mirror of
https://github.com/glitch-soc/mastodon.git
synced 2024-11-25 17:44:14 -05:00
62c6e12fa5
Fixes #17898 Since #17204, the admin API has only been available through the web application because of the unconditional requirement to provide a valid CSRF token. This commit changes it back to `null_session`, which should make it work both with session-based authentication (provided a CSRF token) and with a bearer token.
24 lines
528 B
Ruby
24 lines
528 B
Ruby
# frozen_string_literal: true
|
|
|
|
class Api::V1::Admin::DimensionsController < Api::BaseController
|
|
before_action -> { authorize_if_got_token! :'admin:read' }
|
|
before_action :require_staff!
|
|
before_action :set_dimensions
|
|
|
|
def create
|
|
render json: @dimensions, each_serializer: REST::Admin::DimensionSerializer
|
|
end
|
|
|
|
private
|
|
|
|
def set_dimensions
|
|
@dimensions = Admin::Metrics::Dimension.retrieve(
|
|
params[:keys],
|
|
params[:start_at],
|
|
params[:end_at],
|
|
params[:limit],
|
|
params
|
|
)
|
|
end
|
|
end
|