I want to link a model Tasks to a User properly, to make sure that only an authenticated user can access only the Tasks and dependent models that belong_to User and Task
My user model was generated using nifty authentication from Railscasts' Ryan B
I'm having a lot of trouble finding a guide on how to set up these views to be secure.
Any suggestions SO?
I think you are looking for an authorization solution. If this is a simple app, you should set up your controllers to return only tasks belong to the user like so:
@tasks = current_user.tasks
Presumably you have a has_many association set up on your User model. If you do this for all your controllers, they will be scoped to your user, so you don't have to worry about authorization.
If you are looking for a more complex solution, look towards something like cancan.
