Page Menu
Home
GRNET
Search
Configure Global Search
Log In
Files
F1614985
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Sat, Mar 21, 1:03 PM
Size
1 KB
Mime Type
text/x-diff
Expires
Mon, Mar 23, 1:03 PM (1 d, 4 h)
Engine
blob
Format
Raw Data
Handle
354250
Attached To
rARCHIVING archiving
View Options
diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb
index d7a8806..0a1e0bb 100644
--- a/app/controllers/api/base_controller.rb
+++ b/app/controllers/api/base_controller.rb
@@ -1,33 +1,33 @@
class Api::BaseController < ApplicationController
skip_before_action :verify_authenticity_token
respond_to :json
helper_method :current_api_user, :api_render
rescue_from ActiveRecord::RecordNotFound do
render json: {msg: 'resource not found'}, status: :not_found
end
# Returns a 403 forbidden header if there is no associated user with the provided token
def require_api_login
unless current_api_user
head :forbidden
end
end
protected
# Fetches the current user based on the provided token
def current_api_user
@current_api_user ||=
if token = request.env['HTTP_API_TOKEN'].presence
- User.find_by(token: token)
+ User.where(enabled: true).find_by(token: token)
end
end
# Wrapper method to simplify object rendering for api
def api_render(object)
render json: object.to_json(for_api: true)
end
end
Event Timeline
Log In to Comment