Congratulations! You built a authorization system from scratch.

  1. The role column in the User model specifies a users’ role
  2. A method like def admin? and def editor? is created for business logic
  3. The require_editor and require_admin methods redirect to () if the current user is not an editor or admin.
  4. The before action acts a filter, calling require_editor or require_admin before excuting controller actions.
  5. The current_user method can be used in the views to display links based on the signed in user’s role.

Sign up to start coding

Mini Info Outline Icon
By signing up for Codecademy, you agree to Codecademy's Terms of Service & Privacy Policy.

Or sign up using:

Already have an account?