question re authlogic, all set up but now i'd ike to control access to a resource so only users who own that resource can control it, I figure I put this in the Advert controller - is this approach sound ?
I also specify that an admin (just a boolean controlled user) can edit everything... is it good ?
User, has many Adverts and Advert belongs to a User
Just about to implement this in a new app and wanted a second opinion.
cheers
bb