def permission_denied respond_to do |format| format.html do #Put your domain name here ex. http://www.example.com domain_name = "http://www.ndthub.com" http_referer = session[:refer_to] if http_referer.nil? store_referer http_referer = ( session[:refer_to] || domain_name ) end flash[:error] = "You don't have permission to complete that action." #The [0..20] represents the 21 characters in http://localhost:3000 #You have to set that to the number of characters in your domain name if http_referer[0..20] != domain_name session[:refer_to] = nil redirect_to root_path else redirect_to_referer_or_default(root_path) end end format.xml do headers["Status"] = "Unauthorized" headers["WWW-Authenticate"] = %(Basic realm="Web Password") render :text => "You don't have permission to complete this action.", :status => '401 Unauthorized' end end end
From novice to tech pro — start learning today.