How to prevent URL tampering

Hi all,
I want to restrict the apllication access through URL without login. Means at present I am able to go any page in the application just by changing URL. For example after login into the application I am entering into employee_show page and for me it was restricted to access Employee_Edit page but If I change URL I can able to access employee_edit. Anyone can suggest how can I restrict this..

Venkat Gude.
Hi Venkat,

You should use roles to do so. Check out this video in our online training.
If you want to restrict access based on input parameters you will have to implement that logic in the screen preparation.


I didn't try this component, but probably can help you.