Learn
Authorization
Admin Role II

Great job! We now have a way to determine whether a user has an admin role on the site. Let’s add a few methods to the Application controller to make sure that users with the admin role can access specific parts of the site.

Instructions

1.

In the Application controller, create a method named require_admin.

2.

In the Recipes controller, create a before action that calls the require_admin method before running the destroy method.

3.

In app/views/recipes/show.html.erb, use the admin? method to display a delete link only if a user is an admin: 

<% if current_user && current_user.admin? %> 
  <p class="recipe-delete"><%= link_to "Delete", recipe_path(@recipe), method: "delete" %><p> 
<% end %>
4.

Try it out. Sign in as Freida with the email [email protected] and password Freida1. Then visit http://localhost:8000/recipes/1. You should see your delete link.

Folder Icon

Sign up to start coding

Already have an account?