I''ve successfully gotten acts_as_authenticated working. Currently the before_filter line for my admin screen is like this: class AdminController < ApplicationController include AuthenticatedSystem before_filter :login_required Only issue I have now is that anyone logged in can access that screen. I''d like to differentiate between a regular user and admin. I saw something in the recipe''s book but it''s not quite what I''m looking for. All I want is an extra check. If I create a new boolean field in my user database (call it is_admin), is there a way I can also have the before filter check to see if that field is true? What would be the correct syntax for that? Thanks.. Vince -- Posted via http://www.ruby-forum.com/.
Vince W. wrote:> I''ve successfully gotten acts_as_authenticated working. Currently the > before_filter line for my admin screen is like this: > > class AdminController < ApplicationController > > include AuthenticatedSystem > before_filter :login_required > > > Only issue I have now is that anyone logged in can access that screen. > I''d like to differentiate between a regular user and admin. I saw > something in the recipe''s book but it''s not quite what I''m looking for. > All I want is an extra check. > > If I create a new boolean field in my user database (call it is_admin), > is there a way I can also have the before filter check to see if that > field is true? What would be the correct syntax for that? > > Thanks.. > Vince > >Sounds like you need Ezra''s ACL plugin: http://brainspl.at/articles/2006/02/20/new-plugin-acl_system
> Sounds like you need Ezra''s ACL plugin:I''d rather not use a plugin just for something this simple.. I added this to my application.rb and added an extra check to my before_filter in the admin controller. def check_authorization user = User.find(session[:user]) unless user.level == 100 flash[:notice] = "you are not an admin" return false end end It works.. but the flash isn''t quite where I want it to be. I''ll keep playing around, but if anyone has a simple suggestion to improve it.. Thanks -- Posted via http://www.ruby-forum.com/.