Congratulations! You built a authorization system from scratch.

  1. The role column in the User model specifies a users' role
  2. A method like def admin? and def editor? is created for business logic
  3. The require_editor and require_admin methods redirect to () if the current user is not an editor or admin.
  4. The before action acts a filter, calling require_editor or require_admin before excuting controller actions.
  5. The current_user method can be used in the views to display links based on the signed in user's role.
Community Forums
Get help and ask questions in the Codecademy Forums
Report a Bug
If you see a bug or any other issue with this page, please report it here.