diff options
author | Bernhard Posselt <dev@bernhard-posselt.com> | 2014-04-09 01:59:42 +0200 |
---|---|---|
committer | Bernhard Posselt <dev@bernhard-posselt.com> | 2014-04-09 22:52:27 +0200 |
commit | 4637dcc4587ed0c3b1695568a3c8a3853d695c5d (patch) | |
tree | e1778a3ddbaa95568ab90c211d49925f4946d157 /api/folderapi.php | |
parent | 6d365e8083ecf67212203fe86fd1e1bf2b4ac281 (diff) |
migrate security annotations, please review
Diffstat (limited to 'api/folderapi.php')
-rw-r--r-- | api/folderapi.php | 30 |
1 files changed, 10 insertions, 20 deletions
diff --git a/api/folderapi.php b/api/folderapi.php index 67efa59ea..ba35462f5 100644 --- a/api/folderapi.php +++ b/api/folderapi.php @@ -56,10 +56,8 @@ class FolderAPI extends Controller { /** - * @IsAdminExemption - * @IsSubAdminExemption - * @CSRFExemption - * @Ajax + * @NoAdminRequired + * @NoCSRFRequired * @API */ public function getAll() { @@ -77,10 +75,8 @@ class FolderAPI extends Controller { /** - * @IsAdminExemption - * @IsSubAdminExemption - * @CSRFExemption - * @Ajax + * @NoAdminRequired + * @NoCSRFRequired * @API */ public function create() { @@ -109,11 +105,9 @@ class FolderAPI extends Controller { /** - * @IsAdminExemption - * @IsSubAdminExemption - * @CSRFExemption + * @NoAdminRequired + * @NoCSRFRequired * @API - * @Ajax */ public function delete() { $userId = $this->api->getUserId(); @@ -130,10 +124,8 @@ class FolderAPI extends Controller { /** - * @IsAdminExemption - * @IsSubAdminExemption - * @CSRFExemption - * @Ajax + * @NoAdminRequired + * @NoCSRFRequired * @API */ public function update() { @@ -161,10 +153,8 @@ class FolderAPI extends Controller { /** - * @IsAdminExemption - * @IsSubAdminExemption - * @CSRFExemption - * @Ajax + * @NoAdminRequired + * @NoCSRFRequired * @API */ public function read() { |