access denied only for some formats when accessing via api-key
2 views
Skip to first unread message
michael
unread,
May 12, 2010, 12:04:40 PM5/12/10
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to acl9-discuss
Hi,
a action to which access is controlled via acl9 responds to several
formats.
If accessing using a api-key (authlogic defaults) acl9 denies access
to some formats and to others not.
e.g. accessing .html or .json works but not for .xml or others (non
standardised).
If accessing via cookia authentication (or normal browsing) access is
(as defined) allowed in all necessary cases (but indifferent to the
format)...
has anybody exerienced similar problems?
as a followup questions: Is there a way to have different access rules
for different formats (whilst same action)?
thanks,
Michael
Sharad Jain
unread,
May 12, 2010, 1:13:54 PM5/12/10
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to acl9-d...@googlegroups.com
> as a followup questions: Is there a way to have different access rules
> for different formats (whilst same action)?
>
one way would be:
access_control do
actions :show do
allow Role::BATCH_JOB, :if => format_xml?
end
end
private
def format_xml?
params[:format] == "xml"
end