You probably should need to use some permission management system, such as cancancan or pundit, with a roles system such as rolify to control who can do what.

In the majority of systems this is preferable to having an admin system and a user system (admins after all are only special users).


That way you can scope the resources so it only returns the users record if you are a user, or all records if you are an admin

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/d8ac6215-11ec-4cbc-8897-dc53ed8d26a1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Search Discussions

Discussion Posts

Previous

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 3 of 3 | next ›
Discussion Overview
grouprubyonrails-talk @
categoriesrubyonrails
postedJan 27, '16 at 7:25p
activeJan 29, '16 at 11:43p
posts3
users2
websiterubyonrails.org
irc#RubyOnRails

2 users in discussion

Martin: 2 posts Mike: 1 post

People

Translate

site design / logo © 2021 Grokbase