updated cors and csrf settings

4612cc91 · John Doe · 48195675 · 4612cc91 · 4612cc91 · 4612cc91
Commit 4612cc91 authored Jan 15, 2017 by John Doe
Showing with 15 additions and 3 deletions
app/controllers/application_controller.rb
app/controllers/db_folders_controller.rb
app/models/db_folder.rb
config/environments/development.rb
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -4,5 +4,5 @@
 class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
-  protect_from_forgery with: :exception
+  protect_from_forgery with: :null_session
 end
--- a/app/controllers/db_folders_controller.rb
+++ b/app/controllers/db_folders_controller.rb
@@ -7,4 +7,16 @@ class DbFoldersController < ApplicationController
    render json: folder, shallow: false
  end

+  def update
+    folder = DbFolder.find(params[:id])
+    folder.update!(folder_params)
+    render json: folder
+  end
+
+  private
+    def folder_params
+      params.permit(:name, :description,:hidden)
+    end
+
+
 end
--- a/app/models/db_folder.rb
+++ b/app/models/db_folder.rb
@@ -28,7 +28,7 @@ class DbFolder < ActiveRecord::Base
    folder = super(except: [:created_at, :updated_at])
    if(options[:shallow]== false)
      folder[:subfolders] = subfolders.map(&:as_json)
-      folder[:streams] = db_streams.map(&:as_json)
+      folder[:streams] = db_streams.includes(:db_elements,:db_decimations).map(&:as_json)
    end
    folder
  end

--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@@ -43,7 +43,7 @@ Rails.application.configure do
  config.middleware.insert_before 0, Rack::Cors do
    allow do
      origins '*'
-      resource '*', headers: :any, methods: [:get, :post, :options]
+      resource '*', headers: :any, methods: [:get, :post, :options, :put]
    end
  end
 end