I personally use devise for authentication. With some simple code you
can roll your own authorization system.
You can use in your user table:
t.boolean :admin, :default => false
In your application controller:
helper_method :require_admin
def admin_user
if current_user && current_user.admin == true
end
end
def require_admin
unless current_user && current_user.admin
access_denied
end
end
def access_denied
redirect_to root_url
flash[:notice] = "Cannot access that page!"
end
Then use require_admin as a before filter in your controllers.
--
Posted via http://www.ruby-forum.com/.
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
