if you are building athentication from scratch this method can be accessed by the controller and views by putting that method in the application_controller and adding
def current_user @current_user ||= User.find(session[:user_id]) if session[:user_id] end helper_method :current_user this will make it available to other controllers and views, session data is not accesible from the models. What you want to do is done with a before filter in the controller like this: at the top of the controllers you add before_filter :check_if_cool_enough at the bottom private def check_if_cool_enough if current_user.admin? flash[:notice] = "YOU ARE SOOO COOL" else flash[:error] = "omg, lol noob" redirect_to root_path end end -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk@googlegroups.com. To unsubscribe from this group, send email to rubyonrails-talk+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.