Add possibility to anonymous to refresh feeds

Obviously, it's optional! (and deactivate by default) Need some more tests? See #351
author: Marien Fressinaud <dev@marienfressinaud.fr> 2014-02-13 21:45:25 +0100
committer: Marien Fressinaud <dev@marienfressinaud.fr> 2014-02-13 21:45:25 +0100
commit: 4dd673157b05fea5fe3643f16e22d01bbf005fe9 (patch)
tree: f380194b02b8127d813aed61252e8210ec5861db /app/Controllers/feedController.php
parent: b77d9c60ac0cc6614ccc2711ab647d5e0a5037ed (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/app/Controllers/feedController.php b/app/Controllers/feedController.php
index 264607216..7114fc196 100755
--- a/app/Controllers/feedController.php
+++ b/app/Controllers/feedController.php
@@ -7,7 +7,9 @@ class FreshRSS_feed_Controller extends Minz_ActionController {
 			$token_param = Minz_Request::param ('token', '');
 			$token_is_ok = ($token != '' && $token == $token_param);
 			$action = Minz_Request::actionName ();
-			if (!($token_is_ok && $action === 'actualize')) {
+			if (!(($token_is_ok || Minz_Configuration::allowAnonymousRefresh()) &&
+				$action === 'actualize')
+			) {
 				Minz_Error::error (
 					403,
 					array ('error' => array (Minz_Translate::t ('access_denied')))
author	Marien Fressinaud <dev@marienfressinaud.fr>	2014-02-13 21:45:25 +0100
committer	Marien Fressinaud <dev@marienfressinaud.fr>	2014-02-13 21:45:25 +0100
commit	4dd673157b05fea5fe3643f16e22d01bbf005fe9 (patch)
tree	f380194b02b8127d813aed61252e8210ec5861db /app/Controllers/feedController.php
parent	b77d9c60ac0cc6614ccc2711ab647d5e0a5037ed (diff)