security/installation issue?

[whartonn]

I've just installed the gem with rails 3.0 and I'm not sure why anyone can view data on my server.

even when I set up /config/initializers/admin_data.rb with:

AdminData.config do |config|
  config.is_allowed_to_view = false
  config.is_allowed_to_update = false
end

In rails console I see:

>> AdminData.config
=> #<AdminData::Configuration:0x000001068c6ac0 @number_of_records_per_page=50, @is_allowed_to_view=false, @is_allowed_to_update=false, @is_allowed_to_view_feed=nil, @find_conditions={}, @drop_down_for_associations=true, @columns_order={}, @column_headers={}, @column_settings={}, @adapter_name="SQLite", @ignore_column_limit=false>

..But still I can view and edit all the data.

Any idea what I might be doing wrong?
Many thanks!

[whartonn]

Ah, wait -- so if I understand this correctly, will I always be able to view/update on development, even if I set the above switches? If that is the case, then apologies for misreading the documentation. In production the restrictions seem to work! -Nat