git-svn-id: https://svn.redmine.org/redmine/branches/5.0-stable@21767
e93f8b46-1217-0410-a6f0-
8f06a7374b81
before_action :check_enabled
+ # Requests from repository WS clients don't contain CSRF tokens
+ skip_before_action :verify_authenticity_token
+
def projects
p = Project.active.has_module(:repository).
order("#{Project.table_name}.identifier").preload(:repository).to_a
assert_include 'Access denied', response.body
end
end
+
+ def test_should_skip_verify_authenticity_token
+ ActionController::Base.allow_forgery_protection = true
+ assert_nothing_raised {test_create_project_repository}
+ ensure
+ ActionController::Base.allow_forgery_protection = false
+ end
end