Skipping authorization for certain methods
Posted
by mathee
on Stack Overflow
See other posts from Stack Overflow
or by mathee
Published on 2010-04-25T17:51:05Z
Indexed on
2010/04/25
17:53 UTC
Read the original article
Hit count: 163
Per the Agile Development book, I have an Admin
MVC that controls how users log in. In ApplicationController
, I have a before_filter
that checks for authorization. So, this will check that the user has logged in for every page.
The problem is that I want everyone to be able to access the new
method, for example, in Users (that is, anyone should be able to create a new user -- naturally! Only admin users should have access to the other methods in UsersController such as edit
, etc.). What's the best way to do that?
© Stack Overflow or respective owner