If the fields common to both types of users goes into a partial, then the regular user's view just renders that common partial. You can have the admin view show the admin-changeable fields, and include the common partial, giving the admin access to the generic user fields.
Two controllers, one for users, one for the admin. And to be paranoid, you can have the user controller scrub the params of fields that a regular user shouldn't be modifying before attempting the save. The model doing the validations should be doing the validations, so to speak. Shouldn't matter who edited the data, the rules are the rules. And after failing a validation or save, you should just (re)render the edit action, not redirect, as bill pointed out. -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
