I’ve got several different user roles (i.e. admin, user, guest, …)
and have set up a bunch of controllers for each user role.
I’m trying to set up some sort of validation that the user accessing
e.g. the admin/subjects controller has the ‘admin’ role. The brute
force way to do this would be something like:
- for each controller, put in
if session[:user].role != ‘admin’
flash[:notice] = “You don’t have permission to access this”
redirect_to :controller => session[:user].role, :action => ‘home’
However, I don’t want to put this code in almost verbatim into about
35 controllers if I can avoid it.
Is there some way I can put this logic in one spot and then call it
from all controllers? In particular, I need to be able to determine
the role the user should have is ‘admin’ when he’s accessing the e.g.
‘admin/subjects’ or ‘admin/content’ controllers - the required role
will ALWAYS be prefix of the controller.
Thanks in advance