Your constraint is slightly wrong.

Unless you are settings "request.session[:token]" somewhere else in your
code, chances are it's going to be nil. What you most likely want to check
for is "request.params[:token]" which will match the token in the URL.

You also have it backwards. The constraint would currently only ALLOW
assets and admin. You need to negate that statement.

Fix those 2 issues and you should be in business.

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/tekiOBqzguYJ.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.

Search Discussions

Discussion Posts

Previous

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 2 of 2 | next ›
Discussion Overview
grouprubyonrails-talk @
categoriesrubyonrails
postedMar 5, '12 at 8:48p
activeMar 6, '12 at 1:08p
posts2
users2
websiterubyonrails.org
irc#RubyOnRails

2 users in discussion

Greg Ma: 1 post Tim Shaffer: 1 post

People

Translate

site design / logo © 2022 Grokbase