I have used before_filter in the passed at the class level but can it be
used in the method level.
For example, I want to refuse a non-admin type from being able to delete
anything in the entire application. Is there an easy way to do this?
On 10/24/07, Jimmy P. [email protected] wrote:
I have used before_filter in the passed at the class level but can it be
used in the method level.
You can use :only to apply the filter to specific actions in your
controller:
before_filter :require_admin_login, :only => [ :delete, :blah, :blech
]
is that what you’re after?
Bob S. wrote:
On 10/24/07, Jimmy P. [email protected] wrote:
I have used before_filter in the passed at the class level but can it be
used in the method level.You can use :only to apply the filter to specific actions in your
controller:before_filter :require_admin_login, :only => [ :delete, :blah, :blech
]is that what you’re after?
Yes! Thank you.
Now, is there a way to handle the denied request? So, if a non-admin
user trys to go to delete is there a way to universal respond with “you
don’t have access”?
Bob S. wrote:
On 10/24/07, Jimmy P. [email protected] wrote:
Now, is there a way to handle the denied request? So, if a non-admin
user trys to go to delete is there a way to universal respond with “you
don’t have access”?You can redirect or render from your filter (you should also return
false, but I don’t think that’s strictly required anymore if you
render or redirect).
AH! of course. Thanks for your help.
On 10/24/07, Jimmy P. [email protected] wrote:
Now, is there a way to handle the denied request? So, if a non-admin
user trys to go to delete is there a way to universal respond with “you
don’t have access”?
You can redirect or render from your filter (you should also return
false, but I don’t think that’s strictly required anymore if you
render or redirect).