diff options
author | azul <azul@leap.se> | 2014-07-17 12:16:07 +0200 |
---|---|---|
committer | azul <azul@leap.se> | 2014-07-17 12:16:07 +0200 |
commit | ade74d8a9091ae607586d7b287a0579a2ee7af8e (patch) | |
tree | 74273b8ba7e35d0fb3c96aa79e63c93086d15146 /app/controllers/v1/users_controller.rb | |
parent | 952bc18e8333ca5c3e6e16f8059f84a1414d5f6f (diff) | |
parent | e86cccb4b89540f3bd403110d051b2723be781b9 (diff) |
Merge pull request #176 from azul/feature/api-authenticated-configs
API: Authenticated access to config settings
Diffstat (limited to 'app/controllers/v1/users_controller.rb')
-rw-r--r-- | app/controllers/v1/users_controller.rb | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/app/controllers/v1/users_controller.rb b/app/controllers/v1/users_controller.rb index abaefd8..bfa04fc 100644 --- a/app/controllers/v1/users_controller.rb +++ b/app/controllers/v1/users_controller.rb @@ -1,10 +1,10 @@ module V1 - class UsersController < UsersBaseController + class UsersController < ApiController + include ControllerExtension::FetchUser - skip_before_filter :verify_authenticity_token before_filter :fetch_user, :only => [:update] before_filter :require_admin, :only => [:index] - before_filter :require_token, :only => [:update] + before_filter :require_login, :only => [:index, :update] before_filter :require_registration_allowed, only: :create respond_to :json @@ -29,11 +29,12 @@ module V1 respond_with @user end + protected + def require_registration_allowed unless APP_CONFIG[:allow_registration] head :forbidden end end - end end |