From e51702c9872b645a74fd370ea5fa2a77704c3933 Mon Sep 17 00:00:00 2001 From: Ryan Phelps Date: Sat, 16 Jul 2011 12:20:25 -0700 Subject: [PATCH 1/2] Pass CSRF token in event creation. --- public/javascripts/events.js | 3 +++ 1 file changed, 3 insertions(+) diff --git a/public/javascripts/events.js b/public/javascripts/events.js index 072ca0d..9d691c5 100644 --- a/public/javascripts/events.js +++ b/public/javascripts/events.js @@ -469,6 +469,9 @@ var Events = { options.method = "post"; options.contentType = "application/xml"; + options.requestHeaders = { + 'X-CSRF-Token': $F(form['authenticity_token']) + }; options.postBody = Events.buildXMLStringFor(Events.serialize(form)); return new Ajax.Request(action, options); From 8bbc8b0789c24e8abdc0fb80330b43b2bebfa856 Mon Sep 17 00:00:00 2001 From: Ryan Phelps Date: Sat, 30 Jul 2011 13:19:02 -0700 Subject: [PATCH 2/2] Fix event recall. --- app/controllers/events_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/events_controller.rb b/app/controllers/events_controller.rb index 4cf2c24..f93cae9 100644 --- a/app/controllers/events_controller.rb +++ b/app/controllers/events_controller.rb @@ -8,7 +8,7 @@ class EventsController < ApplicationController def index respond_to do |format| format.js do - json = events.to_json(eager_options(:root => "events", :include => { :tagged_items => { :only => [:amount, :id], :methods => :name }, :line_items => { :only => [:account_id, :bucket_id, :amount, :role], :methods => [] }})) + json = events.to_json(eager_options(:root => "event", :include => { :tagged_items => { :only => [:amount, :id], :methods => :name }, :line_items => { :only => [:account_id, :bucket_id, :amount, :role], :methods => [] }})) render :update do |page| page << "Events.doneLoadingRecalledEvents(#{json})"