Ruby On Rails Classroom image

prateek  darmwal / Professional / Web Technology

 
To post your Question Join Classroom
 
Lesson Topics's No:-  ||
Lessons:- Authorization

  Authorization

One nice effect of building the authentication machinery in Chapter 8 is that we are now in a position to implement authorization as well: Authentication allows us to identify users of our site, and authorization lets us control what they can do.

Although the edit and update actions from Section 9.1 are functionally complete, they suffer from a ridiculous security flaw: They allow anyone (even non-signed-in users) to access either action, and any signed-in user can update the information for any other user. In this section, we’ll implement a security model that requires users to be signed in and prevents them from updating any information other than their own. Users who aren’t signed in and who try to access protected pages will be forwarded to the signin page with a helpful message, as mocked up in Figure 9.5.

 

 

 

 
 
 
image
prateek  darmwal

Skills    Ruby On Rails

Qualifications :- High School - S.K.M. Sn. Sec. School, Haldwani, College/University - Graphic Era Hill University, Bhimtal,
Location :-Dehradun,Dehradun,Uttarakhand,India
Description:- I like to explore new technologies. I have skills in ruby on rails, php5, cakephp, jquery, javascript, html/css, java, c & c++. I love coding
Explore
 

  Students (0)