We use the exception_logger gem (https://github.com/QuBiT/exception_logger) for capturing exceptions, cancan (https://github.com/ryanb/cancan) for authorization and devise (https://github.com/plataformatec/devise) for authentication.

 

So how do you secure your logged_exceptions page ?

1. In your production.rb add the following lines

 

   config.after_initialize do
    LoggedExceptionsController.class_eval do
      # include authentication and authorization before access 
      before_filter :authenticate_user!
      load_and_authorize_resource
      
      self.application_name = "Jqt"
    end
  end

2. Ensure your ability filed has the following entry for the role that can manage logged_exceptions 
  can [:manage], LoggedException

3.  Restart your server