Camilo Cienfuegos wrote:
Hello,
I need help. I have an application that has two user types (A and B), each with their own model/table. User Type A can create information within their sub-domain account (I'm using account_location plugin for this). They have access to three controllers.
User Type B has no such powers. She can only browse the home-page and sub-domain accounts, and maybe, in the future , organise content for her own viewing.
I'm using some basic authentication for User Type A, with a before_filter in application.rb that determines account ID (from the sub-domain) and whether the appropriate user has logged in. For the home-page, I have a skip_before_filter for the application.rb authentication functions. So now, an anonymous user can access functions within the home-page controller in order to view content. How can I authenticate user type B so that she can have a few extra privileges than an anonymous user, throughout the homepage controller and another controller that will cater for viewing of sub-domain accounts, without interfering with User Type A authentication? Can I still use the application.rb for additional authentication functions for User Type B?
Thank you for your time.
Camilo Cienfuegos
-- Posted via http://www.ruby-forum.com/.
Couple of points here.
First, check to see if your user models are similar enough that you may actually want to use single table inheritance.
Second, take a look at the User/Login Engines. They allow you to define which actions a user can access based on their 'role'. This sounds a lot like what you are trying to do.
_Kevin