From 4dd673157b05fea5fe3643f16e22d01bbf005fe9 Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Thu, 13 Feb 2014 21:45:25 +0100
Subject: Add possibility to anonymous to refresh feeds

Obviously, it's optional! (and deactivate by default)
Need some more tests?
See #351
---
 app/Controllers/feedController.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'app/Controllers/feedController.php')

diff --git a/app/Controllers/feedController.php b/app/Controllers/feedController.php
index 264607216..7114fc196 100755
--- a/app/Controllers/feedController.php
+++ b/app/Controllers/feedController.php
@@ -7,7 +7,9 @@ class FreshRSS_feed_Controller extends Minz_ActionController {
 			$token_param = Minz_Request::param ('token', '');
 			$token_is_ok = ($token != '' && $token == $token_param);
 			$action = Minz_Request::actionName ();
-			if (!($token_is_ok && $action === 'actualize')) {
+			if (!(($token_is_ok || Minz_Configuration::allowAnonymousRefresh()) &&
+				$action === 'actualize')
+			) {
 				Minz_Error::error (
 					403,
 					array ('error' => array (Minz_Translate::t ('access_denied')))
-- 
cgit v1.2.3