htwkmooc/codeocean
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Reduce skip_before_action usage

Browse Source
This commit is contained in:
Sebastian Serth
2022-08-17 00:54:20 +02:00
parent 90bcd25ff2
commit 01f6b0d16e
4 changed files with 4 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
app/controllers/comments_controller.rb
View File

@ -3,9 +3,6 @@
class CommentsController < ApplicationController
before_action :set_comment, only: %i[show update destroy]
# to disable authorization check: comment the line below back in
# skip_after_action :verify_authorized
def authorize!
authorize(@comment || @comments)
end

9
app/controllers/exercises_controller.rb
View File

@ -18,11 +18,9 @@ class ExercisesController < ApplicationController
before_action :set_course_token, only: [:implement]
before_action :set_available_tips, only: %i[implement show new edit]
skip_before_action :verify_authenticity_token,
only: %i[import_exercise import_uuid_check export_external_confirm export_external_check]
skip_after_action :verify_authorized, only: %i[import_exercise import_uuid_check export_external_confirm]
skip_after_action :verify_policy_scoped, only: %i[import_exercise import_uuid_check export_external_confirm],
raise: false
skip_before_action :verify_authenticity_token, only: %i[import_exercise import_uuid_check]
skip_after_action :verify_authorized, only: %i[import_exercise import_uuid_check]
skip_after_action :verify_policy_scoped, only: %i[import_exercise import_uuid_check], raise: false
def authorize!
authorize(@exercise || @exercises)
@ -129,6 +127,7 @@ class ExercisesController < ApplicationController
end
def export_external_confirm
authorize!
@exercise.uuid = SecureRandom.uuid if @exercise.uuid.nil?
error = ExerciseService::PushExternal.call(

1
app/controllers/internal_users_controller.rb
View File

@ -6,7 +6,6 @@ class InternalUsersController < ApplicationController
before_action :require_activation_token, only: :activate
before_action :require_reset_password_token, only: :reset_password
before_action :set_user, only: MEMBER_ACTIONS
skip_before_action :verify_authenticity_token, only: :activate
after_action :verify_authorized, except: %i[activate forgot_password reset_password]
def activate

1
app/controllers/submissions_controller.rb
View File

@ -13,7 +13,6 @@ class SubmissionsController < ApplicationController
before_action :set_files, only: %i[download show]
before_action :set_files_and_specific_file, only: %i[download_file render_file run test]
before_action :set_mime_type, only: %i[download_file render_file]
skip_before_action :verify_authenticity_token, only: %i[download_file render_file]
def create
@submission = Submission.new(submission_params)