Displaying 1 result from an estimated 1 matches for "user_record".
2006 Mar 16
6
Sessions or lookups?
My application needs to know if a user is an administrator, for security
and aesthetic reasons. At the moment, I store true/false in the session
by doing the following at login:
session[:user_is_admin] = authenticated_user.is_admin?
Is this OK to do? Or should I really be doing the following every time:
User.find(session[:user_id]).is_admin?
(user_id is always in the session too)
Is there