From: Andy Allan <git@gravitystorm.co.uk>
Date: Wed, 9 Jan 2019 09:32:57 +0000 (+0100)
Subject: Use CanCanCan for swf controller
X-Git-Tag: live~2778^2
X-Git-Url: https://git.openstreetmap.org/rails.git/commitdiff_plain/73201ca96be48a5113283709904ac29a6fee9cc8

Use CanCanCan for swf controller
---

diff --git a/app/abilities/ability.rb b/app/abilities/ability.rb
index fa0e30f03..c182af605 100644
--- a/app/abilities/ability.rb
+++ b/app/abilities/ability.rb
@@ -15,6 +15,7 @@ class Ability
     can [:index, :create, :comment, :feed, :show, :search, :mine], Note
     can [:index, :show], Redaction
     can [:search_all, :search_nodes, :search_ways, :search_relations], :search
+    can [:trackpoints], :swf
     can [:terms, :api_users, :login, :logout, :new, :create, :save, :confirm, :confirm_resend, :confirm_email, :lost_password, :reset_password, :show, :api_read, :auth_success, :auth_failure], User
     can [:index, :show, :blocks_on, :blocks_by], UserBlock
 
diff --git a/app/controllers/swf_controller.rb b/app/controllers/swf_controller.rb
index 96237f029..1a424c387 100644
--- a/app/controllers/swf_controller.rb
+++ b/app/controllers/swf_controller.rb
@@ -1,6 +1,7 @@
 class SwfController < ApplicationController
   skip_before_action :verify_authenticity_token
   before_action :check_api_readable
+  authorize_resource :class => false
 
   # to log:
   # RAILS_DEFAULT_LOGGER.error("Args: #{args[0]}, #{args[1]}, #{args[2]}, #{args[3]}")