- layout 'site'
- require 'xml/libxml'
-
- before_filter :authorize_web, :only => [:list]
- before_filter :set_locale, :only => [:list]
- before_filter :authorize, :only => [:create, :update, :delete, :upload, :include, :close]
- before_filter :require_allow_write_api, :only => [:create, :update, :delete, :upload, :include, :close]
- before_filter :require_public_data, :only => [:create, :update, :delete, :upload, :include, :close]
- before_filter :check_api_writable, :only => [:create, :update, :delete, :upload, :include]
- before_filter :check_api_readable, :except => [:create, :update, :delete, :upload, :download, :query, :list]
- before_filter(:only => [:list]) { |c| c.check_database_readable(true) }
- after_filter :compress_output
- around_filter :api_call_handle_error, :except => [:list]
- around_filter :web_timeout, :only => [:list]
-
- # Help methods for checking boundary sanity and area size
- include MapBoundary
+ layout "site"
+ require "xml/libxml"
+
+ skip_before_action :verify_authenticity_token, :except => [:list]
+ before_action :authorize_web, :only => [:list, :feed, :comments_feed]
+ before_action :set_locale, :only => [:list, :feed, :comments_feed]
+ before_action :authorize, :only => [:create, :update, :delete, :upload, :include, :close, :comment, :subscribe, :unsubscribe, :hide_comment, :unhide_comment]
+ before_action :require_moderator, :only => [:hide_comment, :unhide_comment]
+ before_action :require_allow_write_api, :only => [:create, :update, :delete, :upload, :include, :close, :comment, :subscribe, :unsubscribe, :hide_comment, :unhide_comment]
+ before_action :require_public_data, :only => [:create, :update, :delete, :upload, :include, :close, :comment, :subscribe, :unsubscribe]
+ before_action :check_api_writable, :only => [:create, :update, :delete, :upload, :include, :comment, :subscribe, :unsubscribe, :hide_comment, :unhide_comment]
+ before_action :check_api_readable, :except => [:create, :update, :delete, :upload, :download, :query, :list, :feed, :comment, :subscribe, :unsubscribe, :comments_feed]
+ before_action(:only => [:list, :feed, :comments_feed]) { |c| c.check_database_readable(true) }
+ after_action :compress_output
+ around_action :api_call_handle_error, :except => [:list, :feed, :comments_feed]
+ around_action :web_timeout, :only => [:list, :feed, :comments_feed]