Restricting Edit and Delete in Ruby on Rails
- by phleet
I want to be able to edit and delete resources myself, but not allow users of the application to do so.
Is there an easy way of doing this in Rails?
An incomplete solution would be just to remove the "delete" and "edit" buttons from the index view, but that doesn't disable their ability to do so via direct HTTP requests.
Running Rails 2.2.2 and ruby 1.8.7