My app has Users and accounts. Then there is the has_many though table called account_memberships on that table I have an admin attribute that is a boolean. Here is my question If a someone creates a user that has the admin attribute set to false how can I have them only see a particular page? Should I set some method in the application controller that I can use for a before_action?
Asked
Active
Viewed 40 times
1
Bitwise
- 8,021
- 22
- 70
- 161
-
Yes. :) Why don't you have a go at that and see how it goes. implement it naively at first, then improve it – Taryn East Dec 05 '16 at 00:06
-
What you are trying to do is Authorization. This [railscast](http://railscasts.com/episodes/192-authorization-with-cancan) is a little old, but can be useful - but you should use [CanCanCan](https://github.com/CanCanCommunity/cancancan) instead of CanCan, or see [Ruby Toolbox](https://www.ruby-toolbox.com/categories/rails_authorization), or just create your own [authorization from scratch](http://stackoverflow.com/questions/35120915/railscast-authorization-from-scratch-for-users). – TeWu Dec 05 '16 at 01:29
-
This [Pundit gem](https://github.com/elabs/pundit) may also help you. It is very easy to use. – Ed de Almeida Dec 05 '16 at 01:42