Displaying 1 result from an estimated 1 matches for "redirect_to_somewhere".
2008 Dec 19
3
Recommended way of restricting action permissions?
...re''s how I currently do it:
## User has many resources, of different types
------- resource_controller.rb -------
before_filter :require_ownership, :only => [:edit, :update, :destroy]
... public actions ...
protected
def require_ownership
@resource = Resource.find(params[:id])
redirect_to_somewhere unless owns?(@resource)
end
------- application.rb -------
def owns?(resource)
resource.user_id == @current_user.id
end
... And I apply this before_filter in the controller of any resource
I''d like to restrict in a similar way. I''m new to Rails and MVC so
I''m just w...