Skip authorization checks for amf controller

[rails.git] / app / controllers / amf_controller.rb

diff --git a/app/controllers/amf_controller.rb b/app/controllers/amf_controller.rb
index 4f6adae5da6b08dd38b763f5aff392e53d359ce2..fdad432a8d44802c592e309f54e95d0d9a334f4c 100644 (file)
--- a/app/controllers/amf_controller.rb
+++ b/app/controllers/amf_controller.rb
@@ -41,6 +41,11 @@ class AmfController < ApplicationController
   skip_before_action :verify_authenticity_token
   before_action :check_api_writable
 
+  # AMF Controller implements its own authentication and authorization checks
+  # completely independently of the rest of the codebase, so best just to let
+  # it keep doing its own thing.
+  skip_authorization_check
+
   # Main AMF handlers: process the raw AMF string (using AMF library) and
   # calls each action (private method) accordingly.