Skip to content

Instantly share code, notes, and snippets.

@mongrelion mongrelion/user.rb
Created Aug 25, 2011

Embed
What would you like to do?
User authorization in controller actions
class User < ActiveRecord::Base
# - Instance Methods -
def is_admin?
self.role.eql? 'admin'
end
end
class UserController < ApplicationController
before_filter :authorize_user!
def index
end
def edit
end
def show
end
# ...
private
def authorize_user!
redirect = true
if current_user
if current_user.is_admin?
redirect = false
else
flash[ :error ] = 'Unauthorized access!'
redirect = true
end
end
redirect_to root_path if redirect
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.