Newbie before_filter question


#1

I’ve successfully gotten acts_as_authenticated working. Currently the
before_filter line for my admin screen is like this:

class AdminController < ApplicationController

    include AuthenticatedSystem
    before_filter :login_required

Only issue I have now is that anyone logged in can access that screen.
I’d like to differentiate between a regular user and admin. I saw
something in the recipe’s book but it’s not quite what I’m looking for.
All I want is an extra check.

If I create a new boolean field in my user database (call it is_admin),
is there a way I can also have the before filter check to see if that
field is true? What would be the correct syntax for that?

Thanks…
Vince


#2

Vince W. wrote:

I’d like to differentiate between a regular user and admin. I saw

Sounds like you need Ezra’s ACL plugin:


#3

Sounds like you need Ezra’s ACL plugin:

I’d rather not use a plugin just for something this simple…

I added this to my application.rb and added an extra check to my
before_filter in the admin controller.

    def check_authorization
            user = User.find(session[:user])
            unless user.level == 100
            flash[:notice] = "you are not an admin"
            return false
    end
    end

It works… but the flash isn’t quite where I want it to be. I’ll keep
playing around, but if anyone has a simple suggestion to improve it…

Thanks