Skipping authorization for certain methods

Posted by mathee on Stack Overflow See other posts from Stack Overflow or by mathee
Published on 2010-04-25T17:51:05Z Indexed on 2010/04/25 17:53 UTC
Read the original article Hit count: 163

Per the Agile Development book, I have an Admin MVC that controls how users log in. In ApplicationController, I have a before_filter that checks for authorization. So, this will check that the user has logged in for every page.

The problem is that I want everyone to be able to access the new method, for example, in Users (that is, anyone should be able to create a new user -- naturally! Only admin users should have access to the other methods in UsersController such as edit, etc.). What's the best way to do that?

© Stack Overflow or respective owner

Related posts about ruby-on-rails

Related posts about authorization