I have a Rails app that is a directory indexer. It passes the desired
directory path in the url.
There is a user table, and a permissions table (which contains the
volumes each user has permission to see). There is also a volume table,
which contains the available volumes, and a path table, which contains
the paths to every file available on the machine. [There are other
tables, but these seem most likely to be useful]
Each user has_many permissions.
There are many controllers that allow the user to act on files and
folders - view them, search them, etc. However, for everything a user
can do, the path needs to be checked to make sure he has access
Where should the “path checking” function go, and how should it be
called? Is it in the user model, or is it in the application controller,
or is it some place else (like a path model)?