From 73201ca96be48a5113283709904ac29a6fee9cc8 Mon Sep 17 00:00:00 2001
From: Andy Allan <git@gravitystorm.co.uk>
Date: Wed, 9 Jan 2019 10:32:57 +0100
Subject: [PATCH] Use CanCanCan for swf controller

---
 app/abilities/ability.rb          | 1 +
 app/controllers/swf_controller.rb | 1 +
 2 files changed, 2 insertions(+)

diff --git a/app/abilities/ability.rb b/app/abilities/ability.rb
index fa0e30f03..c182af605 100644
--- a/app/abilities/ability.rb
+++ b/app/abilities/ability.rb
@@ -15,6 +15,7 @@ class Ability
     can [:index, :create, :comment, :feed, :show, :search, :mine], Note
     can [:index, :show], Redaction
     can [:search_all, :search_nodes, :search_ways, :search_relations], :search
+    can [:trackpoints], :swf
     can [:terms, :api_users, :login, :logout, :new, :create, :save, :confirm, :confirm_resend, :confirm_email, :lost_password, :reset_password, :show, :api_read, :auth_success, :auth_failure], User
     can [:index, :show, :blocks_on, :blocks_by], UserBlock
 
diff --git a/app/controllers/swf_controller.rb b/app/controllers/swf_controller.rb
index 96237f029..1a424c387 100644
--- a/app/controllers/swf_controller.rb
+++ b/app/controllers/swf_controller.rb
@@ -1,6 +1,7 @@
 class SwfController < ApplicationController
   skip_before_action :verify_authenticity_token
   before_action :check_api_readable
+  authorize_resource :class => false
 
   # to log:
   # RAILS_DEFAULT_LOGGER.error("Args: #{args[0]}, #{args[1]}, #{args[2]}, #{args[3]}")
-- 
2.43.2