From 824d14e793cb5f4b2d177bce56ccf9cce73e60f1 Mon Sep 17 00:00:00 2001
From: CalDescent <caldescent@protonmail.com>
Date: Fri, 19 Nov 2021 13:08:56 +0000
Subject: [PATCH] Removed unnecessary check for isApiRestricted() when
 previewing.

The API key authentication will be enough to restrict requests.
---
 src/main/java/org/qortal/api/resource/RenderResource.java | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/src/main/java/org/qortal/api/resource/RenderResource.java b/src/main/java/org/qortal/api/resource/RenderResource.java
index e1d691f5..230169af 100644
--- a/src/main/java/org/qortal/api/resource/RenderResource.java
+++ b/src/main/java/org/qortal/api/resource/RenderResource.java
@@ -70,12 +70,6 @@ public class RenderResource {
     @SecurityRequirement(name = "apiKey")
     public String preview(String directoryPath) {
         Security.checkApiCallAllowed(request);
-
-        // It's too dangerous to allow user-supplied filenames in weaker security contexts
-        if (Settings.getInstance().isApiRestricted()) {
-            throw ApiExceptionFactory.INSTANCE.createException(request, ApiError.NON_PRODUCTION);
-        }
-
         String name = null;
         Method method = Method.PUT;
         Compression compression = Compression.ZIP;