For example, GETing /hardware/players/by_screen/1.json without appropriate permissions does a 302 redirect to /users/sign_in. Better would be to detect that this is a non-interactive format and render a 403 with empty data instead.
Some research is needed to decide whether this should be done on a piecemeal basis or just made part of the exception handler in Concerto.
For example, GETing /hardware/players/by_screen/1.json without appropriate permissions does a 302 redirect to /users/sign_in. Better would be to detect that this is a non-interactive format and render a 403 with empty data instead.
Some research is needed to decide whether this should be done on a piecemeal basis or just made part of the exception handler in Concerto.