当尝试从不属于User的资源请求JSON时,尽管我在下面写了验证,但JSON显示为空括号,但状态返回为200 OK。我需要更改以响应401状态:
@requested_resource = params[:resource_id].to_i
@users_resources = Resource.owned_by(@current_user.id).collect {|s| s.id}
if @users_resources.include?(@requested_resource)
else
respond_to do |format|
format.json { render :json => [], :status => :unauthorized }
format.html { render :file => "public/401.html", :status => :unauthorized }
end
end
另外,我正在使用RABL ......
答案 0 :(得分:1)
让RoR为您玩游戏,使用redirect_to代替respond_to。 E.g:
redirect_to "public/401.html", :alert => "Please authorize", :status => :unauthorized