From: Andy Allan Date: Wed, 9 Jan 2019 09:26:12 +0000 (+0100) Subject: Skip authorization checks for amf controller X-Git-Tag: live~3269^2~1 X-Git-Url: https://git.openstreetmap.org./rails.git/commitdiff_plain/18e418cc4c01ba1ea17daa1bf114e1fd05328df1?ds=sidebyside;hp=89399c5ba1926a6c50662a8c9ac7f5fe0cf1f730 Skip authorization checks for amf controller --- diff --git a/app/controllers/amf_controller.rb b/app/controllers/amf_controller.rb index 4f6adae5d..fdad432a8 100644 --- a/app/controllers/amf_controller.rb +++ b/app/controllers/amf_controller.rb @@ -41,6 +41,11 @@ class AmfController < ApplicationController skip_before_action :verify_authenticity_token before_action :check_api_writable + # AMF Controller implements its own authentication and authorization checks + # completely independently of the rest of the codebase, so best just to let + # it keep doing its own thing. + skip_authorization_check + # Main AMF handlers: process the raw AMF string (using AMF library) and # calls each action (private method) accordingly.