Maurício Linhares wrote: > Yes, this is very bad, if there's no "edit", "update" or "destroy" in > your controller Rails will just send a 404 back to the browser, it > won't do anything like letting your user do something you haven't > programmed yourself.
So, how do you block these specific actions? Do I have to force those specific actions to the index? For instance, anyone that types http://mydomain.com/rushing_offenses/new .. can access the new template .. I shouldn't have to edit the new.html.erb file to empty it out to fix this.. I just don't understand how this type of routing is supposed to be handled for cases where I simply don't want "anyone" accessing those items.. Also, if a user clicks on a link beyond the controller parameter: http://mydomain.com/rushing_offenses/goo (for instance) the following error is returned on my screen: ActiveRecord::RecordNotFound in Rushing offensesController#show I don't want errors like this to show for anyone. Is this just a development error response and not one that shows up in production? Thanks again. -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
