RE: What is best way to show only records belonging to logge

When I do this, I store the after a successful login. user’s id in
session. My controller actions pass that id into the find method

@tasks = Task.find_all_by_user_id(session[:user_id])

The session would have to be hacked in order for that to be broken. It’s
been secure enough for me.