Thank you very much! It works! On May 25, 11:07 am, Frederick Cheung <[email protected]> wrote: > On May 25, 3:32 pm, Tomato <[email protected]> wrote: > > > > > > > > > > > private > > def authenticate_admin > > if current_user > > return current_user.admin? > > end > > end > > end > > > In the admin namespace controller: > > > class Admin::HomeController < ApplicationController > > before_filter :authenticate_admin > > ... > > end > > > But it didn't work here, I mean, I can still access backend with a > > user account even if the admin field of the account is false. > > Can somebody tell me why? > > Not familiar with devise, but your before filter isn't actually doing > anything. If the user isn't an admin then you probably want to > redirect them to a login page or show an 'access denied' template > > Fred > > > > > > > > > > > Thanks!
-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
