Skip to Content

Congratulations! You built a authorization system from scratch.

  1. The role column in the User model specifies a users’ role
  2. A method like def admin? and def editor? is created for business logic
  3. The require_editor and require_admin methods redirect to () if the current user is not an editor or admin.
  4. The before action acts a filter, calling require_editor or require_admin before excuting controller actions.
  5. The current_user method can be used in the views to display links based on the signed in user’s role.
Folder Icon

Sign up to start coding

Already have an account?