Let's say you have an InvitatationsController, which is responsible for managing invitations. it's not completely REST, because the way invitations work are not quite CRUD.
Anyway, these invitations are secured because want people who are already authenticated to send invitations to other users. However, the page that setups an account when a person is invited is NOT secure, and it also requires a different layout.
Is appropriate to merge all of these behaviours in the same InvitationsController, or is better to have a SecuredInvitationsController and a regular InvitationsController?
In Java, I'd split them... just because it was a hassle to configure it to use the same controller using annotations. Does the same logic apply in Rails, or should we keep it all together?
