Factories, Authentication, and Roles, oh my!

I’m pretty new to rails, but I’ve had many years programming in Java.
What I’m looking to find is the rails way of implementing some clean
way of controlling what the user sees based on the user’s role.

The Rails Recipes book has a nice clean implementation of user roles
and I’ve implemented that. What I want to avoid is stuff like

<% if user.admin? %>
show admin stuff
<% else %>
show normal user stuff
<% end %>

all over my code. I can think of a couple of ways to do it, but I feel
like I’d be reinventing the wheel and someone certainly has cracked
this nut and at least blogged it some where.

I’ve tried some Google searches, but it’s a hard problem to define in
few enough words to get good results.

Anyone know of any good references for this problem?

Well, the purpose of Helpers is to keep your views nice and DRY, so you
could make some helpers with common code that comes up because of this,
takes a user.

Your helpers still end up looking like this, though, so it’s not super
ideal, but you’ve at least pushed the ugly down as far as possible. I
haven’t found a better solution than that.

You can use a gem called declarative_authorization to clean this up
nicely. Its an implementation of rbac (role based access control for non
security types), which I’m pretty sure is what you need, … You can do:

If has_role(:admin?)
Show admin stuff
If permitted_to(:show, @stuff)
Show admin stuff

Sent via BlackBerry by AT&T

is there a way to combine those think with field-level security? i
think i saw once a plugin, but didnt need it at that time.