Skip authorization checks for amf controller

author Andy Allan <git@gravitystorm.co.uk>

Wed, 9 Jan 2019 09:26:12 +0000 (10:26 +0100)

committer Andy Allan <git@gravitystorm.co.uk>

Wed, 9 Jan 2019 09:26:12 +0000 (10:26 +0100)
author Andy Allan <git@gravitystorm.co.uk>
Wed, 9 Jan 2019 09:26:12 +0000 (10:26 +0100)
committer Andy Allan <git@gravitystorm.co.uk>
Wed, 9 Jan 2019 09:26:12 +0000 (10:26 +0100)
diff --git a/app/controllers/amf_controller.rb b/app/controllers/amf_controller.rb

index 4f6adae5da6b08dd38b763f5aff392e53d359ce2..fdad432a8d44802c592e309f54e95d0d9a334f4c 100644 (file)
--- a/app/controllers/amf_controller.rb
+++ b/app/controllers/amf_controller.rb
@@ -41,6 +41,11 @@ class AmfController < ApplicationController
    skip_before_action :verify_authenticity_token
    before_action :check_api_writable
  
+  # AMF Controller implements its own authentication and authorization checks
+  # completely independently of the rest of the codebase, so best just to let
+  # it keep doing its own thing.
+  skip_authorization_check
+
    # Main AMF handlers: process the raw AMF string (using AMF library) and
    # calls each action (private method) accordingly.
author	Andy Allan <git@gravitystorm.co.uk>
	Wed, 9 Jan 2019 09:26:12 +0000 (10:26 +0100)
committer	Andy Allan <git@gravitystorm.co.uk>
	Wed, 9 Jan 2019 09:26:12 +0000 (10:26 +0100)