- before_action :check_database_readable, :except => [:show, :data]
- before_action :check_database_writable, :only => [:create, :update, :destroy]
- before_action :authorize_web
+ before_action :check_api_writable, :only => [:create, :update, :destroy]