I''ve successfully gotten acts_as_authenticated working. Currently the
before_filter line for my admin screen is like this:
class AdminController < ApplicationController
include AuthenticatedSystem
before_filter :login_required
Only issue I have now is that anyone logged in can access that screen.
I''d like to differentiate between a regular user and admin. I saw
something in the recipe''s book but it''s not quite what
I''m looking for.
All I want is an extra check.
If I create a new boolean field in my user database (call it is_admin),
is there a way I can also have the before filter check to see if that
field is true? What would be the correct syntax for that?
Thanks..
Vince
--
Posted via http://www.ruby-forum.com/.
Vince W. wrote:> I''ve successfully gotten acts_as_authenticated working. Currently the > before_filter line for my admin screen is like this: > > class AdminController < ApplicationController > > include AuthenticatedSystem > before_filter :login_required > > > Only issue I have now is that anyone logged in can access that screen. > I''d like to differentiate between a regular user and admin. I saw > something in the recipe''s book but it''s not quite what I''m looking for. > All I want is an extra check. > > If I create a new boolean field in my user database (call it is_admin), > is there a way I can also have the before filter check to see if that > field is true? What would be the correct syntax for that? > > Thanks.. > Vince > >Sounds like you need Ezra''s ACL plugin: http://brainspl.at/articles/2006/02/20/new-plugin-acl_system
> Sounds like you need Ezra''s ACL plugin:I''d rather not use a plugin just for something this simple.. I added this to my application.rb and added an extra check to my before_filter in the admin controller. def check_authorization user = User.find(session[:user]) unless user.level == 100 flash[:notice] = "you are not an admin" return false end end It works.. but the flash isn''t quite where I want it to be. I''ll keep playing around, but if anyone has a simple suggestion to improve it.. Thanks -- Posted via http://www.ruby-forum.com/.