From 8c33668e81cf47b5b858c93c307de04e8683fc7c Mon Sep 17 00:00:00 2001
From: Louise Crow <louise.crow@gmail.com>
Date: Fri, 7 Nov 2014 16:19:19 +0000
Subject: Make clearing a profile photo a post-restricted action

---
 app/controllers/admin_user_controller.rb | 4 ----
 1 file changed, 4 deletions(-)

(limited to 'app/controllers')

diff --git a/app/controllers/admin_user_controller.rb b/app/controllers/admin_user_controller.rb
index 6031c816b..bbb5d002a 100644
--- a/app/controllers/admin_user_controller.rb
+++ b/app/controllers/admin_user_controller.rb
@@ -83,10 +83,6 @@ class AdminUserController < AdminController
     def clear_profile_photo
         @admin_user = User.find(params[:id])
 
-        if !request.post?
-            raise "Can only clear profile photo from POST request"
-        end
-
         if @admin_user.profile_photo
             @admin_user.profile_photo.destroy
         end
-- 
cgit v1.2.3