I have created bills, which should be possible to open from admin, but not as a normal user. this bill pdf will be created after certain business process in app/assets/pdfs.
assets_pdf_url if user_signed_in?
Is it possible to restrict specific assets by some rule?
Store the restricted assets in some folder outside of the public folder, so they cannot be accessed just by visiting a URL, then create an action that uses send_file or send_data. That way you can wrap it up in whatever logic you want.
# in controller
def show
@bill = Bill.find(params[:id])
if user_signed_in?
send_file Rails.root.join('bill_pdfs',"#{@bill.id}.pdf")
else
redirect_to '/', :error => "Only logged in users may download"
end
end