-
:index,:show,:new,:edit
are the get routes - Levels: route (for everybody), controller (for some people)
- We always should review authorization for every action, not just hide the routes. But always, don't show people things they should not be able to see
For further actions, you may consider blocking this person and/or reporting abuse
Top comments (0)