diff options
author | Douwe Maan <douwe@selenight.nl> | 2017-08-02 18:20:31 +0200 |
---|---|---|
committer | Douwe Maan <douwe@selenight.nl> | 2017-08-02 18:20:31 +0200 |
commit | 14644d40e0852403ba71435bf3a949af00a7d569 (patch) | |
tree | b5f61f5233cbcfa76d5810a11ff5b9423a0c14b6 | |
parent | 6fe736f2c927340ed8cf827080db781f7c8adcdf (diff) | |
download | gitlab-ce-dm-api-current-user.tar.gz |
Do not validate CSRF token in API unless neededdm-api-current-user
-rw-r--r-- | lib/api/api.rb | 2 | ||||
-rw-r--r-- | lib/api/helpers.rb | 2 |
2 files changed, 3 insertions, 1 deletions
diff --git a/lib/api/api.rb b/lib/api/api.rb index 045a0db1842..ad278b251c7 100644 --- a/lib/api/api.rb +++ b/lib/api/api.rb @@ -48,8 +48,8 @@ module API end before { header['X-Frame-Options'] = 'SAMEORIGIN' } - before { Gitlab::I18n.locale = current_user&.preferred_language } + # The locale is set to the current user's locale when `current_user` is loaded after { Gitlab::I18n.use_default_locale } rescue_from Gitlab::Access::AccessDeniedError do diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index 234825480f2..99b8b62691f 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -16,6 +16,8 @@ module API @current_user = initial_current_user + Gitlab::I18n.locale = @current_user&.preferred_language + sudo! @current_user |