Using the request/response cycle as a guide, here’s how authorization fits in:
What is a role? A role is a way to manage what parts of a site a user has access to. A user’s role is specified in the database.
Let’s begin building an authorization system by adding a
role column to the users table.
Open the migration file for the users table in db/migrate/, and add the following column:
Run the migration to update the database with the users table.