I’m using the acts_as_authenticated plugin with a little app I wrote.
Everything works fine. I’m able to “signup” and use all the little
features. What I would like to do is be able to have each individual
user have access only to his or her own content. I just have two models;
User and Item. The User item is of course generated by the AAA plugin.
class Item < ActiveRecord::Base
class User < ActiveRecord::Base
Virtual attribute for the unencrypted password
#lots of omitted code
In my controller:
class ItemsController < ApplicationController
@item = Item.new
#other ommited code
How would I change my setup so that a user can only
create/update/delete/view only his or her own items and not someone
else’s? Any advice or resources pointed to is greatly appreciated.