updated cors and csrf settings

app/controllers/application_controller.rb

@@ -4,5 +4,5 @@
 class ApplicationController < ActionController::Base
 class ApplicationController < ActionController::Base
   # Prevent CSRF attacks by raising an exception.
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
   # For APIs, you may want to use :null_session instead.
-  protect_from_forgery with: :exception
+  protect_from_forgery with: :null_session
 end
 end

app/controllers/db_folders_controller.rb

@@ -7,4 +7,16 @@ class DbFoldersController < ApplicationController
     render json: folder, shallow: false
     render json: folder, shallow: false
   end
   end
 
 
+  def update
+    folder = DbFolder.find(params[:id])
+    folder.update!(folder_params)
+    render json: folder
+  end
+
+  private
+    def folder_params
+      params.permit(:name, :description,:hidden)
+    end
+
+
 end
 end

app/models/db_folder.rb

@@ -28,7 +28,7 @@ class DbFolder < ActiveRecord::Base
     folder = super(except: [:created_at, :updated_at])
     folder = super(except: [:created_at, :updated_at])
     if(options[:shallow]== false)
     if(options[:shallow]== false)
       folder[:subfolders] = subfolders.map(&:as_json)
       folder[:subfolders] = subfolders.map(&:as_json)
-      folder[:streams] = db_streams.map(&:as_json)
+      folder[:streams] = db_streams.includes(:db_elements,:db_decimations).map(&:as_json)
     end
     end
     folder
     folder
   end
   end

config/environments/development.rb

@@ -43,7 +43,7 @@ Rails.application.configure do
   config.middleware.insert_before 0, Rack::Cors do
   config.middleware.insert_before 0, Rack::Cors do
     allow do
     allow do
       origins '*'
       origins '*'
-      resource '*', headers: :any, methods: [:get, :post, :options]
+      resource '*', headers: :any, methods: [:get, :post, :options, :put]
     end
     end
   end
   end
 end
 end