The authorization works nicely, but when a user accesses an action/controller that they don't have access to, they see:
You are not allowed to access this action
The page is blank.
How do I c开发者_高级运维ustomize what the user sees ? Either by replacing the message altogether, to replacing the page with a new page altogether ?
How would I do this ?
Thanks.
To handle this, I added a permission_denied method in the ApplicationController:
def permission_denied
flash[:notice] = "Sorry, you are not authorized to access that page."
redirect_to root_url
end
See last section of this Railscast: http://asciicasts.com/episodes/188-declarative-authorization
精彩评论