Revision 7500537e
Added by Timo Goebel about 5 years ago
app/controllers/api/base_controller.rb | ||
---|---|---|
# TODO: inherit from application controller after cleanup
|
||
class BaseController < ActionController::Base
|
||
include ApplicationShared
|
||
include Foreman::Controller::RequireSsl
|
||
include Foreman::Controller::ApiCsrfProtection
|
||
include Foreman::Controller::BruteforceProtection
|
||
|
||
protect_from_forgery
|
||
force_ssl :if => :require_ssl?
|
||
skip_before_action :verify_authenticity_token, :unless => :protect_api_from_forgery?
|
||
|
||
before_action :set_default_response_format, :authorize, :set_taxonomy, :add_version_header, :set_gettext_locale
|
||
before_action :session_expiry, :update_activity_time
|
||
around_action :set_timezone
|
||
... | ... | |
|
||
protected
|
||
|
||
def require_ssl?
|
||
SETTINGS[:require_ssl]
|
||
end
|
||
|
||
def not_found(options = nil)
|
||
not_found_message = {}
|
||
|
||
... | ... | |
base_scope.order("CASE WHEN #{field_query} THEN 1 ELSE 0 END")
|
||
end
|
||
|
||
def protect_api_from_forgery?
|
||
session[:user].present? && !session[:api_authenticated_session]
|
||
end
|
||
|
||
def parameter_filter_context
|
||
Foreman::ParameterFilter::Context.new(:api, controller_name, params[:action])
|
||
end
|
Also available in: Unified diff
fixes #26532 - graphql supports ui sessions