skip some CSRF stuff

We'll properly implement authentication later
4 months ago · 4ec993cd4d
parent eaeb5ad07f
commit 4ec993cd4d
3 changed files with 3 additions and 0 deletions
--- a/app/controllers/email_smtp_settings_controller.rb
+++ b/app/controllers/email_smtp_settings_controller.rb
@ -1,6 +1,7 @@
 # frozen_string_literal: true

 class EmailSmtpSettingsController < ApplicationController
+  skip_before_action :verify_authenticity_token
  before_action :load_encrypted_config
  authorize_resource :encrypted_config, only: :index
  authorize_resource :encrypted_config, parent: false, only: :create
--- a/app/controllers/submissions_controller.rb
+++ b/app/controllers/submissions_controller.rb
@ -1,6 +1,7 @@
 # frozen_string_literal: true

 class SubmissionsController < ApplicationController
+  skip_before_action :verify_authenticity_token
  before_action :load_template, only: %i[new create]
  authorize_resource :template, only: %i[new create]

--- a/app/controllers/template_documents_controller.rb
+++ b/app/controllers/template_documents_controller.rb
@ -1,6 +1,7 @@
 # frozen_string_literal: true

 class TemplateDocumentsController < ApplicationController
+  skip_before_action :verify_authenticity_token
  load_and_authorize_resource :template

  def create