Partial restriction on download method.

[Claas-Thido Pfaff]

I like to restrict the access in a download method in a dataset controller with authlogic and acl9. The download method at the moment is restricted to logged in users only. But now I like to have one format to be downloadable for everybody. The method looks like this:

    def download

    @dataset.log_download(current_user)

    respond_to do |format|

      format.html do

        send_file @dataset.generated_spreadsheet.path, :filename => "#{@dataset.filename}"

      end 

      format.csv do

        send_data @dataset.to_csv(params[:separate_category_columns] =~ /true/i), :type => "text/csv",

          :disposition => 'attachment', :filename => "#{@dataset.filename}.csv"

      end 

      format.eml do

        eml_file = render_to_string(params[:separate_category_columns], :template=>"datasets/show.eml")  

        send_data(eml_file, :type=>"text/xml", :disposition => 'attachment', :filename => "#{@dataset.id}.eml")  

      end 

    end 

    end 

The restriction rules with acl9 look like this

    access_control do

      allow all, :to => [:show, :index]

      actions :download

        allow logged_in

      end

    end

  

How coudl I achieve something like 

    access_control do

      allow all, :to => [:show, :index]

      actions :download

        allow logged_in ... (except format eml)

      end

    end

How can I do this properly? Any help would be appreciated.