Reputation: 249
I am new to rails
I have users sign up and log-in to rails app. However I want to restrict a couple of views to just a few users that are designated admins.
Is there a way to do this with devise easily?
What would be the best way to do this?
Should I just add an is_admin row to the Users table and create a before filter or is there better way?
THanks
Upvotes: 0
Views: 126
Reputation:
Without using any gems, you really have two simple solutions.
The first is to add a boolean attribute to your User
model of admin
then set it to true or false to grant certain users access to different pages in your app.
The second is to create two separate Devise
models for User
and Admin
.
Upvotes: 1
Reputation: 21
The before filter checking on the User attribute will work. For more complex issues you can look at some authorization gems
CanCanCan which is a continuation or Ryan B.'s cancan.
or
The Role, which takes a slightly different approach.
I've used both and had no objections to either. Hope that helps!
Upvotes: 2
Reputation: 6095
If you are just wanting to limit a couple pages to admins your best bet is to just do the before filter in the controller to check if the user is admin. Also make sure in other areas of your app that you are permitting params properly for admin vs regular users.
If you need something more complex, look at the gem pundit.
Upvotes: 1