From 3ef9236388a47b4f0e0e25b9f3aacc6122f76813 Mon Sep 17 00:00:00 2001
From: Rick Barrette <rickbarrette@gmail.com>
Date: Fri, 2 Sep 2016 10:29:48 -0400
Subject: [PATCH] Update customers_controller.rb

---
 app/controllers/customers_controller.rb | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/app/controllers/customers_controller.rb b/app/controllers/customers_controller.rb
index 116da2d..07ec1e6 100644
--- a/app/controllers/customers_controller.rb
+++ b/app/controllers/customers_controller.rb
@@ -14,7 +14,8 @@ class CustomersController < ApplicationController
   
   include AuthHelper
   
-  before_filter :require_user
+  before_filter :require_user, :except => :view
+  skip_before_filter :verify_authenticity_token, :check_if_login_required, :only => [:view]
   
   default_search_scope :names
   
@@ -89,6 +90,16 @@ class CustomersController < ApplicationController
     end
   end
   
+  # Customer view for an issue
+  def view
+    token = CustomerToken.where("token = ? and expires_at > ?", params[:token], Time.now)
+    if token
+      render :partial => 'issues/show', locals: {issue: Issue.find token.issue_id}, :flash => {:notice => token.issue_id}
+    else
+      render :file => "public/401.html.erb", :status => :unauthorized, :layout =>true
+    end
+  end
+  
   private
   
   def only_one_non_zero?( array )