Hi all -
I've got my RESTful resource all setup. However, there is no editing or destroying allowed. What's the preferred way to disable those?
- remove the action? (don't like this idea) - redirect within the action skipping the actual edit/destroy call? - returning an error? (is there a standard here?)
Thanks!
-philip
remove the action (method) from the controller. if you don't want code to be executed, don't provide the code to execute.
def edit render '404.html' end
def destroy render '404.html' end
remove the action (method) from the controller. if you don't want code to be executed, don't provide the code to execute.
The drawback to this is that a RESTful client isn't going to get any
notification about why those actions/verbs don't work. It would be
nice to provide an error message of some sort "This functionality is
intentionally not enabled...." or something.
Doesn't look like there is a preferred way so I'll just roll my own.
Thanks for everyone's replies.
Hi,
According to the HTTP specs, when a particular request method isn't supported for a resource identified by a URI, server should return 405 HTTP code.
Wojtek
Aloha Philip,
We use:
def delete respond_to do |format| format.html raise(:method_not_allowed) format.xml {render :xml=>exception, :status=>405} end end
for any methods that aren't allowed. As Wojtek said, you are supposed to return a 405 on items that aren't allowed not a 404.
Best of luck,
DrMark