cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Only check IP addresses for anonymous note comments

Browse source
This commit is contained in:
Tom Hughes 2018-12-05 12:54:55 +00:00
parent f434b68d2f
commit cbc4c5352d
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/controllers/notes_controller.rb
View file

@ -55,7 +55,7 @@ class NotesController < ApplicationController
# Create a new note
def create
# Check the ACLs
raise OSM::APIAccessDenied if Acl.no_note_comment(request.remote_ip)
raise OSM::APIAccessDenied if current_user.nil? && Acl.no_note_comment(request.remote_ip)
# Check the arguments are sane
raise OSM::APIBadUserInput, "No lat was given" unless params[:lat]
@ -91,7 +91,7 @@ class NotesController < ApplicationController
# Add a comment to an existing note
def comment
# Check the ACLs
raise OSM::APIAccessDenied if Acl.no_note_comment(request.remote_ip)
raise OSM::APIAccessDenied if current_user.nil? && Acl.no_note_comment(request.remote_ip)
# Check the arguments are sane
raise OSM::APIBadUserInput, "No id was given" unless params[:id]