62c6e12fa5
Fixes #17898 Since #17204, the admin API has only been available through the web application because of the unconditional requirement to provide a valid CSRF token. This commit changes it back to `null_session`, which should make it work both with session-based authentication (provided a CSRF token) and with a bearer token.
21 lines
484 B
Ruby
21 lines
484 B
Ruby
# frozen_string_literal: true
|
|
|
|
class Api::V1::Admin::RetentionController < Api::BaseController
|
|
before_action -> { authorize_if_got_token! :'admin:read' }
|
|
before_action :require_staff!
|
|
before_action :set_cohorts
|
|
|
|
def create
|
|
render json: @cohorts, each_serializer: REST::Admin::CohortSerializer
|
|
end
|
|
|
|
private
|
|
|
|
def set_cohorts
|
|
@cohorts = Admin::Metrics::Retention.new(
|
|
params[:start_at],
|
|
params[:end_at],
|
|
params[:frequency]
|
|
).cohorts
|
|
end
|
|
end
|