search for: edit_profile

...I don''t think that it fits my needs. I rather thought about creating my own system, that does not validate controller/action pairs, but "real" roles and permissions. Semantic code: class profiles_controller < ApplicationController def edit if user.has_right ''EDIT_PROFILES'' or user.belongs_to ''ADMINS'' # do edit stuff else render :partial => ''permission_error'' end end end What do you think about that? Do I miss something or is it really better to create my own authentication system rather than us...

...using HTTP verbs. Each route is prefixed with its action, except for index. Example: map.facebook_resources :profiles Will give you the following named routes: new_profile POST /profiles/new profiles POST /profiles/index show_profile POST /profiles/:id/show create_profile POST /profiles/create edit_profile POST /profiles/:id/edit update_profile POST /profiles/:id/update destroy_profile POST /profiles/:id/destroy This is still very basic. No nested routes or singular resources yet. Shane -- http://myfitbuddy.com | http://shanesbrain.net | http://crimsonjet.com