I've pastied my entire baby names controller - yes it's me again, the baby names man - getting excited but of course the thing needs to be secured before it's properly public! Would be really grateful for some help here as I believe this can be simplified / improved but I can't quite get my head around the logic.
In the first instance I'd like to secure everything so that only the people who created the lists can see em' or do anything with em' - I may allow no logged in users access to certain views later, but not until later. General improvements/refactor required + do I need to secure the sort methods? routes are this - I should comment out lines 58/59 right ? the default routes. http://pastie.org/1076934 models http://pastie.org/1076943 Most importantly the baby_names controller where I'm looking for help with the authorisation method Especially lines 104 to 119, is it the right thing to do and can it be simplified - I'm aware that authorisation should be the 1st filter as it stops the app having to do unnecessary work. Here's the controller as it stands http://pastie.org/1076947 -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
