, :only => [:index, :show]
def index
@all_contexts = current_user.contexts

4
app/controllers/projects_controller.rb
View file

@ -4,8 +4,8 @@ class ProjectsController < ApplicationController
before_action :set_source_view
before_action :set_project_from_params, :only => [:update, :destroy, :show, :edit, :set_reviewed]
before_action :default_context_filter, :only => [:create, :update]
skip_before_action :login_required, :only => [:index]
prepend_before_action :login_or_feed_token_required, :only => [:index]
skip_before_action :login_required, :only => [:index, :show]
prepend_before_action :login_or_feed_token_required, :only => [:index, :show]
def index
@source_view = params['_source_view'] || 'project_list'

4
app/controllers/todos_controller.rb
View file

@ -1,7 +1,7 @@
class TodosController < ApplicationController
skip_before_action :login_required, :only => [:index, :tag]
prepend_before_action :login_or_feed_token_required, :only => [:index, :tag]
skip_before_action :login_required, :only => [:index, :tag, :list_deferred, :show, :list_hidden, :done]
prepend_before_action :login_or_feed_token_required, :only => [:index, :tag, :list_deferred, :show, :list_hidden, :done]
append_before_action :find_and_activate_ready, :only => [:index, :list_deferred]
protect_from_forgery :except => :check_deferred

2
lib/login_system.rb
View file

@ -71,7 +71,7 @@ module LoginSystem
end
def login_or_feed_token_required
if ['rss', 'atom', 'txt', 'ics'].include?(params[:format])
if ['rss', 'atom', 'txt', 'ics', 'xml'].include?(params[:format])
if user = User.where(:token => params[:token]).first
set_current_user(user)
return true

4
test/controllers/projects_controller_test.rb
View file

@ -260,10 +260,10 @@ class ProjectsControllerTest < ActionController::TestCase
assert_response 401
end
def test_xml_not_accessible_to_anonymous_user_with_valid_token
def test_xml_accessible_to_anonymous_user_with_valid_token
login_as nil
get :index, params: { :format => "xml", :token => users(:admin_user).token }
assert_response 401
assert_response :ok
end
end