Change search API to be accessible without being logged in (#18963)

author Eugen Rochko <eugen@zeonfederated.com>

Sun, 28 Aug 2022 01:45:19 +0000 (03:45 +0200)

committer aescling <aescling+gitlab@cat.family>

Thu, 17 Nov 2022 02:55:27 +0000 (21:55 -0500)
author Eugen Rochko <eugen@zeonfederated.com>
Sun, 28 Aug 2022 01:45:19 +0000 (03:45 +0200)
committer aescling <aescling+gitlab@cat.family>
Thu, 17 Nov 2022 02:55:27 +0000 (21:55 -0500)
diff --git a/app/controllers/api/v2/search_controller.rb b/app/controllers/api/v2/search_controller.rb

index 116f53618049d3fab795e419ef3f5c3ce52ced40..51335f4a607d0add714044b620340c1857fb3fb8 100644 (file)
--- a/app/controllers/api/v2/search_controller.rb
+++ b/app/controllers/api/v2/search_controller.rb
@@ -5,8 +5,7 @@ class Api::V2::SearchController < Api::BaseController
  
    RESULTS_LIMIT = (ENV['MAX_SEARCH_RESULTS'] || 20).to_i
  
-  before_action -> { doorkeeper_authorize! :read, :'read:search' }
-  before_action :require_user!
+  before_action -> { authorize_if_got_token! :read, :'read:search' }
  
    def index
      @search = Search.new(search_results)
@@ -30,7 +29,7 @@ class Api::V2::SearchController < Api::BaseController
        params[:q],
        current_account,
        limit_param(RESULTS_LIMIT),
-      search_params.merge(resolve: truthy_param?(:resolve), exclude_unreviewed: truthy_param?(:exclude_unreviewed))
+      search_params.merge(resolve: user_signed_in? ? truthy_param?(:resolve) : false, exclude_unreviewed: truthy_param?(:exclude_unreviewed))
      )
    end
author	Eugen Rochko <eugen@zeonfederated.com>
	Sun, 28 Aug 2022 01:45:19 +0000 (03:45 +0200)
committer	aescling <aescling+gitlab@cat.family>
	Thu, 17 Nov 2022 02:55:27 +0000 (21:55 -0500)