There is no need to do setup_user_auth and authorize for the same action

author Tom Hughes <tom@compton.nu>

Fri, 8 Jul 2022 08:48:00 +0000 (09:48 +0100)

committer Tom Hughes <tom@compton.nu>

Fri, 8 Jul 2022 15:38:51 +0000 (16:38 +0100)
author Tom Hughes <tom@compton.nu>
Fri, 8 Jul 2022 08:48:00 +0000 (09:48 +0100)
committer Tom Hughes <tom@compton.nu>
Fri, 8 Jul 2022 15:38:51 +0000 (16:38 +0100)
diff --git a/app/controllers/api/notes_controller.rb b/app/controllers/api/notes_controller.rb

index 7454e7f19387ee178c97ce8efb8f751b2bb4972d..d21a6449781e8779009e7bedb7be71159a887630 100644 (file)
--- a/app/controllers/api/notes_controller.rb
+++ b/app/controllers/api/notes_controller.rb
@@ -2,7 +2,7 @@ module Api
    class NotesController < ApiController
      before_action :check_api_readable
      before_action :check_api_writable, :only => [:create, :comment, :close, :reopen, :destroy]
-    before_action :setup_user_auth, :only => [:create, :comment, :show]
+    before_action :setup_user_auth, :only => [:create, :show]
      before_action :authorize, :only => [:close, :reopen, :destroy, :comment]
  
      authorize_resource
author	Tom Hughes <tom@compton.nu>
	Fri, 8 Jul 2022 08:48:00 +0000 (09:48 +0100)
committer	Tom Hughes <tom@compton.nu>
	Fri, 8 Jul 2022 15:38:51 +0000 (16:38 +0100)