Merge branch 'small-changes' into 'main'

Small changes Closes #200 and #201 See merge request inject/backend!207

Merge branch 'small-changes' into 'main'
7ebd08be · Adam Parák · de55c235 · 4372f062 · 7ebd08be · 7ebd08be
Commit 7ebd08be authored 10 months ago by Adam Parák 💬
--- a/definitions/README.md
+++ b/definitions/README.md
@@ -191,8 +191,6 @@ field in the whole definition can only contain milestones defined in here. Each
   - A name can only contain alphanumeric characters and underscores (A-z, 0-9, and _ )
   - Variable names are case-sensitive (age, Age and AGE are three different variables)
   - A name must be continuous string -> a name can not contain spaces
- **team_visible**: _bool, default=False_ - Makes a milestone visible to trainees during the exercise. 
-They will be able to observe its status (whether it is reached by their team or not) in real time.
 - **roles**: _string, default=""_ - Usable only if roles are enabled. Works only if the milestone is marked as visible. 
 Defines, which roles will see the milestone. By default, all roles will see the milestone.
 - **file_names**: _string, default=""_ - Defines the name of a file from the definition. Multiple file names

--- a/exercise/views.py
+++ b/exercise/views.py
 from django.conf import settings
 from django.http import FileResponse
+from django.utils.decorators import method_decorator
+from django.views.decorators.csrf import ensure_csrf_cookie
 from rest_framework import parsers
 from rest_framework.response import Response
 from rest_framework.views import APIView
-from django.views.decorators.csrf import csrf_exempt

 from aai.models import Perms
 from aai.utils import protected, extra_protected, Check
@@ -29,7 +30,7 @@ class RetrieveExerciseLogsView(APIView):


 class BackendVersionView(APIView):
-    @csrf_exempt
+    @method_decorator(ensure_csrf_cookie)
    def get(self, request, *args, **kwargs):
        """
        Get the backend version

--- a/rolling-changelog.txt
+++ b/rolling-changelog.txt
@@ -40,3 +40,4 @@ feat: implement formatted welcome email and modify email sender, add DOMAIN env
 fix: update performance testing tools to the newest API
 fix: fix SendEmailInput authorization checks
 feat: addition of INJECT_SECRET_KEY env variable #141
+change: set csrf cookie for `/version` endpoint