Rails, Ruby Not Showing Status Unauthorized - Syntax Issue

Question

When trying to request JSON from a resource not owned by a User, despite the validation I wrote below, the JSON shows up as empty brackets, but the status comes back as 200 OK. What do I need to change to respond with a 401 status:

    @requested_resource = params[:resource_id].to_i
    @users_resources = Resource.owned_by(@current_user.id).collect {|s| s.id}
    if @users_resources.include?(@requested_resource)

    else
      respond_to do |format|
        format.json { render :json => [], :status => :unauthorized }
        format.html { render :file => "public/401.html", :status => :unauthorized }
      end
    end

Also, I am using RABL...

Aleksei Matiushkin · Answer 1 · 2013-04-08T03:59:53.743

1

Let RoR play the game for you, use redirect_to instead of respond_to. E.g.:

redirect_to "public/401.html", :alert => "Please authorize", :status => :unauthorized

edited Apr 08 '13 at 03:59

answered Apr 08 '13 at 03:41

Aleksei Matiushkin

119,336
10
100
160

Switching to redirect_to results in a 304 Not Modified Status. – ac360 Apr 08 '13 at 03:53
Hmmm, with your new answer the status goes back to 200 OK. It must be either the IF Statement or the fact that I'm using RABL – ac360 Apr 08 '13 at 04:04
In fact, RABL shouldn’t bring smth to redirection. Maybe [this](http://stackoverflow.com/questions/10041838/how-to-remove-html-redirection-in-devise-authenticate-user) would help you? – Aleksei Matiushkin Apr 08 '13 at 04:11

Rails, Ruby Not Showing Status Unauthorized - Syntax Issue

1 Answers1