On 12 May 2013 14:38, Polly Hay <li...@ruby-forum.com> wrote: > Colin Law wrote in post #1108653: >> On 12 May 2013 14:09, Polly Hay <li...@ruby-forum.com> wrote: >> >> You obviously missed my request to not top post, so that it is easier >> to follow the thread. >> >>> >>> ---Part >> Since they both have to be authenticated then obviously there has to >> be at least a common table for the authentication data. >> >> Basically then you need to allow one sort of user to access certain >> controllers and methods and another sort of user to access a different >> set of controller methods. You can put this in the before filter >> where you do the authentication check. As well as checking that a >> user is logged in, check that it is the right sort of user. Probably >> the only place you need to check is in the before filters. >> >> Colin > > Sorry, yes I did miss your request to not top post. I have pressed reply > this time - I hope this is what you meant. > > I think you stand by your original suggestion - one User model belonging > to Team and with an Admin bool.
I think that is the way I would do it. By mentioning the before_filters I was pointing out there should be very few places where you should have to test. I mentioned the cancan gem earlier, I suggest you also have a look at that, it may be a bit of overkill but it is still worth looking at to see what it can do for you. Colin -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscr...@googlegroups.com. To post to this group, send email to rubyonrails-talk@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.