projects
/
arvados.git
/ blobdiff
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
20284: Fix test and update code comment.
[arvados.git]
/
services
/
api
/
app
/
controllers
/
application_controller.rb
diff --git
a/services/api/app/controllers/application_controller.rb
b/services/api/app/controllers/application_controller.rb
index b1915502404811177dfef15c605ff42db52df2d6..b1e2a4008fe8943c29a08dcfc5be25e302dfc280 100644
(file)
--- a/
services/api/app/controllers/application_controller.rb
+++ b/
services/api/app/controllers/application_controller.rb
@@
-29,6
+29,9
@@
class ApplicationController < ActionController::Base
include DbCurrentTime
respond_to :json
include DbCurrentTime
respond_to :json
+
+ # Although CSRF protection is already enabled by default, this is
+ # still needed to reposition CSRF checks later in callback order.
protect_from_forgery
ERROR_ACTIONS = [:render_error, :render_not_found]
protect_from_forgery
ERROR_ACTIONS = [:render_error, :render_not_found]
@@
-120,7
+123,7
@@
class ApplicationController < ActionController::Base
attrs_to_update = resource_attrs.reject { |k,v|
[:kind, :etag, :href].index k
}
attrs_to_update = resource_attrs.reject { |k,v|
[:kind, :etag, :href].index k
}
- @object.update
_attributes
! attrs_to_update
+ @object.update! attrs_to_update
show
end
show
end