From 74d7db9fba41dd60686e95be0fa6e3e7bf18219e Mon Sep 17 00:00:00 2001
From: Matt-Yorkley <9029026+Matt-Yorkley@users.noreply.github.com>
Date: Fri, 10 May 2019 19:37:32 +0100
Subject: [PATCH] Allow unauthenticated access to enterprise API endpoints

---
 app/controllers/api/enterprises_controller.rb | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/app/controllers/api/enterprises_controller.rb b/app/controllers/api/enterprises_controller.rb
index 666eb0b034..39273be6a7 100644
--- a/app/controllers/api/enterprises_controller.rb
+++ b/app/controllers/api/enterprises_controller.rb
@@ -77,5 +77,12 @@ module Api
     def override_visible
       params[:enterprise][:visible] = false
     end
+
+    # Allows API access without a logged in user for actions in this controller.
+    # Actions that require authentication should all use #authorize!
+    # @current_api_user will now initialize an empty Spree::User unless one is present.
+    def requires_authentication?
+      false
+    end
   end
 end