X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/fd6f00b069af5a7b87227ea4c3401dc461d7311a..e338d1140884bb2bf3ed1b8fc85c890d0937ef8c:/app/controllers/user_preference_controller.rb?ds=sidebyside diff --git a/app/controllers/user_preference_controller.rb b/app/controllers/user_preference_controller.rb index 59573047a..377e78313 100644 --- a/app/controllers/user_preference_controller.rb +++ b/app/controllers/user_preference_controller.rb @@ -1,6 +1,9 @@ # Update and read user preferences, which are arbitrayr key/val pairs class UserPreferenceController < ApplicationController + skip_before_filter :verify_authenticity_token before_filter :authorize + before_filter :require_allow_read_prefs, :only => [:read_one, :read] + before_filter :require_allow_write_prefs, :except => [:read_one, :read] def read_one pref = UserPreference.find(@user.id, params[:preference_key])