On Mon, Oct 8, 2012 at 6:59 AM, Walter Lee Davis <wa...@wdstudio.com> wrote: > By dealing with the model that represents current_user or its local > equivalent. The controller in question does not have to be the > UsersController by any means, as long as you have authenticated at some > point, and have a current_user somewhere in your application. Lots more here: > https://github.com/ryanb/cancan/wiki/Authorizing-Controller-Actions
You don't really need to authenticate since you can blanket deny based on new user. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk@googlegroups.com. To unsubscribe from this group, send email to rubyonrails-talk+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.