Admin and standard controllers RESTFully

Hello. I will appreciate the opinion.

What is the standard way of separating admin functions from normal- user functions?

before_filter in one controller?

Use two controllers, i.e. ProductController and Admin/ ProductController?

I want to use map.resources so RESTFul would be better.

I’m curious to this as well, as I am working on a RESTful site that needs to have admin-facing pages as well as end-user-facing pages.

I believe the “accepted” solution is to specify a specific layout if the user has administrative privileges - I’m guessing this would have to be done in the controller action, along the lines of:

def index

Snip… |format| format.html do render :layout => ‘admin’ if logged_in_user.is_admin? # Normal user stuff end end end

However, that seems a little crufty to me and not as DRY as it could be (“wet”?) - but I am relatively new to Rails so I don’t know if it would be easier to use a before_filter.

People, people, just make a separate namespace in routing and make some REST controllers in there. You'll thank yourself in the end. Trying to run multiple states through the same code paths (admin and user states) is just going to be a maintenance headache and will possibly eventually open security holes.

this was recently discussed on the list