app/controllers/scrivito/webservice_controller.rb in scrivito_sdk-1.6.1 vs app/controllers/scrivito/webservice_controller.rb in scrivito_sdk-1.7.0.rc1
- old
+ new
@@ -7,13 +7,13 @@
@error = error
@timestamp = Time.zone.now
render 'scrivito/webservice/error', formats: :json, status: error.http_code
end
- before_filter :verify_authenticity_token_for_every_request
- before_filter :merge_correctly_parsed_json_params
- before_filter :authorize
+ before_action :verify_authenticity_token_for_every_request
+ before_action :merge_correctly_parsed_json_params if Scrivito::LegacySwitch.rails4?
+ before_action :authorize
private
# similar to Rails' verify_authenticity_token, but also protects GET and HEAD
def verify_authenticity_token_for_every_request
@@ -63,14 +63,10 @@
def authorize_workspace_access(verb, workspace)
can_user_access_workspace?(verb, workspace) ? yield : render_forbidden
end
def render_forbidden
- render text: 'Forbidden', status: 403
- end
-
- def render_empty_json
- render 'scrivito/webservice/empty', formats: :json
+ render plain: 'Forbidden', status: 403
end
def can_user_read_workspace?(workspace)
can_user_access_workspace?(:read, workspace)
end