On 14/07/2005, at 5:51 AM, Dave Roberts wrote:
> Hi everyone
> I''ve read the book "Agile Web Development using Ruby on
Rails" and was
> impressed. One thing the book didn''t teach me was when it is
proper
> to use a new controller, or add actions to an existing controller. I
> have a website: returnofsimple.com that I want to convert to
> RoR. I want the pages (Shows, News, Music) etc. to be read only to
> the public, but if an Administrator logs in, I want to re-use the same
> basic pages, but add a few edit/delete links here and there. What is
> a good way to set up Controllers and Actions to do this?
So it''s the same controller for each thing (eg news_controller is used
by both the public and admin users for news items), and you scatter
your views with conditionals for things that only admin users can see:
<% if @current_user.admin? %>
<%= link_to "new", :action=>"new"
<% end %>
Now, for actions that only admin users should have access to (like
edit, delete, new, etc), you create a before_filter (eg
"require_admin_user") and make sure that all protected actions use
this
before_filter, eg:
before_filter :require_admin_user, :only => [ :edit, :delete, :new ]
And require_admin_user() would check @current_user.admin? and redirect
to a login screen, error message, or whatever you like to protect those
actions from public users.
---
Justin French
justin.french-zULN+VWqVOIpAS55Wn97og@public.gmane.org
justin-xKtDo/uLHBtl57MIdRCFDg@public.gmane.org