Security: Class method disallows but the create link is still displayed on top of list
9 views
Skip to first unread message
Schlinge
Sep 11, 2012, 8:06:57 AM9/11/12
to actives...@googlegroups.com
I am using AS Security methods to restrict actions for users that are not authorized.
I implemented this class method in my model:
class MyModel < ActiveRecord::Base
# ...
protected
def self.authorized_for_create?
false
end
end
Although MyModel is acting like expected in the rails console:
1.9.3p194 :001 > MyModel.authorized_for_create?
=> false
The create link on top of the list is still being rendered (which is not what i expected).
When i click it, a 401 Unauthorized Error is logged in the server output.
Is it a bug or do i miss something out?
Any ideas? Anybody?
I implemented this class method in my model:
class MyModel < ActiveRecord::Base
# ...
protected
def self.authorized_for_create?
false
end
end
Although MyModel is acting like expected in the rails console:
1.9.3p194 :001 > MyModel.authorized_for_create?
=> false
The create link on top of the list is still being rendered (which is not what i expected).
When i click it, a 401 Unauthorized Error is logged in the server output.
Is it a bug or do i miss something out?
Any ideas? Anybody?
Reply all
Reply to author
Forward
0 new messages