… and built an request_error.html.erb file so that if anyone tried to
go elsewhere while within that controller it would toss them to the
request_error.html.erb file (but that’s not working)
I was trying to find more about RESTful routes but I’m just not finding
what I’m looking for.
… would automatically redirect back to the index for rushing_offenses
But, is this a bad thing to do this?
I basically don’t want anyone to be able to access
new/delete/edit/update etc… for specific model controllers. The model
controllers I’m referring to are those that just are available for
viewing…
I have the following in for generic error handling/requests :
So, when they enter anything that doesn’t below to a particular
controller or an invalid page they get redirected to a request_error
page. This handles invalid URLs on my site.
I understand that RESTful automatically creates the default views to
provide stateless viewing. In some cases, I just don’t see the need for
those particular views.
Again, I would appreciate a response from anyone who understands what
I’m trying to do and to provide a best practices method to ensure I’m
doing this process properly.
Yes, this is very bad, if there’s no “edit”, “update” or “destroy” in
your controller Rails will just send a 404 back to the browser, it
won’t do anything like letting your user do something you haven’t
programmed yourself.
Routing is just routing, it’s all about sending a message, it
doesn’t guarantee that there’s someone on the other side to receive
it.
Yes, this is very bad, if there’s no “edit”, “update” or “destroy” in
your controller Rails will just send a 404 back to the browser, it
won’t do anything like letting your user do something you haven’t
programmed yourself.
So, how do you block these specific actions?
Do I have to force those specific actions to the index?
Read about before_filters and how you can deny access to actions for
unauthorized users. You should definitely get a Rails book and read it
instead of just trying to force you way with the framework and the
language. Will avoid most of the common questions you’re having. The
best one around now is this →
Also, if a user clicks on a link beyond the controller parameter:
ActiveRecord::RecordNotFound in Rushing offensesController#show
I don’t want errors like this to show for anyone. Is this just a
development error response and not one that shows up in production?
That’s not the error the user will see in production. For this
specific error the page under public/500.html will be shown, this is a
development message only.
Yes, this is very bad, if there’s no “edit”, “update” or “destroy” in
your controller Rails will just send a 404 back to the browser, it
won’t do anything like letting your user do something you haven’t
programmed yourself.
So, how do you block these specific actions?
map.resources takes :only/:except options if you don’t want certain
things to be routed. You also delete the new template and action.
Also, if a user clicks on a link beyond the controller parameter:
ActiveRecord::RecordNotFound in Rushing offensesController#show
I don’t want errors like this to show for anyone. Is this just a
development error response and not one that shows up in production?
in production typically users just see a generic ‘something went
wrong’ page. if you want something different you can rescue the
exception and show something appropriate.
…
I basically don’t want anyone to be able to access
new/delete/edit/update etc… for specific model controllers. Â The model
controllers I’m referring to are those that just are available for
viewing…
If you really don’t want any access to new/delete etc then you can
just remove these actions from the controller and delete the view erb
files for those actions.
I’ll still look into the other suggestions and catch up on some reading.
Again, I appreciate the help.
I love reading but at the same time I love doing. I’ll start two
chapters and then my mind drifts and says ooh that’s a good idea… and I
try new things…
Thanks for helping me out with some of my newbish questions.
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.