From d3ba80c84e17bf58b04bf6ca08dd3109842d1d43 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Sat, 4 May 2019 20:31:32 +0300 Subject: [PATCH] #2203: Allow using REST API with token --- app/controllers/contexts_controller.rb | 4 ++-- app/controllers/projects_controller.rb | 4 ++-- app/controllers/todos_controller.rb | 4 ++-- lib/login_system.rb | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/app/controllers/contexts_controller.rb b/app/controllers/contexts_controller.rb index b4763dd6..b8feeb6e 100644 --- a/app/controllers/contexts_controller.rb +++ b/app/controllers/contexts_controller.rb @@ -4,8 +4,8 @@ class ContextsController < ApplicationController before_action :init, :except => [:index, :create, :destroy, :order] before_action :set_context_from_params, :only => [:update, :destroy] - skip_before_action :login_required, :only => [:index] - prepend_before_action :login_or_feed_token_required, :only => [:index] + skip_before_action :login_required, :only => [:index, :show] + prepend_before_action :login_or_feed_token_required, :only => [:index, :show] def index @all_contexts = current_user.contexts diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index b2b5ec6e..ee9f151a 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -4,8 +4,8 @@ class ProjectsController < ApplicationController before_action :set_source_view before_action :set_project_from_params, :only => [:update, :destroy, :show, :edit, :set_reviewed] before_action :default_context_filter, :only => [:create, :update] - skip_before_action :login_required, :only => [:index] - prepend_before_action :login_or_feed_token_required, :only => [:index] + skip_before_action :login_required, :only => [:index, :show] + prepend_before_action :login_or_feed_token_required, :only => [:index, :show] def index @source_view = params['_source_view'] || 'project_list' diff --git a/app/controllers/todos_controller.rb b/app/controllers/todos_controller.rb index 4d0ab8f5..76412a6e 100644 --- a/app/controllers/todos_controller.rb +++ b/app/controllers/todos_controller.rb @@ -1,7 +1,7 @@ class TodosController < ApplicationController - skip_before_action :login_required, :only => [:index, :tag] - prepend_before_action :login_or_feed_token_required, :only => [:index, :tag] + skip_before_action :login_required, :only => [:index, :tag, :list_deferred, :show, :list_hidden, :done] + prepend_before_action :login_or_feed_token_required, :only => [:index, :tag, :list_deferred, :show, :list_hidden, :done] append_before_action :find_and_activate_ready, :only => [:index, :list_deferred] protect_from_forgery :except => :check_deferred diff --git a/lib/login_system.rb b/lib/login_system.rb index 1d3f6b0a..a3dfe2df 100644 --- a/lib/login_system.rb +++ b/lib/login_system.rb @@ -71,7 +71,7 @@ module LoginSystem end def login_or_feed_token_required - if ['rss', 'atom', 'txt', 'ics'].include?(params[:format]) + if ['rss', 'atom', 'txt', 'ics', 'xml'].include?(params[:format]) if user = User.where(:token => params[:token]).first set_current_user(user) return true