The system need to be access by two kind of person . local user (use that is in local network) and public user (user that access with domain name) How do i make my rail app to limit some of my url that access to controller for the public user?
Using two rails with same mysql database but different port and port forward one only? Limit some url to local user only? use apache instead of mongrel? But how?
The safest way would be to create two versions of the program, each listening only to the specific port and/or interface. But managing two applications instead of one might be too costly.
I suggest you inspect the request object, and decide which properties may be used to distinguish "internal" and "external" access.
In your controllers use a "before_filter" to grant or deny access.
You can do this a couple of ways:
Have a PublicBaseController and a LocalBaseController. Both inherit from ApplicationController
class LocalBaseController < ApplicationController
before_filter :local_only
protected
def local_only
return false unless request.local?
end
end
then later:
class AccountsController < LocalBaseController
def index
# will not execute unless it is local
end
end
This is a good writeup, albeit slightly old, about how Rails decides if a request is local.