Your constraint is slightly wrong.

Unless you are settings "request.session[:token]" somewhere else in your
code, chances are it's going to be nil. What you most likely want to check
for is "request.params[:token]" which will match the token in the URL.

You also have it backwards. The constraint would currently only ALLOW
assets and admin. You need to negate that statement.

Fix those 2 issues and you should be in business.

You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To view this discussion on the web visit
To post to this group, send email to
To unsubscribe from this group, send email to
For more options, visit this group at

Search Discussions

Discussion Posts


Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 2 of 2 | next ›
Discussion Overview
grouprubyonrails-talk @
postedMar 5, '12 at 8:48p
activeMar 6, '12 at 1:08p

2 users in discussion

Greg Ma: 1 post Tim Shaffer: 1 post



site design / logo © 2022 Grokbase