From 4ec993cd4d45f94bd27b748683998ae3f006d48c Mon Sep 17 00:00:00 2001
From: Ryan Arakawa <arakawa.ryan@gmail.com>
Date: Tue, 8 Jul 2025 10:32:41 -0500
Subject: [PATCH] skip some CSRF stuff

We'll properly implement authentication later
---
 app/controllers/email_smtp_settings_controller.rb | 1 +
 app/controllers/submissions_controller.rb         | 1 +
 app/controllers/template_documents_controller.rb  | 1 +
 3 files changed, 3 insertions(+)

diff --git a/app/controllers/email_smtp_settings_controller.rb b/app/controllers/email_smtp_settings_controller.rb
index 766a9545..972765f3 100644
--- a/app/controllers/email_smtp_settings_controller.rb
+++ b/app/controllers/email_smtp_settings_controller.rb
@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 class EmailSmtpSettingsController < ApplicationController
+  skip_before_action :verify_authenticity_token
   before_action :load_encrypted_config
   authorize_resource :encrypted_config, only: :index
   authorize_resource :encrypted_config, parent: false, only: :create
diff --git a/app/controllers/submissions_controller.rb b/app/controllers/submissions_controller.rb
index c411b5df..389e9591 100644
--- a/app/controllers/submissions_controller.rb
+++ b/app/controllers/submissions_controller.rb
@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 class SubmissionsController < ApplicationController
+  skip_before_action :verify_authenticity_token
   before_action :load_template, only: %i[new create]
   authorize_resource :template, only: %i[new create]
 
diff --git a/app/controllers/template_documents_controller.rb b/app/controllers/template_documents_controller.rb
index abd72010..7144f5e0 100644
--- a/app/controllers/template_documents_controller.rb
+++ b/app/controllers/template_documents_controller.rb
@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 class TemplateDocumentsController < ApplicationController
+  skip_before_action :verify_authenticity_token
   load_and_authorize_resource :template
 
   def create